Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 - Startmenü fehlerhaft und keine Windows updates

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.09.2014, 15:25   #1
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Hi,

Problem Nr.1:
ich bekomme seit einiger zeit schon keine Windows 7 Ultimate updates mehr.

Also ich geh aufm desktop auf start-systemsteuerung-system und sicherheit und dann auf windows update.dann klick ich auf "nach updates suchen". aber dann erscheint ne box und da
steht:

"Mit Windows Update kann derzeit nicht nach Updates gesucht werden,
da der Dienst nicht ausgeführt wird.Möglicherweise müssen sie den Computer neu starten."

Wenn ich den PC neu starte steht da genau dasselbe.
hab auch schon versucht von microsoft.com die updates manuell runterzuladen und dann stehen da updates zum downloaden bereit die ich noch nicht habe.dann lade ich sie.
dann will ich sie installieren aber dann erscheint ne box und da steht das ich die updates schon habe obwohl ich sie noch nicht habe

Problem Nr.2:
Wenn ich den pc neu starte und der desktop angezeigt wird dann öffnen
sich mehrere programme aufeinmal.früher aber nie,hab nix im startmenü eingestellt.
es sind diese programme:

Java Update Checker

DivX Setup

Bittorrent

und manchmal noch andere.

also ich klicke auf den java update checker in der taskleiste und dann auf update.
dann erscheint ne box und da steht drin:

Java kann nicht installiert werden.
In den folgenden Befehlszeilen-Switches sind
Fehler vorhanden "A*I*" und noch irgendsowelche zeichen.....
Stellen sie sicher das die befehle gültig sind,und
versuchen sie es nochmal.
Hier der Pfad wo die java datei ist:
C\:Program files\Java\lib\de...
hier der hinweis von comodo:
Auf DNS-RPC Dienst zugreifen
Hier das Ziel:
\RPC Control\DNS Resolver

wenn ich auf den bittorrent klicke downloaded und uploaded das programm
obwohl nix zum down oder uploaden in der liste steht.

und beim divx setup bleibt der pc hängen.

mein pc ist so lahm geworden,habt ihr auch noch ideen wie er schneller wird also wie ich meine festplatten bereinige oder sowas....
und ein virenscann mit "comodo internet security" und "malwarebytesantimalware" und "hijackthis" hab ich schon hinter mir,bringt aber nur wenig weil nachm pc neustart alles wieder blöd ist.


und dann hab ich noch ne letzte frage:

meine festplatte (C) ist 28.5 GB gross
meine festplatte (E) ist 18,6 GB gross
und die festplatte (H) ist 596 GB gross.

wie schaffe ich es jetzt das festplatte (H) mit (C) oder (E) die plätze tauscht
(C) ist ja standard und da wird ja das meiste gespeichert automatisch und bei manchen sachen kann man keinen speicherpfad angeben und dann hätte ich es am liebsten wenn alles automatisch auf (H) gespeichert wird.

und dann noch ne allerletzte frage:
ich habe (H) mit Truecrypt verschlüsselt.
wenn ich jetzt die anderen auch noch verschlüssel stürzt dann irgendwas ab oder sowas

ich hoff ihr könnt mir helfen,mein pc ist erst 4 jahre alt und arbeitet so
als wäre er 10 jahre alt

MFG

Alt 27.09.2014, 16:06   #2
M-K-D-B
/// TB-Ausbilder
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!






Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 27.09.2014, 18:35   #3
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



danke für deine hilfe.
also hier als erstes die FRST.txt:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014
Ran by Plüming (administrator) on PLÜMING-PC on 27-09-2014 18:21:37
Running from C:\Users\Plüming\Downloads
Loaded Profiles: Plüming & UpdatusUser (Available profiles: Plüming & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10988176 2012-05-28] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM\...\Run: [vmware-tray.exe] => "H:\Program Files\Setups\vmware-tray.exe"
HKU\S-1-5-21-633634576-854393678-1960327611-1000\...\Run: [Google Update**.d<*>] => "C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\d'x"Ù"\", &h#\. ùû[\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\GoogleUpdate.exe" > <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-633634576-854393678-1960327611-1000\...\Run: [BitTorrent] => C:\Users\Plüming\AppData\Roaming\BitTorrent\BitTorrent.exe [1417048 2014-09-24] (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\..\Interfaces\{3860F474-5B69-428A-A1E7-8947840FB662}: [NameServer] 192.168.1.1,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694
FF NewTab: about:blank
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-26]

Chrome: 
=======
CHR HomePage: Default -> A7DFC7C678CF010D5063E4E10BA849D88884C0F8881BB687FC3F98F52235D772
CHR DefaultSearchKeyword: Default -> EDBB26270A8072B297BBDC25B42EFC63D9FD05577AFC5426BF01E46DFBA276E5
CHR DefaultSearchURL: Default -> D9F9DD74F4C8679A6EDD192DA50A5E78165EAF986E8274AE57EECD8C64A5E03C
CHR Plugin: (Shockwave Flash) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR CustomProfile: C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-08]
CHR Extension: (Google Wallet) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S2 SbieSvc; H:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [359128 2014-06-12] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-02-27] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437976 2014-06-12] (VMware, Inc.)
S2 VMAuthdService; "H:\Program Files\Setups\vmware-authd.exe" [X]
S2 VMwareHostd; "H:\Program Files\Setups\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\   \...\???\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [607168 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43728 2014-04-16] (COMODO)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43840 2014-02-27] (VMware, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-05-10] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [92656 2014-04-16] (COMODO)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [55848 2010-03-29] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
S3 SbieDrv; H:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2014-06-12] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2014-06-12] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26968 2014-06-12] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [24920 2014-06-12] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [66136 2014-06-12] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-02-22] (VMware, Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 18:21 - 2014-09-27 18:23 - 00011951 _____ () C:\Users\Plüming\Downloads\FRST.txt
2014-09-27 18:21 - 2014-09-27 18:21 - 00000000 ____D () C:\FRST
2014-09-27 18:20 - 2014-09-27 18:20 - 01100288 _____ (Farbar) C:\Users\Plüming\Downloads\FRST.exe
2014-09-26 09:15 - 2014-09-26 09:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\VMware
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Local\VMware
2014-09-17 20:01 - 2014-09-17 20:02 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 20:01 - 2014-09-17 20:01 - 00000751 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-17 20:01 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-17 20:01 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-17 20:01 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 19:34 - 2014-09-15 19:34 - 00000000 ____D () C:\Users\Pl%C3%BCming
2014-09-15 19:30 - 2014-09-15 19:30 - 00000000 ____D () C:\Users\Plüming\Documents\Electronic Arts
2014-09-08 19:46 - 2014-09-08 19:46 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MakeTorrent 2.lnk
2014-09-03 17:51 - 2014-09-03 18:06 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Origin
2014-09-03 17:47 - 2014-09-03 17:47 - 00000662 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 17:47 - 2014-09-03 17:47 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 17:17 - 2014-09-03 17:19 - 00000000 ____D () C:\Users\Plüming\Documents\MOHW
2014-09-03 17:16 - 2014-09-03 17:16 - 00000925 _____ () C:\Users\Plüming\Desktop\MOHW.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 18:20 - 2012-06-21 14:09 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-09-27 18:04 - 2013-06-10 14:05 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA.job
2014-09-27 17:29 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 17:29 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 14:22 - 2014-08-16 16:32 - 00000000 ____D () C:\ProgramData\VMware
2014-09-27 14:22 - 2014-02-04 10:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-27 14:22 - 2012-06-21 15:25 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\BitTorrent
2014-09-27 14:22 - 2012-06-20 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-27 14:22 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-27 14:22 - 2009-07-14 06:39 - 00078427 _____ () C:\Windows\setupact.log
2014-09-26 17:17 - 2012-07-12 18:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-26 17:17 - 2012-07-12 18:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-26 17:02 - 2013-06-10 14:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-26 10:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-26 09:00 - 2012-06-20 17:47 - 01796395 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 21:12 - 2013-06-10 14:05 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core.job
2014-09-25 21:07 - 2013-06-10 14:07 - 00002328 _____ () C:\Users\Plüming\Desktop\Google Chrome.lnk
2014-09-18 19:48 - 2012-06-21 13:59 - 01547648 _____ () C:\Windows\PFRO.log
2014-09-15 22:01 - 2012-06-20 18:08 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-15 19:56 - 2012-09-16 13:14 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-09-14 18:22 - 2013-08-05 17:29 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\vlc
2014-09-03 19:27 - 2012-09-16 13:46 - 00000000 ____D () C:\ProgramData\Origin
2014-09-03 18:06 - 2012-11-13 21:57 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\Origin
2014-09-03 17:47 - 2012-09-16 13:46 - 00002696 _____ () C:\Windows\KB893803v2.log
2014-09-03 17:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
ZeroAccess:
C:\Users\Plüming\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install

Some content of TEMP:
====================
C:\Users\Plüming\AppData\Local\Temp\CloudBackup94.exe
C:\Users\Plüming\AppData\Local\Temp\comver.dll
C:\Users\Plüming\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.3.exe
C:\Users\Plüming\AppData\Local\Temp\GUR63D.exe
C:\Users\Plüming\AppData\Local\Temp\jre-8u11-windows-au.exe
C:\Users\Plüming\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0000.EXE
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0001.EXE
C:\Users\Plüming\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2014-09-26 17:37

==================== End Of Log ============================
         
--- --- ---










und hier die Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2014
Ran by Plüming at 2014-09-27 18:23:58
Running from C:\Users\Plüming\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
ArcaniA - Fall of Setarrif (HKLM\...\{BA1F2D65-B22F-47C7-A3D0-A7827DF20272}_is1) (Version: - Nordic Games GmbH)
ArcaniA - Gothic 4 (HKLM\...\{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1) (Version: - Nordic Games GmbH)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.34026 - BitTorrent Inc.)
COMODO Internet Security Premium (HKLM\...\{40F962CF-3C1E-44EB-A319-5590BEEB90CF}) (Version: 6.3.35694.2953 - COMODO Security Solutions Inc.)
Die Sims - Tierisch gut drauf (HKLM\...\{7C32C567-DC0F-4C80-B06C-7873850A2E06}) (Version: - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
Freemake Video Converter Version 4.1.4 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
FuzeZip (HKCU\...\FuzeZip) (Version: 1.0.0.135055 - Koyote-Lab Inc.) <==== ATTENTION
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
IsoBuster 3.1 (HKLM\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.250 - Oracle)
Java 8 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 10 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170100}) (Version: 1.7.0.100 - Oracle)
Java SE Development Kit 7 Update 9 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java SE Development Kit 8 Update 5 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
Java(TM) SE Development Kit 6 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
MakeTorrent v2.1 (HKLM\...\MakeTorrent 2) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor Allied Assault (HKLM\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )
Medal of Honor Allied Assault(tm) Breakthrough (HKLM\...\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}) (Version: - )
Medal of Honor Allied Assault(tm) Breakthrough v2.40 Patch (HKLM\...\{DF9046D6-5F1F-40B6-9782-3DC2D902D391}) (Version: - )
Medal of Honor Allied Assault(tm) Spearhead (HKLM\...\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}) (Version: - )
Medal of Honor Warfighter Update.v322991-=AviaRa=- 1.00 (HKLM\...\Medal of Honor Warfighter Update.v322991-=AviaRa=- 1.00) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nero Burning ROM (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero BurningROM 12 (HKLM\...\{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}) (Version: 12.0.00300 - Nero AG)
Nero ControlCenter (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.18100 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
NVIDIA 3D Vision Controller-Treiber 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 296.10 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.10 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 296.10 (Version: 296.10 - NVIDIA Corporation) Hidden
NVIDIA Update 1.7.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.11 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.11 - NVIDIA Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.0.13.2135 - Electronic Arts, Inc.)
Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden
Project 64 version 2.1.0.1 (HKLM\...\Project 64_is1) (Version: 2.1.0.1 - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6649 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM\...\ResourceHacker_is1) (Version: - )
Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Shark007 Standard Codecs (HKLM\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.7.0 - Shark007)
SolveigMM Video Splitter (HKLM\...\SolveigMM Video Splitter 3.5.1210.2) (Version: 3.5.1210.2 - Solveig Multimedia)
tools-freebsd (Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-linux (Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-netware (Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-solaris (Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-windows (Version: 9.6.2.1895310 - VMware, Inc.) Hidden
tools-winPre2k (Version: 9.6.2.1895310 - VMware, Inc.) Hidden
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VMware Workstation (HKLM\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
Windows 7 Codec Pack 4.0.8 (HKLM\...\Windows 7 - Codec Pack) (Version: 4.0.8 - Windows 7 Codec Pack)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.124\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Chrome\Application\29.0.1547.66\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points =========================

26-09-2014 15:44:27 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2011-12-22 16:11 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F9B8CFF-F061-4A14-B6C5-0AA58B9D26E9} - \Funmoods No Task File <==== ATTENTION
Task: {2833E31A-C0F5-4A11-A66F-BEF58906042B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {45E1198F-B1FD-47B0-8C4F-6136711CD52A} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {518AF47E-699F-4AE7-91B3-158894CE3B5D} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {5FEEE692-DC86-4EE6-96F8-0B4C905E49F3} - System32\Tasks\Google Updater and Installer => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {84CC5C44-E251-440C-81A2-635686952744} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {95711075-8D2B-4F17-886B-8E2AC8E8FB19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {B138335C-3610-4940-A738-4B08AA364DBA} - System32\Tasks\YourFile Update => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {B3A21E1F-9523-495C-A238-03741631E149} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {BEDA4044-6DD7-42AB-8405-BAAB43A287AC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-03-18] (Oracle Corporation)
Task: {C8E1E350-F548-49BA-833E-506927311A3B} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {F0605A01-8BE3-4971-A4C8-5F47B52A99D0} - System32\Tasks\Google Update => C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\GoogleUpdate.exe
Task: {F9A41EB9-66E4-4E13-89D0-926CD892C1B9} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core.job => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA.job => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-26 09:15 - 2014-09-26 09:15 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-02-29 13:26 - 2012-02-29 13:26 - 00360768 _____ () C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2013-04-15 19:39 - 2013-04-15 19:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\startupreg: CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} => "C:\Users\PLMING~1\AppData\Local\Temp\cis4836.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
MSCONFIG\startupreg: COMODO => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
MSCONFIG\startupreg: CPA => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4

========================= Accounts: ==========================

Administrator (S-1-5-21-633634576-854393678-1960327611-500 - Administrator - Disabled)
Gast (S-1-5-21-633634576-854393678-1960327611-501 - Limited - Disabled)
Plüming (S-1-5-21-633634576-854393678-1960327611-1000 - Administrator - Enabled) => C:\Users\Plüming
UpdatusUser (S-1-5-21-633634576-854393678-1960327611-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2014 05:18:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x728
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/27/2014 02:24:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BitTorrent.exe, Version 7.9.2.34026 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a44

Startzeit: 01cfda4dbeec9e5e

Endzeit: 0

Anwendungspfad: C:\Users\Plüming\AppData\Roaming\BitTorrent\BitTorrent.exe

Berichts-ID: 1ffbc554-4641-11e4-86fe-005056c00008

Error: (09/26/2014 05:39:57 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/26/2014 08:53:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BitTorrent.exe, Version 7.9.2.34026 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ff8

Startzeit: 01cfd956528e6842

Endzeit: 31

Anwendungspfad: C:\Users\Plüming\AppData\Roaming\BitTorrent\BitTorrent.exe

Berichts-ID: d1d06ecd-4549-11e4-8b02-005056c00008

Error: (09/24/2014 05:51:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/16/2014 08:00:04 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/15/2014 10:02:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sims3Setup.exe, Version: 15.0.0.498, Zeitstempel: 0x482518da
Name des fehlerhaften Moduls: ISRT.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x482518ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x05003da0
ID des fehlerhaften Prozesses: 0x159c
Startzeit der fehlerhaften Anwendung: 0xSims3Setup.exe0
Pfad der fehlerhaften Anwendung: Sims3Setup.exe1
Pfad des fehlerhaften Moduls: Sims3Setup.exe2
Berichtskennung: Sims3Setup.exe3

Error: (09/15/2014 08:08:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sims3Setup.exe, Version: 15.0.0.498, Zeitstempel: 0x482518da
Name des fehlerhaften Moduls: ISRT.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x482518ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04bc3da0
ID des fehlerhaften Prozesses: 0x6c8
Startzeit der fehlerhaften Anwendung: 0xSims3Setup.exe0
Pfad der fehlerhaften Anwendung: Sims3Setup.exe1
Pfad des fehlerhaften Moduls: Sims3Setup.exe2
Berichtskennung: Sims3Setup.exe3

Error: (09/15/2014 07:52:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sims3Setup.exe, Version: 15.0.0.498, Zeitstempel: 0x482518da
Name des fehlerhaften Moduls: ISRT.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x482518ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04ba3da0
ID des fehlerhaften Prozesses: 0x8f8
Startzeit der fehlerhaften Anwendung: 0xSims3Setup.exe0
Pfad der fehlerhaften Anwendung: Sims3Setup.exe1
Pfad des fehlerhaften Moduls: Sims3Setup.exe2
Berichtskennung: Sims3Setup.exe3

Error: (09/15/2014 05:31:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (09/27/2014 02:22:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060

Error: (09/27/2014 02:22:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware Workstation Server" ist vom Dienst "VMware Authorization Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2

Error: (09/27/2014 02:22:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VMware Authorization Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/27/2014 02:22:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sandboxie Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/26/2014 10:35:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060

Error: (09/26/2014 10:35:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware Workstation Server" ist vom Dienst "VMware Authorization Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2

Error: (09/26/2014 10:35:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VMware Authorization Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/26/2014 10:35:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sandboxie Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/26/2014 05:18:02 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (09/26/2014 05:14:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060


Microsoft Office Sessions:
=========================
Error: (09/27/2014 05:18:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b72801cfda4fb10e1436C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll91eb8886-4659-11e4-86fe-92c82dfbbd4d

Error: (09/27/2014 02:24:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: BitTorrent.exe7.9.2.34026a4401cfda4dbeec9e5e0C:\Users\Plüming\AppData\Roaming\BitTorrent\BitTorrent.exe1ffbc554-4641-11e4-86fe-005056c00008

Error: (09/26/2014 05:39:57 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (09/26/2014 08:53:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: BitTorrent.exe7.9.2.34026ff801cfd956528e684231C:\Users\Plüming\AppData\Roaming\BitTorrent\BitTorrent.exed1d06ecd-4549-11e4-8b02-005056c00008

Error: (09/24/2014 05:51:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (09/16/2014 08:00:04 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (09/15/2014 10:02:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Sims3Setup.exe15.0.0.498482518daISRT.dll_unloaded0.0.0.0482518bac000000505003da0159c01cfd11bba361135C:\Users\PLMING~1\AppData\Local\Temp\{57EB1DA5-8910-4151-9D98-64FB2C67D874}\Sims3Setup.exeISRT.dll275dcbf1-3d13-11e4-867a-c5489b5e5de7

Error: (09/15/2014 08:08:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Sims3Setup.exe15.0.0.498482518daISRT.dll_unloaded0.0.0.0482518bac000000504bc3da06c801cfd10f3fe59276H:\neuer ordner\www.fusion-torrent.to_the_sims_3-razor1911_23street-ft\www.fusion-torrent.to_the_sims_3-razor1911_23street-ft\www.fusion-torrent.to_the_sims_3-razor1911_23street-ft\sims3iso\rzr-sim3\iso2\Sims3Setup.exeISRT.dll3f176ac7-3d03-11e4-867a-005056c00008

Error: (09/15/2014 07:52:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Sims3Setup.exe15.0.0.498482518daISRT.dll_unloaded0.0.0.0482518bac000000504ba3da08f801cfd10987f9def9H:\Neuer Ordner\www.fusion-torrent.to_The_Sims_3-Razor1911_23Street-FT\www.fusion-torrent.to_The_Sims_3-Razor1911_23Street-FT\www.fusion-torrent.to_The_Sims_3-Razor1911_23Street-FT\sims3iso\rzr-sim3\iso2\Sims3Setup.exeISRT.dll1b249866-3d01-11e4-867a-005056c00008

Error: (09/15/2014 05:31:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
Percentage of memory in use: 40%
Total physical RAM: 2047.12 MB
Available physical RAM: 1215.21 MB
Total Pagefile: 4094.23 MB
Available Pagefile: 2913.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:28.54 GB) (Free:2.22 GB) NTFS
Drive e: () (Fixed) (Total:18.62 GB) (Free:10.49 GB) NTFS
Drive h: () (Fixed) (Total:596.17 GB) (Free:536.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 18.6 GB) (Disk ID: 00000080)
Partition 1: (Active) - (Size=18.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 28.6 GB) (Disk ID: CE73B166)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=28.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.

==================== End Of Log ============================


vielleicht ist es auch einfach nur ne sicherheitslücke......
denn ich habe seit januar glaube ich schon kein windows 7 update mehr gemacht,weil
es ja halt nicht geht.
ich hoffe ihr könnt mir helfen.

MFG
__________________

Alt 28.09.2014, 12:53   #4
M-K-D-B
/// TB-Ausbilder
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Servus,


das wird wohl an der Malware auf deinem Rechner liegen.



Zitat:
Running from C:\Users\Plüming\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.




Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
M-K-D-B


Das Trojaner-Board unterstützen

Alt 28.09.2014, 17:44   #5
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



ok hier ist das logfile vomTDSSKiller:

Der scan hat ergeben das ich ein rootkit aufm rechner habe.
was soll ich als nächstes machen?





17:30:05.0242 0x0df4 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:30:09.0352 0x0df4 ============================================================
17:30:09.0352 0x0df4 Current date / time: 2014/09/28 17:30:09.0352
17:30:09.0352 0x0df4 SystemInfo:
17:30:09.0352 0x0df4
17:30:09.0352 0x0df4 OS Version: 6.1.7601 ServicePack: 1.0
17:30:09.0352 0x0df4 Product type: Workstation
17:30:09.0352 0x0df4 ComputerName: PLÜMING-PC
17:30:09.0352 0x0df4 UserName: Plüming
17:30:09.0352 0x0df4 Windows directory: C:\Windows
17:30:09.0352 0x0df4 System windows directory: C:\Windows
17:30:09.0352 0x0df4 Processor architecture: Intel x86
17:30:09.0352 0x0df4 Number of processors: 2
17:30:09.0352 0x0df4 Page size: 0x1000
17:30:09.0352 0x0df4 Boot type: Normal boot
17:30:09.0352 0x0df4 ============================================================
17:30:12.0532 0x0df4 KLMD registered as C:\Windows\system32\drivers\14421586.sys
17:30:13.0202 0x0df4 System UUID: {86A39647-016C-9C8B-8B2E-8158240F68FC}
17:30:14.0902 0x0df4 Drive \Device\Harddisk0\DR0 - Size: 0x4A817C800 ( 18.63 Gb ), SectorSize: 0x200, Cylinders: 0x97F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:30:14.0912 0x0df4 Drive \Device\Harddisk1\DR1 - Size: 0x728D84000 ( 28.64 Gb ), SectorSize: 0x200, Cylinders: 0x371F, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
17:30:14.0912 0x0df4 Drive \Device\Harddisk2\DR2 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x400, Cylinders: 0x9800, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:30:15.0312 0x0df4 ============================================================
17:30:15.0312 0x0df4 \Device\Harddisk0\DR0:
17:30:15.0312 0x0df4 MBR partitions:
17:30:15.0312 0x0df4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x253EA80
17:30:15.0312 0x0df4 \Device\Harddisk1\DR1:
17:30:15.0312 0x0df4 MBR partitions:
17:30:15.0312 0x0df4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:30:15.0312 0x0df4 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3913800
17:30:15.0312 0x0df4 \Device\Harddisk2\DR2:
17:30:15.0312 0x0df4 MBR partitions:
17:30:15.0312 0x0df4 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x2, BlocksNum 0x2542C156
17:30:15.0312 0x0df4 ============================================================
17:30:15.0342 0x0df4 C: <-> \Device\Harddisk1\DR1\Partition2
17:30:15.0402 0x0df4 E: <-> \Device\Harddisk0\DR0\Partition1
17:30:15.0402 0x0df4 ============================================================
17:30:15.0402 0x0df4 Initialize success
17:30:15.0402 0x0df4 ============================================================
17:32:22.0696 0x0db0 ============================================================
17:32:22.0696 0x0db0 Scan started
17:32:22.0696 0x0db0 Mode: Manual; SigCheck; TDLFS;
17:32:22.0696 0x0db0 ============================================================
17:32:22.0696 0x0db0 KSN ping started
17:32:25.0426 0x0db0 KSN ping finished: true
17:32:27.0826 0x0db0 ================ Scan system memory ========================
17:32:27.0826 0x0db0 System memory - ok
17:32:27.0826 0x0db0 ================ Scan services =============================
17:32:28.0046 0x0db0 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:32:28.0346 0x0db0 1394ohci - ok
17:32:28.0456 0x0db0 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:32:28.0476 0x0db0 ACPI - ok
17:32:28.0538 0x0db0 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:32:28.0768 0x0db0 AcpiPmi - ok
17:32:28.0858 0x0db0 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:32:28.0908 0x0db0 adp94xx - ok
17:32:28.0938 0x0db0 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:32:28.0968 0x0db0 adpahci - ok
17:32:28.0988 0x0db0 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:32:29.0008 0x0db0 adpu320 - ok
17:32:29.0048 0x0db0 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:32:29.0148 0x0db0 AeLookupSvc - ok
17:32:29.0228 0x0db0 [ 9EBBBA55060F786F0FCAA3893BFA2806, 2E5A0FA2995989E9391771024839F5AD040A041CEE56787286D8FC421E26FE90 ] AFD C:\Windows\system32\drivers\afd.sys
17:32:29.0488 0x0db0 AFD - ok
17:32:29.0548 0x0db0 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:32:29.0578 0x0db0 agp440 - ok
17:32:29.0628 0x0db0 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:32:29.0648 0x0db0 aic78xx - ok
17:32:29.0708 0x0db0 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
17:32:29.0818 0x0db0 ALG - ok
17:32:29.0868 0x0db0 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
17:32:29.0888 0x0db0 aliide - ok
17:32:29.0898 0x0db0 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:32:29.0918 0x0db0 amdagp - ok
17:32:29.0938 0x0db0 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
17:32:29.0948 0x0db0 amdide - ok
17:32:30.0008 0x0db0 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:32:30.0098 0x0db0 AmdK8 - ok
17:32:30.0128 0x0db0 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:32:30.0188 0x0db0 AmdPPM - ok
17:32:30.0258 0x0db0 [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:32:30.0378 0x0db0 amdsata - ok
17:32:30.0418 0x0db0 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:32:30.0448 0x0db0 amdsbs - ok
17:32:30.0488 0x0db0 [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:32:30.0618 0x0db0 amdxata - ok
17:32:30.0688 0x0db0 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
17:32:31.0028 0x0db0 AppID - ok
17:32:31.0088 0x0db0 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:32:31.0168 0x0db0 AppIDSvc - ok
17:32:31.0238 0x0db0 [ FB1959012294D6AD43E5304DF65E3C26, CFE906B07FF71A178CF9C254B056C6F5A303DDC511F0E4E1E75808F1D5326495 ] Appinfo C:\Windows\System32\appinfo.dll
17:32:31.0318 0x0db0 Appinfo - ok
17:32:31.0398 0x0db0 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:32:31.0508 0x0db0 AppMgmt - ok
17:32:31.0558 0x0db0 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:32:31.0588 0x0db0 arc - ok
17:32:31.0598 0x0db0 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:32:31.0628 0x0db0 arcsas - ok
17:32:31.0758 0x0db0 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:32:31.0878 0x0db0 aspnet_state - ok
17:32:31.0918 0x0db0 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:32:32.0088 0x0db0 AsyncMac - ok
17:32:32.0118 0x0db0 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
17:32:32.0138 0x0db0 atapi - ok
17:32:32.0218 0x0db0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:32:32.0428 0x0db0 AudioEndpointBuilder - ok
17:32:32.0488 0x0db0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:32:32.0538 0x0db0 Audiosrv - ok
17:32:32.0588 0x0db0 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:32:32.0818 0x0db0 AxInstSV - ok
17:32:32.0888 0x0db0 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:32:33.0018 0x0db0 b06bdrv - ok
17:32:33.0088 0x0db0 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:32:33.0128 0x0db0 b57nd60x - ok
17:32:33.0188 0x0db0 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
17:32:33.0278 0x0db0 BDESVC - ok
17:32:33.0318 0x0db0 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
17:32:33.0378 0x0db0 Beep - ok
17:32:33.0498 0x0db0 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
17:32:33.0728 0x0db0 BFE - ok
17:32:33.0768 0x0db0 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:32:33.0818 0x0db0 blbdrive - ok
17:32:33.0888 0x0db0 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:32:34.0048 0x0db0 bowser - ok
17:32:34.0088 0x0db0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:32:34.0218 0x0db0 BrFiltLo - ok
17:32:34.0218 0x0db0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:32:34.0278 0x0db0 BrFiltUp - ok
17:32:34.0338 0x0db0 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
17:32:34.0518 0x0db0 Browser - ok
17:32:34.0578 0x0db0 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:32:34.0678 0x0db0 Brserid - ok
17:32:34.0708 0x0db0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:32:34.0768 0x0db0 BrSerWdm - ok
17:32:34.0808 0x0db0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:32:34.0868 0x0db0 BrUsbMdm - ok
17:32:34.0928 0x0db0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:32:34.0978 0x0db0 BrUsbSer - ok
17:32:35.0028 0x0db0 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:32:35.0088 0x0db0 BTHMODEM - ok
17:32:35.0148 0x0db0 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
17:32:35.0218 0x0db0 bthserv - ok
17:32:35.0278 0x0db0 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:32:35.0358 0x0db0 cdfs - ok
17:32:35.0448 0x0db0 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:32:35.0598 0x0db0 cdrom - ok
17:32:35.0678 0x0db0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
17:32:35.0818 0x0db0 CertPropSvc - ok
17:32:35.0898 0x0db0 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:32:35.0948 0x0db0 circlass - ok
17:32:36.0018 0x0db0 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
17:32:36.0048 0x0db0 CLFS - ok
17:32:36.0138 0x0db0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:32:36.0168 0x0db0 clr_optimization_v2.0.50727_32 - ok
17:32:36.0220 0x0db0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:32:36.0390 0x0db0 clr_optimization_v4.0.30319_32 - ok
17:32:36.0420 0x0db0 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:32:36.0440 0x0db0 CmBatt - ok
17:32:36.0810 0x0db0 [ DFACF6F69457E3EE2CE81EDCB4693674, E04CA54BCF6C75C6382423A5BC965744E76EB67E6448C1094AD4C4DBE02670DB ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
17:32:36.0960 0x0db0 cmdAgent - ok
17:32:37.0020 0x0db0 [ D620158051DC6A9D65C863F6E7211F1E, 10442A8A887112795AB6B894F6F9AA1CC3FDF01A1B931211CFA89EDDFDC1014F ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
17:32:37.0150 0x0db0 cmderd - ok
17:32:37.0210 0x0db0 [ 368DFF8B4EBD9002EB428C45759C3117, 3E55C7F5D5D8F0ECB82FA6034020A40DF4532E699501A8FBE8441A9BD4F751E2 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
17:32:37.0390 0x0db0 cmdGuard - ok
17:32:37.0440 0x0db0 [ 7C34B6662CC5571648E97EFEA3A0A789, EA7D5C64865C1AA34AC0923CE271CB727D3DC47196729FF5070C5CE2671854F2 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
17:32:37.0550 0x0db0 cmdHlp - ok
17:32:37.0590 0x0db0 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:32:37.0610 0x0db0 cmdide - ok
17:32:37.0740 0x0db0 [ A665EF912EEFD99EA557C6AB35CA1021, D8B53E70DF25E036F02D3707CF18ED2980F42A99D655230A9F7804E5F5D4BAB4 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
17:32:37.0850 0x0db0 cmdvirth - ok
17:32:37.0910 0x0db0 [ 247B4CE2DAB1160CD422D532D5241E1F, CFE04DBE48B23B084C3F4C3D0F483B26F322E4693176D8739A412BE5D8BE597E ] CNG C:\Windows\system32\Drivers\cng.sys
17:32:37.0950 0x0db0 CNG - ok
17:32:38.0010 0x0db0 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:32:38.0030 0x0db0 Compbatt - ok
17:32:38.0060 0x0db0 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:32:38.0230 0x0db0 CompositeBus - ok
17:32:38.0260 0x0db0 COMSysApp - ok
17:32:38.0310 0x0db0 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:32:38.0330 0x0db0 crcdisk - ok
17:32:38.0410 0x0db0 [ 06E771AA596B8761107AB57E99F128D7, 877B990BCBD32B732471AC0DDDD87629F7B073F97BCAC844F11FAB205A9F8719 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:32:38.0630 0x0db0 CryptSvc - ok
17:32:38.0690 0x0db0 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
17:32:38.0950 0x0db0 CSC - ok
17:32:39.0020 0x0db0 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
17:32:39.0220 0x0db0 CscService - ok
17:32:39.0280 0x0db0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
17:32:39.0360 0x0db0 DcomLaunch - ok
17:32:39.0420 0x0db0 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
17:32:39.0500 0x0db0 defragsvc - ok
17:32:39.0570 0x0db0 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:32:39.0650 0x0db0 DfsC - ok
17:32:39.0740 0x0db0 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:32:39.0920 0x0db0 Dhcp - ok
17:32:39.0960 0x0db0 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
17:32:40.0020 0x0db0 discache - ok
17:32:40.0110 0x0db0 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:32:40.0130 0x0db0 Disk - ok
17:32:40.0190 0x0db0 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:32:40.0340 0x0db0 Dnscache - ok
17:32:40.0400 0x0db0 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
17:32:40.0590 0x0db0 dot3svc - ok
17:32:40.0680 0x0db0 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
17:32:40.0890 0x0db0 DPS - ok
17:32:40.0950 0x0db0 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:32:41.0000 0x0db0 drmkaud - ok
17:32:41.0090 0x0db0 [ 23F5D28378A160352BA8F817BD8C71CB, 11BF7B7E6276C28EFF74B8AF89B493CBB89B394D2A091708EDA15DA5C342FF19 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:32:41.0290 0x0db0 DXGKrnl - ok
17:32:41.0340 0x0db0 [ 22EF8965101685ADD128F03A2B03CE16, 677F7B32C7A45C26F2F0DB67FFB526E9742E4B3A8BEAEA7B814CBCA2F56D6D5A ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:32:41.0410 0x0db0 E1G60 - ok
17:32:41.0470 0x0db0 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
17:32:41.0520 0x0db0 EapHost - ok
17:32:41.0720 0x0db0 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:32:41.0990 0x0db0 ebdrv - ok
17:32:42.0040 0x0db0 [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] EFS C:\Windows\System32\lsass.exe
17:32:42.0130 0x0db0 EFS - ok
17:32:42.0230 0x0db0 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:32:42.0490 0x0db0 ehRecvr - ok
17:32:42.0540 0x0db0 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
17:32:42.0630 0x0db0 ehSched - ok
17:32:42.0710 0x0db0 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:32:42.0760 0x0db0 elxstor - ok
17:32:42.0800 0x0db0 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:32:42.0850 0x0db0 ErrDev - ok
17:32:42.0940 0x0db0 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
17:32:43.0020 0x0db0 EventSystem - ok
17:32:43.0060 0x0db0 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
17:32:43.0140 0x0db0 exfat - ok
17:32:43.0180 0x0db0 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:32:43.0260 0x0db0 fastfat - ok
17:32:43.0350 0x0db0 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
17:32:43.0620 0x0db0 Fax - ok
17:32:43.0670 0x0db0 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:32:43.0740 0x0db0 fdc - ok
17:32:43.0810 0x0db0 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
17:32:43.0880 0x0db0 fdPHost - ok
17:32:43.0920 0x0db0 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
17:32:43.0990 0x0db0 FDResPub - ok
17:32:44.0030 0x0db0 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:32:44.0050 0x0db0 FileInfo - ok
17:32:44.0080 0x0db0 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:32:44.0160 0x0db0 Filetrace - ok
17:32:44.0190 0x0db0 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:32:44.0240 0x0db0 flpydisk - ok
17:32:44.0310 0x0db0 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:32:44.0340 0x0db0 FltMgr - ok
17:32:44.0430 0x0db0 [ FA6C66E4364D7DA57AADE5DCC03BB999, 9C0D0A04D2558CF60B7F7185CC9B369CDDD3B1C625960910CECF07611F288378 ] FontCache C:\Windows\system32\FntCache.dll
17:32:44.0680 0x0db0 FontCache - ok
17:32:44.0770 0x0db0 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:32:44.0790 0x0db0 FontCache3.0.0.0 - ok
17:32:44.0800 0x0db0 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:32:44.0820 0x0db0 FsDepends - ok
17:32:44.0860 0x0db0 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:32:45.0000 0x0db0 Fs_Rec - ok
17:32:45.0070 0x0db0 [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:32:45.0240 0x0db0 fvevol - ok
17:32:45.0300 0x0db0 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:32:45.0330 0x0db0 gagp30kx - ok
17:32:45.0380 0x0db0 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
17:32:45.0590 0x0db0 gpsvc - ok
17:32:45.0660 0x0db0 [ 3F40FA664309ED1CCC3592636A94DDF4, D241BD7FA97F1DA8E7A781535CCBF004D15DCABA7EFDC09EA97D5E549D85B41A ] hcmon C:\Windows\system32\drivers\hcmon.sys
17:32:45.0680 0x0db0 hcmon - ok
17:32:45.0730 0x0db0 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:32:45.0810 0x0db0 hcw85cir - ok
17:32:45.0870 0x0db0 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:32:46.0070 0x0db0 HdAudAddService - ok
17:32:46.0130 0x0db0 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:32:46.0190 0x0db0 HDAudBus - ok
17:32:46.0240 0x0db0 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:32:46.0300 0x0db0 HidBatt - ok
17:32:46.0350 0x0db0 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:32:46.0410 0x0db0 HidBth - ok
17:32:46.0450 0x0db0 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:32:46.0510 0x0db0 HidIr - ok
17:32:46.0560 0x0db0 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
17:32:46.0640 0x0db0 hidserv - ok
17:32:46.0740 0x0db0 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:32:46.0850 0x0db0 HidUsb - ok
17:32:46.0920 0x0db0 [ CE77439BAF613019D6B7658292D1E4A6, EF0BCD841FB884F409102DED41EEB4B9E093B3B2FF9C2D932CE581767D892007 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys
17:32:47.0040 0x0db0 hitmanpro37 - ok
17:32:47.0080 0x0db0 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
17:32:47.0230 0x0db0 hkmsvc - ok
17:32:47.0300 0x0db0 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:32:47.0490 0x0db0 HomeGroupListener - ok
17:32:47.0540 0x0db0 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:32:47.0730 0x0db0 HomeGroupProvider - ok
17:32:47.0790 0x0db0 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:32:47.0810 0x0db0 HpSAMD - ok
17:32:47.0870 0x0db0 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:32:48.0090 0x0db0 HTTP - ok
17:32:48.0130 0x0db0 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:32:48.0250 0x0db0 hwpolicy - ok
17:32:48.0290 0x0db0 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:32:48.0350 0x0db0 i8042prt - ok
17:32:48.0410 0x0db0 [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:32:48.0590 0x0db0 iaStorV - ok
17:32:48.0700 0x0db0 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:32:48.0980 0x0db0 idsvc - ok
17:32:49.0040 0x0db0 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:32:49.0060 0x0db0 iirsp - ok
17:32:49.0160 0x0db0 [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT C:\Windows\System32\ikeext.dll
17:32:49.0370 0x0db0 IKEEXT - ok
17:32:49.0440 0x0db0 [ 5F83E9EE7BD099FA34660C2A91FBD3AC, 72DEBE271B920761E5F2D30BC4B78565D93467078BFC71EED93ED7453B337C35 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
17:32:49.0560 0x0db0 inspect - ok
17:32:49.0780 0x0db0 [ 2D6E527B8BE62FB0223DA0C2D9C75B45, 1BD1EC9EE954470853BEDC5198BCDC09A8D2AEA855D07CF303456E51BFA070F1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:32:49.0960 0x0db0 IntcAzAudAddService - ok
17:32:50.0000 0x0db0 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
17:32:50.0010 0x0db0 intelide - ok
17:32:50.0070 0x0db0 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:32:50.0090 0x0db0 intelppm - ok
17:32:50.0130 0x0db0 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:32:50.0210 0x0db0 IPBusEnum - ok
17:32:50.0250 0x0db0 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:32:50.0290 0x0db0 IpFilterDriver - ok
17:32:50.0330 0x0db0 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:32:50.0490 0x0db0 IPMIDRV - ok
17:32:50.0530 0x0db0 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:32:50.0580 0x0db0 IPNAT - ok
17:32:50.0630 0x0db0 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:32:50.0700 0x0db0 IRENUM - ok
17:32:50.0740 0x0db0 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:32:50.0760 0x0db0 isapnp - ok
17:32:50.0810 0x0db0 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:32:50.0970 0x0db0 iScsiPrt - ok
17:32:51.0020 0x0db0 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:32:51.0040 0x0db0 kbdclass - ok
17:32:51.0080 0x0db0 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:32:51.0240 0x0db0 kbdhid - ok
17:32:51.0280 0x0db0 [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] KeyIso C:\Windows\system32\lsass.exe
17:32:51.0310 0x0db0 KeyIso - ok
17:32:51.0350 0x0db0 [ B7895B4182C0D16F6EFADEB8081E8D36, BAC3BAD22207C8826125FD7721C96F2C7A238960FD9398A3D4573E14648E9DB9 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:32:51.0370 0x0db0 KSecDD - ok
17:32:51.0420 0x0db0 [ D30159AC9237519FBC62C6EC247D2D46, 10BDE041C95D0CCD3591ED497002043FEC3A5F732D7AE311FBA457E0FE16CE4B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:32:51.0440 0x0db0 KSecPkg - ok
17:32:51.0490 0x0db0 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:32:51.0590 0x0db0 KtmRm - ok
17:32:51.0660 0x0db0 [ 14F63A275C1BFF4D35E02DE1127E8A85, 24CF342C24C66E9BFD3D7BC76D461048DB20FCA81C05162984290F4067957CC8 ] L1E C:\Windows\system32\DRIVERS\L1E62x86.sys
17:32:51.0680 0x0db0 L1E - ok
17:32:51.0730 0x0db0 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:32:51.0900 0x0db0 LanmanServer - ok
17:32:51.0960 0x0db0 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:32:52.0130 0x0db0 LanmanWorkstation - ok
17:32:52.0220 0x0db0 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:32:52.0260 0x0db0 lltdio - ok
17:32:52.0290 0x0db0 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:32:52.0330 0x0db0 lltdsvc - ok
17:32:52.0340 0x0db0 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:32:52.0410 0x0db0 lmhosts - ok
17:32:52.0480 0x0db0 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:32:52.0490 0x0db0 LSI_FC - ok
17:32:52.0510 0x0db0 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:32:52.0530 0x0db0 LSI_SAS - ok
17:32:52.0540 0x0db0 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:32:52.0560 0x0db0 LSI_SAS2 - ok
17:32:52.0570 0x0db0 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:32:52.0590 0x0db0 LSI_SCSI - ok
17:32:52.0610 0x0db0 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
17:32:52.0640 0x0db0 luafv - ok
17:32:52.0680 0x0db0 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:32:52.0810 0x0db0 Mcx2Svc - ok
17:32:52.0840 0x0db0 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:32:52.0850 0x0db0 megasas - ok
17:32:52.0900 0x0db0 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:32:52.0930 0x0db0 MegaSR - ok
17:32:52.0960 0x0db0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
17:32:53.0040 0x0db0 MMCSS - ok
17:32:53.0070 0x0db0 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
17:32:53.0140 0x0db0 Modem - ok
17:32:53.0210 0x0db0 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:32:53.0260 0x0db0 monitor - ok
17:32:53.0320 0x0db0 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:32:53.0340 0x0db0 mouclass - ok
17:32:53.0410 0x0db0 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:32:53.0470 0x0db0 mouhid - ok
17:32:53.0520 0x0db0 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:32:53.0660 0x0db0 mountmgr - ok
17:32:53.0740 0x0db0 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:32:53.0890 0x0db0 MozillaMaintenance - ok
17:32:53.0920 0x0db0 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
17:32:54.0040 0x0db0 mpio - ok
17:32:54.0100 0x0db0 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:32:54.0170 0x0db0 mpsdrv - ok
17:32:54.0230 0x0db0 [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:32:54.0430 0x0db0 MRxDAV - ok
17:32:54.0500 0x0db0 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:32:54.0730 0x0db0 mrxsmb - ok
17:32:54.0770 0x0db0 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:32:54.0970 0x0db0 mrxsmb10 - ok
17:32:55.0040 0x0db0 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:32:55.0210 0x0db0 mrxsmb20 - ok
17:32:55.0260 0x0db0 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
17:32:55.0370 0x0db0 msahci - ok
17:32:55.0390 0x0db0 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:32:55.0530 0x0db0 msdsm - ok
17:32:55.0540 0x0db0 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
17:32:55.0600 0x0db0 MSDTC - ok
17:32:55.0660 0x0db0 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:32:55.0700 0x0db0 Msfs - ok
17:32:55.0720 0x0db0 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:32:55.0780 0x0db0 mshidkmdf - ok
17:32:55.0820 0x0db0 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:32:55.0830 0x0db0 msisadrv - ok
17:32:55.0880 0x0db0 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:32:55.0950 0x0db0 MSiSCSI - ok
17:32:55.0960 0x0db0 msiserver - ok
17:32:56.0010 0x0db0 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:32:56.0080 0x0db0 MSKSSRV - ok
17:32:56.0120 0x0db0 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:32:56.0190 0x0db0 MSPCLOCK - ok
17:32:56.0190 0x0db0 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:32:56.0220 0x0db0 MSPQM - ok
17:32:56.0280 0x0db0 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:32:56.0310 0x0db0 MsRPC - ok
17:32:56.0360 0x0db0 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:32:56.0370 0x0db0 mssmbios - ok
17:32:56.0430 0x0db0 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:32:56.0460 0x0db0 MSTEE - ok
17:32:56.0490 0x0db0 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:32:56.0550 0x0db0 MTConfig - ok
17:32:56.0610 0x0db0 [ CBE71C122434805CB73FFB6619F60598, 332251B80AD5294188774A7A414A32DFC8C45DF348C736DB43C8E8DD8E7F08EC ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:32:56.0730 0x0db0 MTsensor - ok
17:32:56.0770 0x0db0 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
17:32:56.0790 0x0db0 Mup - ok
17:32:56.0830 0x0db0 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
17:32:56.0980 0x0db0 napagent - ok
17:32:57.0050 0x0db0 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:32:57.0090 0x0db0 NativeWifiP - ok
17:32:57.0250 0x0db0 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
17:32:57.0410 0x0db0 NAUpdate - ok
17:32:57.0500 0x0db0 [ E7C54812A2AAF43316EB6930C1FFA108, C8A6FC1957FA29A3B372132FEA9145538BC767044A11D77316D3D1A3EAA60630 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:32:57.0530 0x0db0 NDIS - ok
17:32:57.0580 0x0db0 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:32:57.0660 0x0db0 NdisCap - ok
17:32:57.0720 0x0db0 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:32:57.0790 0x0db0 NdisTapi - ok
17:32:57.0840 0x0db0 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:32:57.0970 0x0db0 Ndisuio - ok
17:32:58.0010 0x0db0 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:32:58.0200 0x0db0 NdisWan - ok
17:32:58.0240 0x0db0 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:32:58.0360 0x0db0 NDProxy - ok
17:32:58.0420 0x0db0 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:32:58.0500 0x0db0 NetBIOS - ok
17:32:58.0550 0x0db0 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:32:58.0800 0x0db0 NetBT - ok
17:32:58.0830 0x0db0 [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] Netlogon C:\Windows\system32\lsass.exe
17:32:58.0850 0x0db0 Netlogon - ok
17:32:58.0900 0x0db0 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
17:32:58.0980 0x0db0 Netman - ok
17:32:59.0050 0x0db0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:32:59.0210 0x0db0 NetMsmqActivator - ok
17:32:59.0210 0x0db0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:32:59.0230 0x0db0 NetPipeActivator - ok
17:32:59.0300 0x0db0 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
17:32:59.0350 0x0db0 netprofm - ok
17:32:59.0370 0x0db0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:32:59.0390 0x0db0 NetTcpActivator - ok
17:32:59.0400 0x0db0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:32:59.0410 0x0db0 NetTcpPortSharing - ok
17:32:59.0450 0x0db0 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:32:59.0470 0x0db0 nfrd960 - ok
17:32:59.0510 0x0db0 [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:32:59.0720 0x0db0 NlaSvc - ok
17:32:59.0770 0x0db0 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:32:59.0840 0x0db0 Npfs - ok
17:32:59.0900 0x0db0 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
17:32:59.0980 0x0db0 nsi - ok
17:33:00.0020 0x0db0 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:33:00.0090 0x0db0 nsiproxy - ok
17:33:00.0190 0x0db0 [ 33C3093D09017CFE2E219F2472BFF6EB, DE46C7A53C3606F036DED1EE8A81B79CAF3171A7E97DA2F71712E2DA046A262E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:33:00.0450 0x0db0 Ntfs - ok
17:33:00.0490 0x0db0 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
17:33:00.0550 0x0db0 Null - ok
17:33:01.0120 0x0db0 [ E891B3979F0CF2740C1B073F834221FE, 7CA2D001BF37F7144AB5849D4F54650CFE5B9EA529A3538C63D9101895120670 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:33:02.0050 0x0db0 nvlddmkm - ok
17:33:02.0130 0x0db0 [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:33:02.0250 0x0db0 nvraid - ok
17:33:02.0280 0x0db0 [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:33:02.0400 0x0db0 nvstor - ok
17:33:02.0480 0x0db0 [ AE2DE8E165DCB93A66B21748E6F913DF, 4CE8F78509154574A67DECB3DFC3B2B8FB095426402DAED037C0C7481F2F1466 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:33:02.0640 0x0db0 nvsvc - ok
17:33:02.0860 0x0db0 [ C78581C14699C46FE0F0817416383134, 41CDCC1935B4D9F11F8359C18C59825443022289442157BDD73E63E1ACD44422 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:33:03.0050 0x0db0 nvUpdatusService - ok
17:33:03.0090 0x0db0 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:33:03.0110 0x0db0 nv_agp - ok
17:33:03.0150 0x0db0 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:33:03.0220 0x0db0 ohci1394 - ok
17:33:03.0290 0x0db0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:33:03.0390 0x0db0 p2pimsvc - ok
17:33:03.0450 0x0db0 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
17:33:03.0730 0x0db0 p2psvc - ok
17:33:03.0830 0x0db0 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:33:03.0890 0x0db0 Parport - ok
17:33:03.0940 0x0db0 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:33:03.0960 0x0db0 partmgr - ok
17:33:03.0980 0x0db0 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:33:04.0040 0x0db0 Parvdm - ok
17:33:04.0100 0x0db0 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
17:33:04.0240 0x0db0 pci - ok
17:33:04.0280 0x0db0 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
17:33:04.0300 0x0db0 pciide - ok
17:33:04.0340 0x0db0 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:33:04.0370 0x0db0 pcmcia - ok
17:33:04.0380 0x0db0 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
17:33:04.0400 0x0db0 pcw - ok
17:33:04.0460 0x0db0 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:33:04.0580 0x0db0 PEAUTH - ok
17:33:04.0690 0x0db0 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:33:04.0790 0x0db0 PeerDistSvc - ok
17:33:04.0920 0x0db0 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
17:33:05.0210 0x0db0 pla - ok
17:33:05.0290 0x0db0 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:33:05.0530 0x0db0 PlugPlay - ok
17:33:05.0560 0x0db0 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:33:05.0610 0x0db0 PNRPAutoReg - ok
17:33:05.0660 0x0db0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:33:05.0690 0x0db0 PNRPsvc - ok
17:33:05.0740 0x0db0 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
17:33:05.0900 0x0db0 Power - ok
17:33:05.0960 0x0db0 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:33:06.0030 0x0db0 PptpMiniport - ok
17:33:06.0090 0x0db0 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:33:06.0140 0x0db0 Processor - ok
17:33:06.0210 0x0db0 [ 43CA4CCC22D52FB58E8988F0198851D0, DF67BD70D9D82677AE61244B4E54677A5008A7F5EB531DF2A7E7D33F1658EA78 ] ProfSvc C:\Windows\system32\profsvc.dll
17:33:06.0390 0x0db0 ProfSvc - ok
17:33:06.0420 0x0db0 [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] ProtectedStorage C:\Windows\system32\lsass.exe
17:33:06.0430 0x0db0 ProtectedStorage - ok
17:33:06.0480 0x0db0 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:33:06.0540 0x0db0 Psched - ok
17:33:06.0650 0x0db0 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:33:06.0740 0x0db0 ql2300 - ok
17:33:06.0790 0x0db0 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:33:06.0810 0x0db0 ql40xx - ok
17:33:06.0850 0x0db0 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
17:33:06.0910 0x0db0 QWAVE - ok
17:33:06.0950 0x0db0 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:33:06.0970 0x0db0 QWAVEdrv - ok
17:33:06.0990 0x0db0 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:33:07.0050 0x0db0 RasAcd - ok
17:33:07.0120 0x0db0 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:33:07.0190 0x0db0 RasAgileVpn - ok
17:33:07.0240 0x0db0 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
17:33:07.0290 0x0db0 RasAuto - ok
17:33:07.0350 0x0db0 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:33:07.0380 0x0db0 Rasl2tp - ok
17:33:07.0460 0x0db0 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
17:33:07.0690 0x0db0 RasMan - ok
17:33:07.0740 0x0db0 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:33:07.0780 0x0db0 RasPppoe - ok
17:33:07.0790 0x0db0 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:33:07.0850 0x0db0 RasSstp - ok
17:33:07.0910 0x0db0 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:33:08.0120 0x0db0 rdbss - ok
17:33:08.0190 0x0db0 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:33:08.0240 0x0db0 rdpbus - ok
17:33:08.0300 0x0db0 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:33:08.0460 0x0db0 RDPCDD - ok
17:33:08.0530 0x0db0 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:33:08.0720 0x0db0 RDPDR - ok
17:33:08.0770 0x0db0 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:33:08.0840 0x0db0 RDPENCDD - ok
17:33:08.0860 0x0db0 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:33:08.0920 0x0db0 RDPREFMP - ok
17:33:09.0030 0x0db0 [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:33:09.0240 0x0db0 RdpVideoMiniport - ok
17:33:09.0290 0x0db0 [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:33:09.0440 0x0db0 RDPWD - ok
17:33:09.0500 0x0db0 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:33:09.0640 0x0db0 rdyboost - ok
17:33:09.0680 0x0db0 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:33:09.0750 0x0db0 RemoteRegistry - ok
17:33:09.0800 0x0db0 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:33:09.0840 0x0db0 RpcEptMapper - ok
17:33:09.0880 0x0db0 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
17:33:09.0930 0x0db0 RpcLocator - ok
17:33:09.0990 0x0db0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
17:33:10.0040 0x0db0 RpcSs - ok
17:33:10.0080 0x0db0 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:33:10.0120 0x0db0 rspndr - ok
17:33:10.0150 0x0db0 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:33:10.0340 0x0db0 s3cap - ok
17:33:10.0360 0x0db0 [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] SamSs C:\Windows\system32\lsass.exe
17:33:10.0380 0x0db0 SamSs - ok
17:33:10.0400 0x0db0 SbieDrv - ok
17:33:10.0400 0x0db0 SbieSvc - ok
17:33:10.0450 0x0db0 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:33:10.0560 0x0db0 sbp2port - ok
17:33:10.0590 0x0db0 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:33:10.0660 0x0db0 SCardSvr - ok
17:33:10.0690 0x0db0 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:33:10.0840 0x0db0 scfilter - ok
17:33:10.0950 0x0db0 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
17:33:11.0210 0x0db0 Schedule - ok
17:33:11.0250 0x0db0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:33:11.0280 0x0db0 SCPolicySvc - ok
17:33:11.0330 0x0db0 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:33:11.0500 0x0db0 SDRSVC - ok
17:33:11.0570 0x0db0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:33:11.0640 0x0db0 secdrv - ok
17:33:11.0690 0x0db0 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
17:33:11.0770 0x0db0 seclogon - ok
17:33:11.0830 0x0db0 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
17:33:11.0910 0x0db0 SENS - ok
17:33:11.0950 0x0db0 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:33:12.0030 0x0db0 SensrSvc - ok
17:33:12.0100 0x0db0 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:33:12.0120 0x0db0 Serenum - ok
17:33:12.0140 0x0db0 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:33:12.0190 0x0db0 Serial - ok
17:33:12.0230 0x0db0 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:33:12.0300 0x0db0 sermouse - ok
17:33:12.0370 0x0db0 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
17:33:12.0530 0x0db0 SessionEnv - ok
17:33:12.0590 0x0db0 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:33:12.0650 0x0db0 sffdisk - ok
17:33:12.0690 0x0db0 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:33:12.0750 0x0db0 sffp_mmc - ok
17:33:12.0780 0x0db0 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:33:12.0910 0x0db0 sffp_sd - ok
17:33:12.0940 0x0db0 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:33:13.0000 0x0db0 sfloppy - ok
17:33:13.0080 0x0db0 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:33:13.0300 0x0db0 ShellHWDetection - ok
17:33:13.0330 0x0db0 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:33:13.0350 0x0db0 sisagp - ok
17:33:13.0400 0x0db0 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:33:13.0420 0x0db0 SiSRaid2 - ok
17:33:13.0440 0x0db0 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:33:13.0450 0x0db0 SiSRaid4 - ok
17:33:13.0480 0x0db0 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:33:13.0510 0x0db0 Smb - ok
17:33:13.0550 0x0db0 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:33:13.0570 0x0db0 SNMPTRAP - ok
17:33:13.0590 0x0db0 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
17:33:13.0600 0x0db0 spldr - ok
17:33:13.0670 0x0db0 [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler C:\Windows\System32\spoolsv.exe
17:33:13.0860 0x0db0 Spooler - ok
17:33:14.0050 0x0db0 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
17:33:14.0160 0x0db0 sppsvc - ok
17:33:14.0200 0x0db0 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:33:14.0340 0x0db0 sppuinotify - ok
17:33:14.0400 0x0db0 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:33:14.0630 0x0db0 srv - ok
17:33:14.0650 0x0db0 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:33:14.0860 0x0db0 srv2 - ok
17:33:14.0920 0x0db0 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:33:15.0090 0x0db0 srvnet - ok
17:33:15.0140 0x0db0 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:33:15.0230 0x0db0 SSDPSRV - ok
17:33:15.0290 0x0db0 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:33:15.0360 0x0db0 SstpSvc - ok
17:33:15.0490 0x0db0 [ FC0A58529A02B1EED55DDC58696B7908, C767E97C9E92C425FA5F1C63C69B5E491083AB361797C8D54D1958FEF9212D30 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:33:15.0640 0x0db0 Stereo Service - ok
17:33:15.0680 0x0db0 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:33:15.0690 0x0db0 stexstor - ok
17:33:15.0770 0x0db0 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
17:33:16.0000 0x0db0 StiSvc - ok
17:33:16.0060 0x0db0 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:33:16.0190 0x0db0 storflt - ok
17:33:16.0250 0x0db0 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:33:16.0370 0x0db0 storvsc - ok
17:33:16.0410 0x0db0 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
17:33:16.0430 0x0db0 swenum - ok
17:33:16.0480 0x0db0 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
17:33:16.0530 0x0db0 swprv - ok
17:33:16.0580 0x0db0 Synth3dVsc - ok
17:33:16.0680 0x0db0 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
17:33:16.0730 0x0db0 SysMain - ok
17:33:16.0780 0x0db0 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:33:16.0940 0x0db0 TabletInputService - ok
17:33:17.0000 0x0db0 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
17:33:17.0170 0x0db0 TapiSrv - ok
17:33:17.0210 0x0db0 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
17:33:17.0250 0x0db0 TBS - ok
17:33:17.0350 0x0db0 [ 7FA2E0F8B072BD04B77B421480B6CC22, ACBFDE907D4AC54A82622FF5C68598F5C425E63241F938BC5A5C2E4C77F17643 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:33:17.0450 0x0db0 Tcpip - ok
17:33:17.0560 0x0db0 [ 7FA2E0F8B072BD04B77B421480B6CC22, ACBFDE907D4AC54A82622FF5C68598F5C425E63241F938BC5A5C2E4C77F17643 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:33:17.0600 0x0db0 TCPIP6 - ok
17:33:17.0640 0x0db0 [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:33:17.0820 0x0db0 tcpipreg - ok
17:33:17.0870 0x0db0 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:33:18.0060 0x0db0 TDPIPE - ok
17:33:18.0070 0x0db0 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:33:18.0130 0x0db0 TDTCP - ok
17:33:18.0190 0x0db0 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:33:18.0330 0x0db0 tdx - ok
17:33:18.0370 0x0db0 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:33:18.0480 0x0db0 TermDD - ok
17:33:18.0560 0x0db0 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
17:33:18.0810 0x0db0 TermService - ok
17:33:18.0870 0x0db0 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
17:33:18.0900 0x0db0 Themes - ok
17:33:18.0910 0x0db0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
17:33:18.0940 0x0db0 THREADORDER - ok
17:33:18.0980 0x0db0 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
17:33:19.0060 0x0db0 TrkWks - ok
17:33:19.0160 0x0db0 [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
17:33:19.0190 0x0db0 truecrypt - ok
17:33:19.0280 0x0db0 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:33:19.0470 0x0db0 TrustedInstaller - ok
17:33:19.0530 0x0db0 [ 254BB140EEE3C59D6114C1A86B636877, EE09D62E90407A40278F2136F640DAB16A4E2BF57D4FB6E05F92CA9CC9CF57C0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:33:19.0670 0x0db0 tssecsrv - ok
17:33:19.0730 0x0db0 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:33:19.0870 0x0db0 TsUsbFlt - ok
17:33:19.0880 0x0db0 tsusbhub - ok
17:33:19.0950 0x0db0 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:33:20.0140 0x0db0 tunnel - ok
17:33:20.0200 0x0db0 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:33:20.0220 0x0db0 uagp35 - ok
17:33:20.0270 0x0db0 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:33:20.0480 0x0db0 udfs - ok
17:33:20.0540 0x0db0 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:33:20.0590 0x0db0 UI0Detect - ok
17:33:20.0670 0x0db0 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:33:20.0690 0x0db0 uliagpkx - ok
17:33:20.0730 0x0db0 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
17:33:20.0880 0x0db0 umbus - ok
17:33:20.0940 0x0db0 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:33:20.0990 0x0db0 UmPass - ok
17:33:21.0050 0x0db0 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
17:33:21.0260 0x0db0 UmRdpService - ok
17:33:21.0320 0x0db0 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
17:33:21.0370 0x0db0 upnphost - ok
17:33:21.0410 0x0db0 [ 7E72E7D7E0757D59481D530FD2B0BFAE, 288CAC9F4AC09DEB2B30C6E3A6ACF8D62A75576F62F0EC159D5E1B257419E9DC ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
17:33:21.0530 0x0db0 usbccgp - ok
17:33:21.0600 0x0db0 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:33:21.0660 0x0db0 usbcir - ok
17:33:21.0710 0x0db0 [ CFBCE999C057D78979A181C9C60F208E, D60698EAA8A085214D5945818B0863976CF116EBE523046C344AF4E9392FDF80 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:33:21.0850 0x0db0 usbehci - ok
17:33:21.0930 0x0db0 [ 9D22AAD9AC6A07C691A1113E5F860868, AC34D36DBB5649650FCD873A792CA1387AE841D4C46781C63C0D29834F9B58E9 ] usbhub C:\Windows\system32\drivers\usbhub.sys
17:33:22.0150 0x0db0 usbhub - ok
17:33:22.0200 0x0db0 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:33:22.0250 0x0db0 usbohci - ok
17:33:22.0310 0x0db0 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:33:22.0330 0x0db0 usbprint - ok
17:33:22.0380 0x0db0 [ BF63EBFC6979FEFB2BC03DF7989A0C1A, AFEF764A3E5D52CDBB5074F0E87F2B5EBCDF8D9B6E8F88EE235602B80145BE31 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:33:22.0510 0x0db0 USBSTOR - ok
17:33:22.0560 0x0db0 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:33:22.0610 0x0db0 usbuhci - ok
17:33:22.0660 0x0db0 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
17:33:22.0700 0x0db0 UxSms - ok
17:33:22.0720 0x0db0 [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] VaultSvc C:\Windows\system32\lsass.exe
17:33:22.0730 0x0db0 VaultSvc - ok
17:33:22.0760 0x0db0 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:33:22.0770 0x0db0 vdrvroot - ok
17:33:22.0840 0x0db0 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
17:33:23.0090 0x0db0 vds - ok
17:33:23.0160 0x0db0 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:33:23.0210 0x0db0 vga - ok
17:33:23.0270 0x0db0 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:33:23.0310 0x0db0 VgaSave - ok
17:33:23.0340 0x0db0 VGPU - ok
17:33:23.0390 0x0db0 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:33:23.0550 0x0db0 vhdmp - ok
17:33:23.0600 0x0db0 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:33:23.0620 0x0db0 viaagp - ok
17:33:23.0660 0x0db0 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:33:23.0700 0x0db0 ViaC7 - ok
17:33:23.0750 0x0db0 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
17:33:23.0770 0x0db0 viaide - ok
17:33:23.0780 0x0db0 VMAuthdService - ok
17:33:23.0820 0x0db0 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:33:24.0020 0x0db0 vmbus - ok
17:33:24.0050 0x0db0 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:33:24.0160 0x0db0 VMBusHID - ok
17:33:24.0210 0x0db0 [ D644FFEA14778DDA59BDA8492BCED4B6, 5146A0181AEED5727C729DE451B3F2070FF8DD4A0B32AD6BD3DEB42232B5FAE1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
17:33:24.0230 0x0db0 vmci - ok
17:33:24.0290 0x0db0 [ 872DE8E16A2821804D8E4EC76A1E38B4, 346C2EDE1A0AEA3A1B2D4C3066B1AF94FFC00B5D3401E323C0FD46D8D824C563 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
17:33:24.0300 0x0db0 VMnetAdapter - ok
17:33:24.0350 0x0db0 [ 2ECECADD1F5AE56F297B81F2AC464B03, 6EA6EDE53AE420EF750A14045399AAD77D07C80324C0C60E74127E350C7E7090 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
17:33:24.0460 0x0db0 VMnetBridge - ok
17:33:24.0510 0x0db0 [ 05A869D1B12B08B5601487CA534B5021, 07A4BE681C0C0B23CBD5C05715DAA887D4DDE6D99251BC5D748F321940C23315 ] VMnetDHCP C:\Windows\system32\vmnetdhcp.exe
17:33:24.0530 0x0db0 VMnetDHCP - ok
17:33:24.0560 0x0db0 [ 448788D4D9C6E7F20BA7C6487B52D44E, 8643B237262099998049D23B5BE1F65C224500E8947B2FAC798B5A00132082A4 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
17:33:24.0570 0x0db0 VMnetuserif - ok
17:33:24.0630 0x0db0 [ C5C0DFA9D921639B73C3E59A8AA1FBEF, 221BEA7B23288113F1791FC91CB5F216B5836F0BF2F8507B5DB83243778E16DA ] VMparport C:\Windows\system32\Drivers\VMparport.sys
17:33:24.0650 0x0db0 VMparport - ok
17:33:24.0770 0x0db0 [ F3922FB27510E28FAC82A0DC442A900E, 11D42F62460647EADFABC29873D20CC77B117B676D30655B7919A1C0EBBFA86F ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
17:33:24.0800 0x0db0 VMUSBArbService - ok
17:33:24.0840 0x0db0 [ F13B73E932CACDDE5ED825BDF7AA9637, 4B6C8D82324314294AE439ACDE933E6C8E77635ADE933BC52A0CD9A68927702D ] VMware NAT Service C:\Windows\system32\vmnat.exe
17:33:24.0860 0x0db0 VMware NAT Service - ok
17:33:24.0860 0x0db0 VMwareHostd - ok
17:33:24.0910 0x0db0 [ E80257E1A4B5A905857705FF5C4787AE, AA354C4A46A0B7D13584FACB9EBF699820E24D18B3EFD830E5E811C7F16BD1B4 ] vmx86 C:\Windows\system32\Drivers\vmx86.sys
17:33:24.0930 0x0db0 vmx86 - ok
17:33:24.0950 0x0db0 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:33:25.0070 0x0db0 volmgr - ok
17:33:25.0120 0x0db0 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:33:25.0160 0x0db0 volmgrx - ok
17:33:25.0170 0x0db0 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:33:25.0362 0x0db0 volsnap - ok
17:33:25.0432 0x0db0 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:33:25.0452 0x0db0 vsmraid - ok
17:33:25.0522 0x0db0 [ 843081D296F617DDFAE4D70F2564C852, A2F0A31AE740850996E1595E0C21E3365387B049480999ACA8DE2AE5394232E2 ] vsock C:\Windows\system32\drivers\vsock.sys
17:33:25.0532 0x0db0 vsock - ok
17:33:25.0612 0x0db0 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
17:33:25.0942 0x0db0 VSS - ok
17:33:26.0002 0x0db0 [ 43725C38A00C5667AD8CA82C1790D465, 3E06294DADE18CE1D103363C85A6F22FF53F076AE41E8772362C747B2DC16E3E ] vstor2-mntapi20-shared C:\Windows\system32\drivers\vstor2-mntapi20-shared.sys
17:33:26.0112 0x0db0 vstor2-mntapi20-shared - ok
17:33:26.0132 0x0db0 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:33:26.0182 0x0db0 vwifibus - ok
17:33:26.0252 0x0db0 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
17:33:26.0342 0x0db0 W32Time - ok
17:33:26.0402 0x0db0 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:33:26.0442 0x0db0 WacomPen - ok
17:33:26.0512 0x0db0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:33:26.0654 0x0db0 WANARP - ok
17:33:26.0694 0x0db0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:33:26.0714 0x0db0 Wanarpv6 - ok
17:33:27.0414 0x0db0 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
17:33:27.0734 0x0db0 wbengine - ok
17:33:27.0784 0x0db0 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:33:27.0864 0x0db0 WbioSrvc - ok
17:33:28.0004 0x0db0 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:33:28.0184 0x0db0 wcncsvc - ok
17:33:28.0254 0x0db0 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:33:28.0364 0x0db0 WcsPlugInService - ok
17:33:28.0394 0x0db0 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:33:28.0414 0x0db0 Wd - ok
17:33:28.0454 0x0db0 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:33:28.0494 0x0db0 Wdf01000 - ok
17:33:28.0544 0x0db0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:33:28.0674 0x0db0 WdiServiceHost - ok
17:33:28.0674 0x0db0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:33:28.0704 0x0db0 WdiSystemHost - ok
17:33:28.0754 0x0db0 [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient C:\Windows\System32\webclnt.dll
17:33:28.0944 0x0db0 WebClient - ok
17:33:28.0994 0x0db0 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:33:29.0044 0x0db0 Wecsvc - ok
17:33:29.0074 0x0db0 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:33:29.0134 0x0db0 wercplsupport - ok
17:33:29.0194 0x0db0 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
17:33:29.0274 0x0db0 WerSvc - ok
17:33:29.0334 0x0db0 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:33:29.0374 0x0db0 WfpLwf - ok
17:33:29.0374 0x0db0 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:33:29.0394 0x0db0 WIMMount - ok
17:33:29.0404 0x0db0 WinHttpAutoProxySvc - ok
17:33:29.0484 0x0db0 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:33:29.0524 0x0db0 Winmgmt - ok
17:33:29.0624 0x0db0 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
17:33:29.0934 0x0db0 WinRM - ok
17:33:30.0054 0x0db0 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:33:30.0164 0x0db0 Wlansvc - ok
17:33:30.0224 0x0db0 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:33:30.0274 0x0db0 WmiAcpi - ok
17:33:30.0334 0x0db0 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:33:30.0374 0x0db0 wmiApSrv - ok
17:33:30.0504 0x0db0 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:33:30.0624 0x0db0 WMPNetworkSvc - ok
17:33:30.0664 0x0db0 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:33:30.0754 0x0db0 WPCSvc - ok
17:33:30.0794 0x0db0 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:33:30.0984 0x0db0 WPDBusEnum - ok
17:33:31.0034 0x0db0 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:33:31.0094 0x0db0 ws2ifsl - ok
17:33:31.0104 0x0db0 WSearch - ok
17:33:31.0164 0x0db0 [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:33:31.0304 0x0db0 WudfPf - ok
17:33:31.0374 0x0db0 [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:33:31.0544 0x0db0 WUDFRd - ok
17:33:31.0584 0x0db0 [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:33:31.0744 0x0db0 wudfsvc - ok
17:33:31.0804 0x0db0 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:33:31.0874 0x0db0 WwanSvc - ok
17:33:32.0004 0x0db0 *etadpug - detected Rootkit.Win32.PMax.gen ( 0 )
17:33:32.0064 0x0db0 *etadpug ( Rootkit.Win32.PMax.gen ) - infected
17:33:34.0794 0x0db0 ================ Scan global ===============================
17:33:34.0834 0x0db0 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
17:33:35.0024 0x0db0 [ 183B4188D5D91B271613EC3EFD1B3CEF, 29E296B753E6380F0772290725DEC39DB83CB518302C1DDF303123996F3EEA0A ] C:\Windows\system32\winsrv.dll
17:33:35.0164 0x0db0 [ 183B4188D5D91B271613EC3EFD1B3CEF, 29E296B753E6380F0772290725DEC39DB83CB518302C1DDF303123996F3EEA0A ] C:\Windows\system32\winsrv.dll
17:33:35.0264 0x0db0 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:33:35.0324 0x0db0 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
17:33:35.0334 0x0db0 [ Global ] - ok
17:33:35.0334 0x0db0 ================ Scan MBR ==================================
17:33:35.0374 0x0db0 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:33:35.0894 0x0db0 \Device\Harddisk0\DR0 - ok
17:33:35.0914 0x0db0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:33:36.0464 0x0db0 \Device\Harddisk1\DR1 - ok
17:33:36.0464 0x0db0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
17:33:36.0944 0x0db0 \Device\Harddisk2\DR2 - ok
17:33:36.0944 0x0db0 ================ Scan VBR ==================================
17:33:36.0954 0x0db0 [ ECD24B4795FE2689ED4292C2C573EAB7 ] \Device\Harddisk0\DR0\Partition1
17:33:36.0954 0x0db0 \Device\Harddisk0\DR0\Partition1 - ok
17:33:36.0964 0x0db0 [ 7BF160F673A008BA6C70A9BCFEC10BDD ] \Device\Harddisk1\DR1\Partition1
17:33:36.0964 0x0db0 \Device\Harddisk1\DR1\Partition1 - ok
17:33:36.0994 0x0db0 [ D5DC44767200B96437A9AD64F31ADC5B ] \Device\Harddisk1\DR1\Partition2
17:33:37.0004 0x0db0 \Device\Harddisk1\DR1\Partition2 - ok
17:33:37.0004 0x0db0 [ 9169DBE302CE4901401BCCD52926FF14 ] \Device\Harddisk2\DR2\Partition1
17:33:37.0004 0x0db0 \Device\Harddisk2\DR2\Partition1 - ok
17:33:37.0004 0x0db0 ================ Scan generic autorun ======================
17:33:37.0574 0x0db0 [ BF987FC8FCBDAF5239E2A5434A8C2032, EE424318D02C7A3772546EDB1203A632E74F7F0B53A19CE268AD8BD7892E39BA ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
17:33:37.0824 0x0db0 RTHDVCPL - ok
17:33:37.0974 0x0db0 [ 376FB589890E90BAA3D05867E44116E9, 287F0B0555E0A025C6F7F6C18B6FA79B849172AAB4ACC9406D726570DC6ABE87 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
17:33:38.0014 0x0db0 COMODO Internet Security - ok
17:33:38.0054 0x0db0 [ F7AD0BD4A944A97C13B196215981346C, 9CDE2D90E5BD7AF1387F8DBB9463FDE402955581CC0613AF50DFE8AF94D5FA5C ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
17:33:38.0204 0x0db0 SunJavaUpdateSched - ok
17:33:38.0204 0x0db0 vmware-tray.exe - ok
17:33:38.0334 0x0db0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:33:38.0604 0x0db0 Sidebar - ok
17:33:38.0644 0x0db0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:33:38.0664 0x0db0 mctadmin - ok
17:33:38.0754 0x0db0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:33:38.0794 0x0db0 Sidebar - ok
17:33:38.0804 0x0db0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:33:38.0824 0x0db0 mctadmin - ok
17:33:38.0924 0x0db0 Google Update - ok
17:33:39.0054 0x0db0 [ F8273CD67173EF345E13FCDC93752805, 89AF36703DB4BA247975A3B95464C95BEBDF817720DD7710B11E3C8F23012F8A ] C:\Users\Plüming\AppData\Roaming\BitTorrent\BitTorrent.exe
17:33:39.0094 0x0db0 BitTorrent - ok
17:33:39.0164 0x0db0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:33:39.0204 0x0db0 Sidebar - ok
17:33:39.0214 0x0db0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:33:39.0234 0x0db0 mctadmin - ok
17:33:39.0234 0x0db0 Waiting for KSN requests completion. In queue: 10
17:33:40.0234 0x0db0 Waiting for KSN requests completion. In queue: 10
17:33:41.0234 0x0db0 Waiting for KSN requests completion. In queue: 10
17:33:42.0324 0x0db0 AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ( ), 0x61000 ( enabled : updated )
17:33:42.0324 0x0db0 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ( ), 0x61010 ( enabled )
17:33:45.0024 0x0db0 ============================================================
17:33:45.0024 0x0db0 Scan finished
17:33:45.0024 0x0db0 ============================================================
17:33:45.0034 0x0d14 Detected object count: 1
17:33:45.0034 0x0d14 Actual detected object count: 1
17:35:10.0646 0x0d14 *etadpug ( Rootkit.Win32.PMax.gen ) - skipped by user
17:35:10.0646 0x0d14 *etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Skip


Alt 29.09.2014, 15:04   #6
M-K-D-B
/// TB-Ausbilder
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Servus,


TDSS-Killer nochmal laufen lassen.
Zitat:
17:35:10.0646 0x0d14 *etadpug ( Rootkit.Win32.PMax.gen ) - skipped by user
17:35:10.0646 0x0d14 *etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Skip
Wähle bei diesem Fund Cure/Delete (je nachdem was angeboten wird) und lass den Rechner über das Programm neu starten.

Nach dem Neustart bitte einen Kontrollscan mit TDSS-Killer.





Danach ComboFix:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Windows 7 - Startmenü fehlerhaft und keine Windows updates

Alt 30.09.2014, 05:14   #7
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



also ich habe combofix laufen lassen und er hat rumgemeckert.
ich habe ausversehen combofix nochmal nach dem fertigen scan und pc neustart
neugestartet,weil da im verzeichnis keine combofix.txt war.

er hat paar mal rumgemeckert beim dateien überschreiben und
ich bin auf "ignorieren" gegangen.
und in der mitte des scans zeigte er diesen fehler:

error!
The contents of folder
C:\Windows\erdnt\Hiv-backup
could not be completely deleted

und jetzt ist nur noch das im verzeichnis:

C:\combofix\en-US\iexplore.exe


nach dem ersten scan waren aber mehrere dateien da aber keine
"combofix.txt"



mein startmenü ist aber jetzt wieder in ordnung durch den tdsskiller.
ausser das dieser "java update checker immer wieder kommt."

also wenn ich auf das java update klicke kommt ja diese meldung:


Java kann nicht installiert werden.
In den folgenden Befehlszeilen-Switches sind
Fehler vorhanden "A*I*" und noch irgendsowelche zeichen.....
Stellen sie sicher das die befehle gültig sind,und
versuchen sie es nochmal.

so,ich kann auch wieder windows updates runterladen,
wovon aber viele fehlschlagen.

kann es sein das ich diese zeichen "A*I*" und andere als
optionales windows update sprachpacket runterladen muss

und da gibts noch nen problem:

auf meinen dektop steht nach den pc neustart immer:

"Auf CD/DVD zu brennende Dateien sind vorhanden.
Klicken Sie auf diese Spechblase,um die Dateien jetzt anzuzeigen."
egal ob da ne cd\dvd oder nix im laufwerk ist.
wie mache ich das weg?


UND: meine festplatte C:\ hat weniger als 1gb speicher nur noch jetzt,
die ist zu voll.
hab sie auch schon bereinigt alles was geht in den einstellungen.
wie kann ich bei den windows updates einen pfad auswählen,damit
die updates auf der festplatte E:\ gespeichert werden?
da hab ich nämlich noch 30 GB frei und auf meiner USB festplatte F:\
sogar knapp 600 GB.


MFG

Alt 30.09.2014, 15:11   #8
M-K-D-B
/// TB-Ausbilder
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Servus,


FRST bitte nochmal zur Kontrolle ausführen und beide Logdateien davon posten:
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
__________________
Gruß
M-K-D-B


Das Trojaner-Board unterstützen

Alt 30.09.2014, 16:41   #9
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



hier ist das FRST.txt logfile:



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014
Ran by Plüming (administrator) on PLÜMING-PC on 30-09-2014 16:17:54
Running from C:\Users\Plüming\Desktop
Loaded Profiles: Plüming & UpdatusUser (Available profiles: Plüming & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10988176 2012-05-28] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\..\Interfaces\{3860F474-5B69-428A-A1E7-8947840FB662}: [NameServer] 192.168.1.1,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694
FF NewTab: about:blank
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-26]

Chrome: 
=======
CHR HomePage: Default -> A7DFC7C678CF010D5063E4E10BA849D88884C0F8881BB687FC3F98F52235D772
CHR DefaultSearchKeyword: Default -> EDBB26270A8072B297BBDC25B42EFC63D9FD05577AFC5426BF01E46DFBA276E5
CHR DefaultSearchURL: Default -> D9F9DD74F4C8679A6EDD192DA50A5E78165EAF986E8274AE57EECD8C64A5E03C
CHR Plugin: (Shockwave Flash) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR CustomProfile: C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-08]
CHR Extension: (Google Wallet) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S4 RemoteAccess; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 SbieSvc; H:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
S2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437976 2014-06-12] (VMware, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] () [File not signed]
S2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [607168 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43728 2014-04-16] (COMODO)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-05-10] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [92656 2014-04-16] (COMODO)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [55848 2010-03-29] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
S3 SbieDrv; H:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]
S2 VMnetuserif; \??\C:\Windows\system32\drivers\vmnetuserif.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-30 16:17 - 2014-09-30 16:18 - 00009943 _____ () C:\Users\Plüming\Desktop\FRST.txt
2014-09-30 05:22 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-30 02:18 - 2014-09-30 02:19 - 00700726 _____ () C:\Windows\system32\prfh0416.dat
2014-09-30 02:18 - 2014-09-30 02:19 - 00145832 _____ () C:\Windows\system32\prfc0416.dat
2014-09-30 02:18 - 2014-09-30 02:17 - 00323154 _____ () C:\Windows\system32\prfi0416.dat
2014-09-30 02:18 - 2014-09-30 02:17 - 00038536 _____ () C:\Windows\system32\prfd0416.dat
2014-09-30 02:17 - 2014-09-30 05:34 - 00000000 ____D () C:\Windows\system32\Drivers\pt-BR
2014-09-30 02:17 - 2014-09-30 02:17 - 00000000 ____D () C:\Windows\pt-BR
2014-09-30 01:51 - 2014-09-30 01:51 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-09-30 01:51 - 2014-09-30 01:51 - 00000000 ____D () C:\Windows\ro-RO
2014-09-30 01:42 - 2014-09-30 01:42 - 00000000 ____D () C:\Windows\system32\Drivers\bg-BG
2014-09-30 01:42 - 2014-09-30 01:42 - 00000000 ____D () C:\Windows\bg-BG
2014-09-30 01:34 - 2014-09-30 02:19 - 00644510 _____ () C:\Windows\system32\perfh01F.dat
2014-09-30 01:34 - 2014-09-30 02:19 - 00138460 _____ () C:\Windows\system32\perfc01F.dat
2014-09-30 01:34 - 2014-09-30 01:32 - 00285034 _____ () C:\Windows\system32\perfi01F.dat
2014-09-30 01:34 - 2014-09-30 01:32 - 00037160 _____ () C:\Windows\system32\perfd01F.dat
2014-09-30 01:32 - 2014-09-30 05:34 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-09-30 01:32 - 2014-09-30 01:32 - 00000000 ____D () C:\Windows\tr-TR
2014-09-30 01:32 - 2014-09-30 01:32 - 00000000 ____D () C:\Windows\system32\tr
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\th-TH
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\system32\0409
2014-09-29 19:45 - 2014-09-29 19:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-29 19:37 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-29 19:37 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-09-29 19:37 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-29 19:37 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-29 19:37 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-09-29 19:36 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-29 19:36 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-29 19:35 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-29 19:35 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-29 19:23 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-09-29 19:23 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-29 19:09 - 2014-09-29 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-29 19:09 - 2014-09-29 19:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-29 19:09 - 2014-09-29 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-29 19:09 - 2014-09-29 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-29 19:09 - 2014-09-29 19:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-29 19:08 - 2014-09-29 19:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-29 19:08 - 2014-09-29 19:08 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-09-29 19:07 - 2014-09-29 19:07 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-09-29 19:06 - 2014-09-29 19:06 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-09-29 19:06 - 2014-09-29 19:06 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-09-29 19:03 - 2014-09-29 19:03 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-29 18:59 - 2014-09-29 18:59 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-29 18:56 - 2014-09-29 19:15 - 00015105 _____ () C:\Windows\IE11_main.log
2014-09-29 18:44 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-09-29 18:44 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-29 18:44 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-29 18:44 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-29 18:42 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-29 18:42 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-09-29 18:42 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-09-29 18:42 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-09-29 18:42 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-09-29 18:41 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-09-29 18:41 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-09-29 18:41 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-09-29 18:41 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-09-29 18:41 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-09-29 18:41 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-29 18:41 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-09-29 18:41 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-09-29 18:41 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-09-29 18:40 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-29 18:40 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-09-29 18:40 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-29 18:39 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-29 18:39 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-09-29 18:39 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-09-29 18:38 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-29 18:38 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-29 18:38 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-29 18:38 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-29 18:37 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-29 18:37 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-29 18:37 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-29 18:37 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-29 18:37 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-29 18:37 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-09-29 18:37 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-09-29 18:37 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-29 18:37 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-09-29 18:37 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-09-29 18:36 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-29 18:36 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-29 18:36 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-29 18:36 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-29 18:36 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-29 18:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-29 18:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-29 18:36 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-09-29 18:36 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-09-29 18:36 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-09-29 18:36 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-29 18:36 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-09-29 18:36 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-09-29 18:36 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-29 18:36 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-09-29 18:36 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-09-29 18:36 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-09-29 18:36 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-09-29 18:36 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-09-29 18:36 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-09-29 18:36 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-09-29 18:36 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-09-29 18:36 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-29 18:36 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-09-29 18:35 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-09-29 18:35 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-09-29 18:35 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-09-29 18:34 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-29 18:34 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-09-29 18:34 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-09-29 18:34 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-09-29 18:34 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-09-29 18:34 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-09-29 18:34 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-29 18:34 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-09-29 18:34 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-09-29 18:34 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-09-29 18:34 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-09-29 18:34 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-09-29 18:34 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-09-29 18:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-29 18:33 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-29 18:33 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-29 18:33 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-29 18:33 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-29 18:33 - 2014-05-08 11:06 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-29 18:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-29 18:33 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-29 18:33 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-29 18:33 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-29 18:33 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-29 18:33 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-29 18:33 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-29 18:33 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-29 18:33 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-29 18:33 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-29 18:33 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-29 18:33 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-09-29 18:33 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-29 18:33 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-09-29 18:33 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-29 18:33 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-29 18:33 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-09-29 18:32 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-29 18:32 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-29 18:32 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-29 18:32 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-29 18:32 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-29 18:32 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-09-29 18:32 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-09-29 18:32 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-29 18:32 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-29 18:32 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-29 18:32 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-09-29 18:32 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-09-29 18:32 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-09-29 18:32 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-29 18:32 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-09-29 18:32 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-29 18:32 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-29 18:28 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-29 18:28 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-29 18:28 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-29 18:28 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-29 18:28 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-29 18:28 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-29 18:28 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-29 18:07 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-29 18:00 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-09-29 18:00 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-09-29 18:00 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-09-29 18:00 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-09-29 18:00 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-09-29 17:52 - 2014-09-29 17:54 - 00000000 ____D () C:\ComboFix
2014-09-29 17:52 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-29 17:52 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-29 17:52 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-29 17:52 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-29 17:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-29 17:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-29 17:33 - 2014-09-30 04:52 - 00001071 _____ () C:\Users\Plüming\Desktop\Neues Textdokument.txt
2014-09-29 17:29 - 2014-09-29 17:29 - 00000332 _____ () C:\Start_.cmd
2014-09-29 17:28 - 2014-09-29 17:28 - 00000000 ____D () C:\Qoobox
2014-09-29 17:27 - 2014-09-29 17:54 - 00000000 ___SD () C:\32788R22FWJFW
2014-09-29 17:27 - 2014-09-29 17:27 - 00000000 ____D () C:\Windows\erdnt
2014-09-29 17:26 - 2014-09-29 17:26 - 05582345 ____R (Swearware) C:\Users\Plüming\Desktop\ComboFix.exe
2014-09-29 17:13 - 2014-09-29 17:13 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-28 18:55 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\LumacDaemon
2014-09-28 18:54 - 2014-09-28 18:54 - 00002687 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lumac.lnk
2014-09-28 18:54 - 2014-09-28 18:54 - 00002681 _____ () C:\Users\Public\Desktop\Lumac.lnk
2014-09-28 18:54 - 2014-09-28 18:54 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Firstload
2014-09-28 17:26 - 2014-09-28 17:27 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Plüming\Desktop\tdsskiller.exe
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\Abelssoft
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Abelssoft
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-28 17:03 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-09-28 17:03 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-09-27 18:21 - 2014-09-30 16:17 - 00000000 ____D () C:\FRST
2014-09-27 18:20 - 2014-09-27 18:20 - 01100288 _____ (Farbar) C:\Users\Plüming\Desktop\FRST.exe
2014-09-26 09:15 - 2014-09-26 09:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\VMware
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Local\VMware
2014-09-17 20:01 - 2014-09-17 20:02 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 20:01 - 2014-09-17 20:01 - 00000751 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-17 20:01 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-17 20:01 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-17 20:01 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 19:34 - 2014-09-15 19:34 - 00000000 ____D () C:\Users\Pl%C3%BCming
2014-09-15 19:30 - 2014-09-15 19:30 - 00000000 ____D () C:\Users\Plüming\Documents\Electronic Arts
2014-09-08 19:46 - 2014-09-08 19:46 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MakeTorrent 2.lnk
2014-09-03 17:51 - 2014-09-03 18:06 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Origin
2014-09-03 17:47 - 2014-09-03 17:47 - 00000662 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 17:47 - 2014-09-03 17:47 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 17:17 - 2014-09-03 17:19 - 00000000 ____D () C:\Users\Plüming\Documents\MOHW
2014-09-03 17:16 - 2014-09-03 17:16 - 00000925 _____ () C:\Users\Plüming\Desktop\MOHW.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-30 16:10 - 2012-06-21 14:09 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-09-30 16:06 - 2012-06-20 17:47 - 01882574 _____ () C:\Windows\WindowsUpdate.log
2014-09-30 16:05 - 2013-06-10 14:05 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA.job
2014-09-30 15:56 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-30 15:56 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-30 15:50 - 2014-02-04 10:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-30 15:50 - 2012-06-20 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-30 15:50 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-30 15:50 - 2009-07-14 06:39 - 00079211 _____ () C:\Windows\setupact.log
2014-09-30 05:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-30 05:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-09-30 05:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-30 05:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-30 05:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-30 02:17 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\com
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\IME
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-30 01:18 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\DigitalLocker
2014-09-30 01:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-30 00:03 - 2010-02-09 21:56 - 00005908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 23:41 - 2012-06-20 18:26 - 00063160 _____ () C:\Users\Plüming\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-29 23:27 - 2009-07-14 06:33 - 00282056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-29 23:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-29 23:21 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-09-29 21:06 - 2013-06-10 14:05 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core.job
2014-09-29 18:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-09-29 10:21 - 2012-06-21 13:59 - 01548426 _____ () C:\Windows\PFRO.log
2014-09-28 20:19 - 2012-07-03 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-09-28 20:19 - 2012-06-20 18:08 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-28 20:10 - 2014-08-16 16:32 - 00000000 ____D () C:\ProgramData\VMware
2014-09-28 20:07 - 2012-06-21 15:25 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\BitTorrent
2014-09-26 17:17 - 2012-07-12 18:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-26 17:17 - 2012-07-12 18:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-26 17:02 - 2013-06-10 14:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-26 10:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-25 21:07 - 2013-06-10 14:07 - 00002328 _____ () C:\Users\Plüming\Desktop\Google Chrome.lnk
2014-09-15 19:56 - 2012-09-16 13:14 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-09-14 18:22 - 2013-08-05 17:29 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\vlc
2014-09-03 19:27 - 2012-09-16 13:46 - 00000000 ____D () C:\ProgramData\Origin
2014-09-03 18:06 - 2012-11-13 21:57 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\Origin
2014-09-03 17:47 - 2012-09-16 13:46 - 00002696 _____ () C:\Windows\KB893803v2.log
ZeroAccess:
C:\Users\Plüming\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install

Some content of TEMP:
====================
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0000.EXE
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0001.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2014-09-26 17:37

==================== End Of Log ============================
         
--- --- ---






und hier das addition.txt logfile



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014
Ran by Plüming (administrator) on PLÜMING-PC on 30-09-2014 16:17:54
Running from C:\Users\Plüming\Desktop
Loaded Profiles: Plüming & UpdatusUser (Available profiles: Plüming & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10988176 2012-05-28] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\..\Interfaces\{3860F474-5B69-428A-A1E7-8947840FB662}: [NameServer] 192.168.1.1,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694
FF NewTab: about:blank
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-26]

Chrome: 
=======
CHR HomePage: Default -> A7DFC7C678CF010D5063E4E10BA849D88884C0F8881BB687FC3F98F52235D772
CHR DefaultSearchKeyword: Default -> EDBB26270A8072B297BBDC25B42EFC63D9FD05577AFC5426BF01E46DFBA276E5
CHR DefaultSearchURL: Default -> D9F9DD74F4C8679A6EDD192DA50A5E78165EAF986E8274AE57EECD8C64A5E03C
CHR Plugin: (Shockwave Flash) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR CustomProfile: C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-08]
CHR Extension: (Google Wallet) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S4 RemoteAccess; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 SbieSvc; H:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
S2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437976 2014-06-12] (VMware, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] () [File not signed]
S2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [607168 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43728 2014-04-16] (COMODO)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-05-10] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [92656 2014-04-16] (COMODO)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [55848 2010-03-29] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
S3 SbieDrv; H:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]
S2 VMnetuserif; \??\C:\Windows\system32\drivers\vmnetuserif.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-30 16:17 - 2014-09-30 16:18 - 00009943 _____ () C:\Users\Plüming\Desktop\FRST.txt
2014-09-30 05:22 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-30 02:18 - 2014-09-30 02:19 - 00700726 _____ () C:\Windows\system32\prfh0416.dat
2014-09-30 02:18 - 2014-09-30 02:19 - 00145832 _____ () C:\Windows\system32\prfc0416.dat
2014-09-30 02:18 - 2014-09-30 02:17 - 00323154 _____ () C:\Windows\system32\prfi0416.dat
2014-09-30 02:18 - 2014-09-30 02:17 - 00038536 _____ () C:\Windows\system32\prfd0416.dat
2014-09-30 02:17 - 2014-09-30 05:34 - 00000000 ____D () C:\Windows\system32\Drivers\pt-BR
2014-09-30 02:17 - 2014-09-30 02:17 - 00000000 ____D () C:\Windows\pt-BR
2014-09-30 01:51 - 2014-09-30 01:51 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-09-30 01:51 - 2014-09-30 01:51 - 00000000 ____D () C:\Windows\ro-RO
2014-09-30 01:42 - 2014-09-30 01:42 - 00000000 ____D () C:\Windows\system32\Drivers\bg-BG
2014-09-30 01:42 - 2014-09-30 01:42 - 00000000 ____D () C:\Windows\bg-BG
2014-09-30 01:34 - 2014-09-30 02:19 - 00644510 _____ () C:\Windows\system32\perfh01F.dat
2014-09-30 01:34 - 2014-09-30 02:19 - 00138460 _____ () C:\Windows\system32\perfc01F.dat
2014-09-30 01:34 - 2014-09-30 01:32 - 00285034 _____ () C:\Windows\system32\perfi01F.dat
2014-09-30 01:34 - 2014-09-30 01:32 - 00037160 _____ () C:\Windows\system32\perfd01F.dat
2014-09-30 01:32 - 2014-09-30 05:34 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-09-30 01:32 - 2014-09-30 01:32 - 00000000 ____D () C:\Windows\tr-TR
2014-09-30 01:32 - 2014-09-30 01:32 - 00000000 ____D () C:\Windows\system32\tr
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\th-TH
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\system32\0409
2014-09-29 19:45 - 2014-09-29 19:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-29 19:37 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-29 19:37 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-09-29 19:37 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-29 19:37 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-29 19:37 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-09-29 19:36 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-29 19:36 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-29 19:35 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-29 19:35 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-29 19:23 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-09-29 19:23 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-29 19:09 - 2014-09-29 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-29 19:09 - 2014-09-29 19:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-29 19:09 - 2014-09-29 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-29 19:09 - 2014-09-29 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-29 19:09 - 2014-09-29 19:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-29 19:08 - 2014-09-29 19:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-29 19:08 - 2014-09-29 19:08 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-09-29 19:07 - 2014-09-29 19:07 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-09-29 19:06 - 2014-09-29 19:06 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-09-29 19:06 - 2014-09-29 19:06 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-09-29 19:03 - 2014-09-29 19:03 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-29 18:59 - 2014-09-29 18:59 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-29 18:56 - 2014-09-29 19:15 - 00015105 _____ () C:\Windows\IE11_main.log
2014-09-29 18:44 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-09-29 18:44 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-29 18:44 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-29 18:44 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-29 18:42 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-29 18:42 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-09-29 18:42 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-09-29 18:42 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-09-29 18:42 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-09-29 18:41 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-09-29 18:41 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-09-29 18:41 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-09-29 18:41 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-09-29 18:41 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-09-29 18:41 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-29 18:41 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-09-29 18:41 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-09-29 18:41 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-09-29 18:40 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-29 18:40 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-09-29 18:40 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-29 18:39 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-29 18:39 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-09-29 18:39 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-09-29 18:38 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-29 18:38 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-29 18:38 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-29 18:38 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-29 18:37 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-29 18:37 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-29 18:37 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-29 18:37 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-29 18:37 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-29 18:37 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-09-29 18:37 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-09-29 18:37 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-29 18:37 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-09-29 18:37 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-09-29 18:36 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-29 18:36 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-29 18:36 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-29 18:36 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-29 18:36 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-29 18:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-29 18:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-29 18:36 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-09-29 18:36 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-09-29 18:36 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-09-29 18:36 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-29 18:36 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-09-29 18:36 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-09-29 18:36 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-29 18:36 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-09-29 18:36 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-09-29 18:36 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-09-29 18:36 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-09-29 18:36 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-09-29 18:36 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-09-29 18:36 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-09-29 18:36 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-09-29 18:36 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-29 18:36 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-09-29 18:35 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-09-29 18:35 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-09-29 18:35 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-09-29 18:34 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-29 18:34 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-09-29 18:34 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-09-29 18:34 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-09-29 18:34 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-09-29 18:34 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-09-29 18:34 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-29 18:34 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-09-29 18:34 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-09-29 18:34 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-09-29 18:34 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-09-29 18:34 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-09-29 18:34 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-09-29 18:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-29 18:33 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-29 18:33 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-29 18:33 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-29 18:33 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-29 18:33 - 2014-05-08 11:06 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-29 18:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-29 18:33 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-29 18:33 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-29 18:33 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-29 18:33 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-29 18:33 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-29 18:33 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-29 18:33 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-29 18:33 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-29 18:33 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-29 18:33 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-29 18:33 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-09-29 18:33 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-29 18:33 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-09-29 18:33 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-29 18:33 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-29 18:33 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-09-29 18:32 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-29 18:32 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-29 18:32 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-29 18:32 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-29 18:32 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-29 18:32 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-09-29 18:32 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-09-29 18:32 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-29 18:32 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-29 18:32 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-29 18:32 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-09-29 18:32 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-09-29 18:32 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-09-29 18:32 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-29 18:32 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-09-29 18:32 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-29 18:32 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-29 18:28 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-29 18:28 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-29 18:28 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-29 18:28 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-29 18:28 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-29 18:28 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-29 18:28 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-29 18:07 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-29 18:00 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-09-29 18:00 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-09-29 18:00 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-09-29 18:00 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-09-29 18:00 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-09-29 17:52 - 2014-09-29 17:54 - 00000000 ____D () C:\ComboFix
2014-09-29 17:52 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-29 17:52 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-29 17:52 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-29 17:52 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-29 17:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-29 17:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-29 17:33 - 2014-09-30 04:52 - 00001071 _____ () C:\Users\Plüming\Desktop\Neues Textdokument.txt
2014-09-29 17:29 - 2014-09-29 17:29 - 00000332 _____ () C:\Start_.cmd
2014-09-29 17:28 - 2014-09-29 17:28 - 00000000 ____D () C:\Qoobox
2014-09-29 17:27 - 2014-09-29 17:54 - 00000000 ___SD () C:\32788R22FWJFW
2014-09-29 17:27 - 2014-09-29 17:27 - 00000000 ____D () C:\Windows\erdnt
2014-09-29 17:26 - 2014-09-29 17:26 - 05582345 ____R (Swearware) C:\Users\Plüming\Desktop\ComboFix.exe
2014-09-29 17:13 - 2014-09-29 17:13 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-28 18:55 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\LumacDaemon
2014-09-28 18:54 - 2014-09-28 18:54 - 00002687 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lumac.lnk
2014-09-28 18:54 - 2014-09-28 18:54 - 00002681 _____ () C:\Users\Public\Desktop\Lumac.lnk
2014-09-28 18:54 - 2014-09-28 18:54 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Firstload
2014-09-28 17:26 - 2014-09-28 17:27 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Plüming\Desktop\tdsskiller.exe
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\Abelssoft
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Abelssoft
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-28 17:03 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-09-28 17:03 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-09-27 18:21 - 2014-09-30 16:17 - 00000000 ____D () C:\FRST
2014-09-27 18:20 - 2014-09-27 18:20 - 01100288 _____ (Farbar) C:\Users\Plüming\Desktop\FRST.exe
2014-09-26 09:15 - 2014-09-26 09:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\VMware
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Local\VMware
2014-09-17 20:01 - 2014-09-17 20:02 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 20:01 - 2014-09-17 20:01 - 00000751 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-17 20:01 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-17 20:01 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-17 20:01 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 19:34 - 2014-09-15 19:34 - 00000000 ____D () C:\Users\Pl%C3%BCming
2014-09-15 19:30 - 2014-09-15 19:30 - 00000000 ____D () C:\Users\Plüming\Documents\Electronic Arts
2014-09-08 19:46 - 2014-09-08 19:46 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MakeTorrent 2.lnk
2014-09-03 17:51 - 2014-09-03 18:06 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Origin
2014-09-03 17:47 - 2014-09-03 17:47 - 00000662 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 17:47 - 2014-09-03 17:47 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 17:17 - 2014-09-03 17:19 - 00000000 ____D () C:\Users\Plüming\Documents\MOHW
2014-09-03 17:16 - 2014-09-03 17:16 - 00000925 _____ () C:\Users\Plüming\Desktop\MOHW.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-30 16:10 - 2012-06-21 14:09 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-09-30 16:06 - 2012-06-20 17:47 - 01882574 _____ () C:\Windows\WindowsUpdate.log
2014-09-30 16:05 - 2013-06-10 14:05 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA.job
2014-09-30 15:56 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-30 15:56 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-30 15:50 - 2014-02-04 10:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-30 15:50 - 2012-06-20 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-30 15:50 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-30 15:50 - 2009-07-14 06:39 - 00079211 _____ () C:\Windows\setupact.log
2014-09-30 05:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-30 05:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-09-30 05:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-30 05:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-30 05:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-30 02:17 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\com
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\IME
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-30 01:18 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\DigitalLocker
2014-09-30 01:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-30 00:03 - 2010-02-09 21:56 - 00005908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 23:41 - 2012-06-20 18:26 - 00063160 _____ () C:\Users\Plüming\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-29 23:27 - 2009-07-14 06:33 - 00282056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-29 23:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-29 23:21 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-09-29 21:06 - 2013-06-10 14:05 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core.job
2014-09-29 18:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-09-29 10:21 - 2012-06-21 13:59 - 01548426 _____ () C:\Windows\PFRO.log
2014-09-28 20:19 - 2012-07-03 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-09-28 20:19 - 2012-06-20 18:08 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-28 20:10 - 2014-08-16 16:32 - 00000000 ____D () C:\ProgramData\VMware
2014-09-28 20:07 - 2012-06-21 15:25 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\BitTorrent
2014-09-26 17:17 - 2012-07-12 18:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-26 17:17 - 2012-07-12 18:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-26 17:02 - 2013-06-10 14:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-26 10:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-25 21:07 - 2013-06-10 14:07 - 00002328 _____ () C:\Users\Plüming\Desktop\Google Chrome.lnk
2014-09-15 19:56 - 2012-09-16 13:14 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-09-14 18:22 - 2013-08-05 17:29 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\vlc
2014-09-03 19:27 - 2012-09-16 13:46 - 00000000 ____D () C:\ProgramData\Origin
2014-09-03 18:06 - 2012-11-13 21:57 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\Origin
2014-09-03 17:47 - 2012-09-16 13:46 - 00002696 _____ () C:\Windows\KB893803v2.log
ZeroAccess:
C:\Users\Plüming\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install

Some content of TEMP:
====================
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0000.EXE
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0001.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2014-09-26 17:37

==================== End Of Log ============================
         
--- --- ---









und noch etwas ist komisch.....
auf der festplatte C:\ schwangt der speicher.
ich mache garnix und hab manchmal weniger und manchmal
mehr speicher.
im moment hab ich 2,03GB speicher frei.
bevor ich mit FRST gescannt hatte eben waren es noch 2,40GB speicher.

oder: es sind im moment 6 wichtige updates verfügbar,da steht es sind
32,5MB zum runterladen.
wenn ich es runterlade,hört er mitten drinnen auf,
weil die festplatte voll ist...angeblich.
das ist unlogisch oder
jetzt hab ich nochmal aufm arbeitsplatz geguckt,
aber sonst nix gemacht oder geladen und es sind nur noch
1,98GB speicher.
und für die optionalen updates (über 40 stück)
ist natürlich auch kein platz.

ich will am liebsten auf E:\ oder F:\ meine updates haben.
aber ich kann nirgendwo die einstellung finden,
wie ich einen pfad auswählen kann.
wo finde ich die einstellung?


MFG

Alt 30.09.2014, 17:25   #10
M-K-D-B
/// TB-Ausbilder
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Servus,




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
    autoclean;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von Zoek,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


Das Trojaner-Board unterstützen

Alt 02.10.2014, 08:31   #11
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



zoek:


Zoek.exe v5.0.0.0 Updated 30-09-2014
Tool run by Plüming on 01.10.2014 at 19:07:47,11.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Plüming\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

01.10.2014 19:25:11 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PLMING~1\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694\prefs.js:
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.newtab.url", "about:blank");

Added to C:\Users\PLMING~1\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\PLMING~1\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694

user.js not found
---- Lines smartbar removed from prefs.js ----
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private
---- FireFox user.js and prefs.js backups ----

prefs__2351_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\Users\Plüming\AppData\Roaming\ICQ Search deleted
"C:\Windows\system32\appdata\Microsoft\Windows\IETldCache\index.dat" not deleted
"C:\Program Files\Java\bin\awt.dll" not deleted
"C:\Program Files\Java\bin\dcpr.dll" not deleted
"C:\Program Files\Java\bin\decora_sse.dll" not deleted
"C:\Program Files\Java\bin\deploy.dll" not deleted
"C:\Program Files\Java\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\bin\eula.dll" not deleted
"C:\Program Files\Java\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\bin\fxplugins.dll" not deleted
"C:\Program Files\Java\bin\glass.dll" not deleted
"C:\Program Files\Java\bin\glib-lite.dll" not deleted
"C:\Program Files\Java\bin\gstreamer-lite.dll" not deleted
"C:\Program Files\Java\bin\hprof.dll" not deleted
"C:\Program Files\Java\bin\installer.dll" not deleted
"C:\Program Files\Java\bin\instrument.dll" not deleted
"C:\Program Files\Java\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\bin\java.dll" not deleted
"C:\Program Files\Java\bin\java.exe" not deleted
"C:\Program Files\Java\bin\JavaAccessBridge.dll" not deleted
"C:\Program Files\Java\bin\javacpl.cpl" not deleted
"C:\Program Files\Java\bin\javacpl.exe" not deleted
"C:\Program Files\Java\bin\javafx_font.dll" not deleted
"C:\Program Files\Java\bin\javafx_font_t2k.dll" not deleted
"C:\Program Files\Java\bin\javafx_iio.dll" not deleted
"C:\Program Files\Java\bin\javaw.exe" not deleted
"C:\Program Files\Java\bin\javaws.exe" not deleted
"C:\Program Files\Java\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\bin\jawt.dll" not deleted
"C:\Program Files\Java\bin\JAWTAccessBridge.dll" not deleted
"C:\Program Files\Java\bin\jdwp.dll" not deleted
"C:\Program Files\Java\bin\jfr.dll" not deleted
"C:\Program Files\Java\bin\jfxmedia.dll" not deleted
"C:\Program Files\Java\bin\jfxwebkit.dll" not deleted
"C:\Program Files\Java\bin\jjs.exe" not deleted
"C:\Program Files\Java\bin\jli.dll" not deleted
"C:\Program Files\Java\bin\jp2iexp.dll" not deleted
"C:\Program Files\Java\bin\jp2launcher.exe" not deleted
"C:\Program Files\Java\bin\jp2native.dll" not deleted
"C:\Program Files\Java\bin\jp2ssv.dll" not deleted
"C:\Program Files\Java\bin\jpeg.dll" not deleted
"C:\Program Files\Java\bin\jsdt.dll" not deleted
"C:\Program Files\Java\bin\jsound.dll" not deleted
"C:\Program Files\Java\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\bin\kcms.dll" not deleted
"C:\Program Files\Java\bin\keytool.exe" not deleted
"C:\Program Files\Java\bin\kinit.exe" not deleted
"C:\Program Files\Java\bin\klist.exe" not deleted
"C:\Program Files\Java\bin\ktab.exe" not deleted
"C:\Program Files\Java\bin\lcms.dll" not deleted
"C:\Program Files\Java\bin\management.dll" not deleted
"C:\Program Files\Java\bin\mlib_image.dll" not deleted
"C:\Program Files\Java\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\bin\net.dll" not deleted
"C:\Program Files\Java\bin\nio.dll" not deleted
"C:\Program Files\Java\bin\npt.dll" not deleted
"C:\Program Files\Java\bin\orbd.exe" not deleted
"C:\Program Files\Java\bin\pack200.exe" not deleted
"C:\Program Files\Java\bin\policytool.exe" not deleted
"C:\Program Files\Java\bin\prism_common.dll" not deleted
"C:\Program Files\Java\bin\prism_d3d.dll" not deleted
"C:\Program Files\Java\bin\prism_es2.dll" not deleted
"C:\Program Files\Java\bin\prism_sw.dll" not deleted
"C:\Program Files\Java\bin\rmid.exe" not deleted
"C:\Program Files\Java\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\bin\servertool.exe" not deleted
"C:\Program Files\Java\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\bin\ssv.dll" not deleted
"C:\Program Files\Java\bin\ssvagent.exe" not deleted
"C:\Program Files\Java\bin\sunec.dll" not deleted
"C:\Program Files\Java\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\bin\t2k.dll" not deleted
"C:\Program Files\Java\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\bin\unpack.dll" not deleted
"C:\Program Files\Java\bin\unpack200.exe" not deleted
"C:\Program Files\Java\bin\verify.dll" not deleted
"C:\Program Files\Java\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\bin\WindowsAccessBridge.dll" not deleted
"C:\Program Files\Java\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\bin\zip.dll" not deleted
"C:\Program Files\Java\eclipse\eclipse.exe" not deleted
"C:\Program Files\Java\eclipse\eclipsec.exe" not deleted
"C:\Program Files\Java\lib\deploy.jar" not deleted
"C:\Program Files\Java\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\bin\dtplugin\deployJava1.dll" not deleted
"C:\Program Files\Java\bin\dtplugin\npdeployJava1.dll" not deleted
"C:\Program Files\Java\bin\plugin2\msvcr100.dll" not deleted
"C:\Program Files\Java\bin\plugin2\npjp2.dll" not deleted
"C:\Program Files\Java\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20140116-2212\eclipse_1503.dll" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin\ant.bat" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin\ant.cmd" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin\antenv.cmd" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin\antRun.bat" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin\envset.cmd" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin\lcp.bat" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin\runrc.cmd" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\appletviewer.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\apt.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\beanreg.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\extcheck.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\HtmlConverter.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\idlj.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jar.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jarsigner.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\javac.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\javadoc.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\javah.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\javap.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jconsole.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jdb.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jhat.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jinfo.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jmap.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jps.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jrunscript.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jstack.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jstat.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\jstatd.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\msvcr71.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\native2ascii.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\packager.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\rmic.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\schemagen.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\serialver.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\wsgen.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\wsimport.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\bin\xjc.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\embedded\bin\dblook.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\embedded\bin\ij.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\embedded\bin\setEmbeddedCP.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\embedded\bin\sysinfo.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\dblook.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\ij.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\NetworkServerControl.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\setNetworkClientCP.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\setNetworkServerCP.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\startNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\stopNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin\sysinfo.bat" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\gctest\lib\gctest.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\heapTracker\lib\heapTracker.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\heapViewer\lib\heapViewer.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\minst\lib\minst.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\mtrace\lib\mtrace.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\versionCheck\lib\versionCheck.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\waiters\lib\waiters.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\attach.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\awt.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\axbridge.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\cmm.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\dcpr.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\deploy.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\eula.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\hpi.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\hprof.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\instrument.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\ioser12.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\java.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\javacpl.cpl" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\javacpl.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jawt.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\JdbcOdbc.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jdwp.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jpeg.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jpicom.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jpiexp.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jpinscp.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jpioji.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jpishare.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jsound.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jucheck.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\jusched.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\management.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\msvcr71.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\net.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\nio.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npjava11.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npjava12.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npjava13.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npjava14.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npjava32.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npjpi160.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npoji610.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\npt.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\regutils.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\rmi.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\ssv.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\unicows.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\unpack.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\verify.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\zip.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\server\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.6.0\sample\scripting\scriptpad\src\scripts\memory.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\appletviewer.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\apt.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\beanreg.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\extcheck.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\idlj.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jar.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jarsigner.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\javac.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\javadoc.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\javafxpackager.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\javah.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\javap.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jcmd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jconsole.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jdb.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jhat.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jinfo.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jmap.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jps.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jrunscript.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jsadebugd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jstack.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jstat.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jstatd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\jvisualvm.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\native2ascii.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\packager.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\rmic.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\schemagen.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\serialver.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\wsgen.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\wsimport.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin\xjc.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\dblook.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\derby_common.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\ij.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\NetworkServerControl.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\setEmbeddedCP.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\setNetworkClientCP.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\setNetworkServerCP.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\startNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\stopNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin\sysinfo.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\attach.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\awt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\axbridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\dcpr.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\decora-d3d.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\decora-sse.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\deploy.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\eula.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\fxplugins.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\glass.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\glib-lite.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\gstreamer-lite.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\hprof.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\instrument.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\java.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\JavaAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\javacpl.cpl" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\javacpl.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\javafx-font.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\javafx-iio.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jawt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\JAWTAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\JdbcOdbc.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jdwp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jfr.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jfxmedia.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jfxwebkit.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jp2iexp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jp2launcher.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jp2native.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jp2ssv.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jpeg.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jpicom.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jpiexp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jpinscp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jpioji.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jpishare.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jqs.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jsdt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jsound.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\kcms.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\libxml2.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\libxslt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\management.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\mlib_image.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\net.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\nio.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\npjpi170_09.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\npoji610.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\npt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\prism-d3d.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\rmi.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\sawindbg.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\ssv.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\ssvagent.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\sunec.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\t2k.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\unpack.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\verify.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\WindowsAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\zip.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\lib\launcher.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\dtplugin\deployJava1.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\dtplugin\npdeployJava1.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\plugin2\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\plugin2\npjp2.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\server\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\lib\nbexec.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\lib\nbexec.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib\deployed\jdk15\windows\profilerinterface.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib\deployed\jdk16\windows\profilerinterface.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\appletviewer.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\apt.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\beanreg.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\extcheck.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\idlj.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jar.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jarsigner.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\javac.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\javadoc.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\javafxpackager.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\javah.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\javap.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jcmd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jconsole.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jdb.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jhat.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jinfo.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jmap.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jps.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jrunscript.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jsadebugd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jstack.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jstat.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jstatd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\jvisualvm.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\native2ascii.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\packager.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\rmic.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\schemagen.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\serialver.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\wsgen.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\wsimport.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin\xjc.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\dblook.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\derby_common.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\ij.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\NetworkServerControl.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\setEmbeddedCP.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\setNetworkClientCP.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\setNetworkServerCP.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\startNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\stopNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin\sysinfo.bat" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\attach.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\awt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\axbridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\dcpr.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\decora-d3d.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\decora-sse.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\deploy.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\eula.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\fxplugins.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\glass.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\glib-lite.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\gstreamer-lite.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\hprof.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\instrument.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\java.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\JavaAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\javacpl.cpl" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\javacpl.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\javafx-font.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\javafx-iio.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jawt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\JAWTAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\JdbcOdbc.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jdwp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jfr.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jfxmedia.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jfxwebkit.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jp2iexp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jp2launcher.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jp2native.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jp2ssv.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jpeg.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jpicom.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jpiexp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jpinscp.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jpioji.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jpishare.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jqs.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jsdt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jsound.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\kcms.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\libxml2.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\libxslt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\management.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\mlib_image.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\net.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\nio.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\npjpi170_10.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\npoji610.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\npt.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\prism-d3d.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\rmi.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\sawindbg.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\ssv.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\ssvagent.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\sunec.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\t2k.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\unpack.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\verify.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\WindowsAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\zip.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\lib\launcher.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\dtplugin\deployJava1.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\dtplugin\npdeployJava1.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\plugin2\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\plugin2\npjp2.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\server\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\platform\lib\nbexec.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\platform\lib\nbexec.exe" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib\deployed\jdk15\windows\profilerinterface.dll" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib\deployed\jdk16\windows\profilerinterface.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\appletviewer.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\extcheck.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\idlj.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jar.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jarsigner.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\javac.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\javadoc.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\javafxpackager.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\javah.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\javap.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jcmd.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jconsole.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jdb.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jdeps.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jhat.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jinfo.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jjs.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jmap.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jmc.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jps.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jrunscript.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jsadebugd.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jstack.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jstat.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jstatd.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\jvisualvm.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\native2ascii.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\rmic.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\schemagen.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\serialver.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\wsgen.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\wsimport.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin\xjc.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\dblook.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\derby_common.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\ij.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\NetworkServerControl.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\setEmbeddedCP.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\setNetworkClientCP.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\setNetworkServerCP.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\startNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\stopNetworkServer.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin\sysinfo.bat" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\attach.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\awt.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\dcpr.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\decora_sse.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\deploy.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\eula.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\fxplugins.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\glass.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\glib-lite.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\gstreamer-lite.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\hprof.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\instrument.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\java.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\java.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\JavaAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\javacpl.cpl" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\javacpl.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\javafx_font.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\javafx_font_t2k.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\javafx_iio.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\javaw.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\javaws.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jawt.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\JAWTAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jdwp.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jfr.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jfxmedia.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jfxwebkit.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jjs.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jli.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jp2iexp.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jp2launcher.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jp2native.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jp2ssv.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jpeg.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jsdt.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jsound.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\kcms.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\keytool.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\kinit.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\klist.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\ktab.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\lcms.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\management.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\mlib_image.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\net.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\nio.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\npt.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\orbd.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\pack200.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\policytool.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\prism_common.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\prism_d3d.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\prism_es2.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\prism_sw.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\rmid.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\sawindbg.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\servertool.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\ssv.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\ssvagent.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\sunec.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\t2k.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\unpack.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\verify.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\WindowsAccessBridge.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\zip.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\dtplugin\deployJava1.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\dtplugin\npdeployJava1.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\plugin2\msvcr100.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\plugin2\npjp2.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\server\jvm.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20120913-144807\eclipse_1503.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\platform\lib\nbexec.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\platform\lib\nbexec.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\platform\lib\nbexec64.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\platform\lib\nbexec64.exe" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib\deployed\jdk15\windows\profilerinterface.dll" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib\deployed\jdk16\windows\profilerinterface.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\awt.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\axbridge.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\cmm.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\dcpr.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\deploy.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\eula.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\hpi.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\hprof.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\instrument.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\ioser12.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\java.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\java.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\javacpl.cpl" not deleted
"C:\Program Files\Java\jre1.6.0\bin\javacpl.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\javaw.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\javaws.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jawt.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\JdbcOdbc.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jdwp.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jli.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jpeg.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jpicom.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jpiexp.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jpinscp.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jpioji.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jpishare.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jsound.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jucheck.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\jusched.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\keytool.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\kinit.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\klist.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\ktab.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\management.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\msvcr71.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\net.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\nio.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npjava11.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npjava12.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npjava13.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npjava14.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npjava32.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npoji610.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\npt.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\orbd.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\pack200.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\policytool.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\regutils.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\rmi.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\rmid.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\servertool.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\ssv.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\unpack.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jre1.6.0\bin\verify.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\zip.dll" not deleted
"C:\Program Files\Java\jre1.6.0\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\jre6\bin\awt.dll" not deleted
"C:\Program Files\Java\jre6\bin\axbridge.dll" not deleted
"C:\Program Files\Java\jre6\bin\cmm.dll" not deleted
"C:\Program Files\Java\jre6\bin\dcpr.dll" not deleted
"C:\Program Files\Java\jre6\bin\deploy.dll" not deleted
"C:\Program Files\Java\jre6\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\jre6\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\jre6\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\jre6\bin\hpi.dll" not deleted
"C:\Program Files\Java\jre6\bin\hprof.dll" not deleted
"C:\Program Files\Java\jre6\bin\instrument.dll" not deleted
"C:\Program Files\Java\jre6\bin\ioser12.dll" not deleted
"C:\Program Files\Java\jre6\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\jre6\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\jre6\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\jre6\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jre6\bin\java.dll" not deleted
"C:\Program Files\Java\jre6\bin\java.exe" not deleted
"C:\Program Files\Java\jre6\bin\javacpl.exe" not deleted
"C:\Program Files\Java\jre6\bin\javaw.exe" not deleted
"C:\Program Files\Java\jre6\bin\javaws.exe" not deleted
"C:\Program Files\Java\jre6\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\jre6\bin\jawt.dll" not deleted
"C:\Program Files\Java\jre6\bin\jbroker.exe" not deleted
"C:\Program Files\Java\jre6\bin\JdbcOdbc.dll" not deleted
"C:\Program Files\Java\jre6\bin\jdwp.dll" not deleted
"C:\Program Files\Java\jre6\bin\jkernel.dll" not deleted
"C:\Program Files\Java\jre6\bin\jli.dll" not deleted
"C:\Program Files\Java\jre6\bin\jp2iexp.dll" not deleted
"C:\Program Files\Java\jre6\bin\jp2launcher.exe" not deleted
"C:\Program Files\Java\jre6\bin\jp2native.dll" not deleted
"C:\Program Files\Java\jre6\bin\jp2ssv.dll" not deleted
"C:\Program Files\Java\jre6\bin\jpeg.dll" not deleted
"C:\Program Files\Java\jre6\bin\jpicom.dll" not deleted
"C:\Program Files\Java\jre6\bin\jpiexp.dll" not deleted
"C:\Program Files\Java\jre6\bin\jpinscp.dll" not deleted
"C:\Program Files\Java\jre6\bin\jpioji.dll" not deleted
"C:\Program Files\Java\jre6\bin\jpishare.dll" not deleted
"C:\Program Files\Java\jre6\bin\jqs.exe" not deleted
"C:\Program Files\Java\jre6\bin\jqsnotify.exe" not deleted
"C:\Program Files\Java\jre6\bin\jsound.dll" not deleted
"C:\Program Files\Java\jre6\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\jre6\bin\keytool.exe" not deleted
"C:\Program Files\Java\jre6\bin\kinit.exe" not deleted
"C:\Program Files\Java\jre6\bin\klist.exe" not deleted
"C:\Program Files\Java\jre6\bin\ktab.exe" not deleted
"C:\Program Files\Java\jre6\bin\management.dll" not deleted
"C:\Program Files\Java\jre6\bin\mlib_image.dll" not deleted
"C:\Program Files\Java\jre6\bin\msvcr71.dll" not deleted
"C:\Program Files\Java\jre6\bin\msvcrt.dll" not deleted
"C:\Program Files\Java\jre6\bin\net.dll" not deleted
"C:\Program Files\Java\jre6\bin\nio.dll" not deleted
"C:\Program Files\Java\jre6\bin\npjpi160_37.dll" not deleted
"C:\Program Files\Java\jre6\bin\npoji610.dll" not deleted
"C:\Program Files\Java\jre6\bin\npt.dll" not deleted
"C:\Program Files\Java\jre6\bin\orbd.exe" not deleted
"C:\Program Files\Java\jre6\bin\pack200.exe" not deleted
"C:\Program Files\Java\jre6\bin\policytool.exe" not deleted
"C:\Program Files\Java\jre6\bin\regutils.dll" not deleted
"C:\Program Files\Java\jre6\bin\rmi.dll" not deleted
"C:\Program Files\Java\jre6\bin\rmid.exe" not deleted
"C:\Program Files\Java\jre6\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jre6\bin\servertool.exe" not deleted
"C:\Program Files\Java\jre6\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\jre6\bin\ssv.dll" not deleted
"C:\Program Files\Java\jre6\bin\ssvagent.exe" not deleted
"C:\Program Files\Java\jre6\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\jre6\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jre6\bin\unicows.dll" not deleted
"C:\Program Files\Java\jre6\bin\unpack.dll" not deleted
"C:\Program Files\Java\jre6\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jre6\bin\verify.dll" not deleted
"C:\Program Files\Java\jre6\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\jre6\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\jre6\bin\zip.dll" not deleted
"C:\Program Files\Java\jre6\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\jre6\bin\dtplugin\deployJava1.dll" not deleted
"C:\Program Files\Java\jre6\bin\dtplugin\npdeployJava1.dll" not deleted
"C:\Program Files\Java\jre6\bin\plugin2\msvcr71.dll" not deleted
"C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll" not deleted
"C:\Program Files\Java\jre6\lib\deploy\lzma.dll" not deleted
"C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" not deleted
"C:\Program Files\Java\jre7\bin\awt.dll" not deleted
"C:\Program Files\Java\jre7\bin\axbridge.dll" not deleted
"C:\Program Files\Java\jre7\bin\dcpr.dll" not deleted
"C:\Program Files\Java\jre7\bin\decora-sse.dll" not deleted
"C:\Program Files\Java\jre7\bin\deploy.dll" not deleted
"C:\Program Files\Java\jre7\bin\dt_shmem.dll" not deleted
"C:\Program Files\Java\jre7\bin\dt_socket.dll" not deleted
"C:\Program Files\Java\jre7\bin\fontmanager.dll" not deleted
"C:\Program Files\Java\jre7\bin\fxplugins.dll" not deleted
"C:\Program Files\Java\jre7\bin\glass.dll" not deleted
"C:\Program Files\Java\jre7\bin\glib-lite.dll" not deleted
"C:\Program Files\Java\jre7\bin\gstreamer-lite.dll" not deleted
"C:\Program Files\Java\jre7\bin\hprof.dll" not deleted
"C:\Program Files\Java\jre7\bin\installer.dll" not deleted
"C:\Program Files\Java\jre7\bin\instrument.dll" not deleted
"C:\Program Files\Java\jre7\bin\j2pcsc.dll" not deleted
"C:\Program Files\Java\jre7\bin\j2pkcs11.dll" not deleted
"C:\Program Files\Java\jre7\bin\jaas_nt.dll" not deleted
"C:\Program Files\Java\jre7\bin\jabswitch.exe" not deleted
"C:\Program Files\Java\jre7\bin\java-rmi.exe" not deleted
"C:\Program Files\Java\jre7\bin\java.dll" not deleted
"C:\Program Files\Java\jre7\bin\java.exe" not deleted
"C:\Program Files\Java\jre7\bin\JavaAccessBridge.dll" not deleted
"C:\Program Files\Java\jre7\bin\javacpl.exe" not deleted
"C:\Program Files\Java\jre7\bin\javafx-font.dll" not deleted
"C:\Program Files\Java\jre7\bin\javafx-iio.dll" not deleted
"C:\Program Files\Java\jre7\bin\javaw.exe" not deleted
"C:\Program Files\Java\jre7\bin\javaws.exe" not deleted
"C:\Program Files\Java\jre7\bin\java_crw_demo.dll" not deleted
"C:\Program Files\Java\jre7\bin\jawt.dll" not deleted
"C:\Program Files\Java\jre7\bin\JAWTAccessBridge.dll" not deleted
"C:\Program Files\Java\jre7\bin\JdbcOdbc.dll" not deleted
"C:\Program Files\Java\jre7\bin\jdwp.dll" not deleted
"C:\Program Files\Java\jre7\bin\jfr.dll" not deleted
"C:\Program Files\Java\jre7\bin\jfxmedia.dll" not deleted
"C:\Program Files\Java\jre7\bin\jfxwebkit.dll" not deleted
"C:\Program Files\Java\jre7\bin\jli.dll" not deleted
"C:\Program Files\Java\jre7\bin\jp2iexp.dll" not deleted
"C:\Program Files\Java\jre7\bin\jp2launcher.exe" not deleted
"C:\Program Files\Java\jre7\bin\jp2native.dll" not deleted
"C:\Program Files\Java\jre7\bin\jp2ssv.dll" not deleted
"C:\Program Files\Java\jre7\bin\jpeg.dll" not deleted
"C:\Program Files\Java\jre7\bin\jpicom.dll" not deleted
"C:\Program Files\Java\jre7\bin\jpiexp.dll" not deleted
"C:\Program Files\Java\jre7\bin\jpinscp.dll" not deleted
"C:\Program Files\Java\jre7\bin\jpioji.dll" not deleted
"C:\Program Files\Java\jre7\bin\jpishare.dll" not deleted
"C:\Program Files\Java\jre7\bin\jqs.exe" not deleted
"C:\Program Files\Java\jre7\bin\jsdt.dll" not deleted
"C:\Program Files\Java\jre7\bin\jsound.dll" not deleted
"C:\Program Files\Java\jre7\bin\jsoundds.dll" not deleted
"C:\Program Files\Java\jre7\bin\kcms.dll" not deleted
"C:\Program Files\Java\jre7\bin\keytool.exe" not deleted
"C:\Program Files\Java\jre7\bin\kinit.exe" not deleted
"C:\Program Files\Java\jre7\bin\klist.exe" not deleted
"C:\Program Files\Java\jre7\bin\ktab.exe" not deleted
"C:\Program Files\Java\jre7\bin\libxml2.dll" not deleted
"C:\Program Files\Java\jre7\bin\libxslt.dll" not deleted
"C:\Program Files\Java\jre7\bin\management.dll" not deleted
"C:\Program Files\Java\jre7\bin\mlib_image.dll" not deleted
"C:\Program Files\Java\jre7\bin\msvcr100.dll" not deleted
"C:\Program Files\Java\jre7\bin\net.dll" not deleted
"C:\Program Files\Java\jre7\bin\nio.dll" not deleted
"C:\Program Files\Java\jre7\bin\npjpi170_25.dll" not deleted
"C:\Program Files\Java\jre7\bin\npoji610.dll" not deleted
"C:\Program Files\Java\jre7\bin\npt.dll" not deleted
"C:\Program Files\Java\jre7\bin\orbd.exe" not deleted
"C:\Program Files\Java\jre7\bin\pack200.exe" not deleted
"C:\Program Files\Java\jre7\bin\policytool.exe" not deleted
"C:\Program Files\Java\jre7\bin\prism-d3d.dll" not deleted
"C:\Program Files\Java\jre7\bin\rmi.dll" not deleted
"C:\Program Files\Java\jre7\bin\rmid.exe" not deleted
"C:\Program Files\Java\jre7\bin\rmiregistry.exe" not deleted
"C:\Program Files\Java\jre7\bin\servertool.exe" not deleted
"C:\Program Files\Java\jre7\bin\splashscreen.dll" not deleted
"C:\Program Files\Java\jre7\bin\ssv.dll" not deleted
"C:\Program Files\Java\jre7\bin\ssvagent.exe" not deleted
"C:\Program Files\Java\jre7\bin\sunec.dll" not deleted
"C:\Program Files\Java\jre7\bin\sunmscapi.dll" not deleted
"C:\Program Files\Java\jre7\bin\t2k.dll" not deleted
"C:\Program Files\Java\jre7\bin\tnameserv.exe" not deleted
"C:\Program Files\Java\jre7\bin\unpack.dll" not deleted
"C:\Program Files\Java\jre7\bin\unpack200.exe" not deleted
"C:\Program Files\Java\jre7\bin\verify.dll" not deleted
"C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll" not deleted
"C:\Program Files\Java\jre7\bin\WindowsAccessBridge.dll" not deleted
"C:\Program Files\Java\jre7\bin\wsdetect.dll" not deleted
"C:\Program Files\Java\jre7\bin\zip.dll" not deleted
"C:\Program Files\Java\jre7\bin\client\jvm.dll" not deleted
"C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll" not deleted
"C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll" not deleted
"C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll" not deleted
"C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll" not deleted
"C:\Users\Plüming\AppData\Roaming\Dev-Cpp" deleted
"C:\Windows\system32\appdata" not deleted
"C:\Program Files\Java" not deleted
"C:\Windows\system32\appdata\Microsoft" not deleted
"C:\Windows\system32\appdata\Microsoft\Windows" not deleted
"C:\Windows\system32\appdata\Microsoft\Windows\IETldCache" not deleted
"C:\Program Files\Java\bin" not deleted
"C:\Program Files\Java\eclipse" not deleted
"C:\Program Files\Java\jdk1.6.0" not deleted
"C:\Program Files\Java\jdk1.7.0_09" not deleted
"C:\Program Files\Java\jdk1.7.0_10" not deleted
"C:\Program Files\Java\jdk1.8.0_05" not deleted
"C:\Program Files\Java\jre1.6.0" not deleted
"C:\Program Files\Java\jre6" not deleted
"C:\Program Files\Java\jre7" not deleted
"C:\Program Files\Java\lib" not deleted
"C:\Program Files\Java\bin\client" not deleted
"C:\Program Files\Java\bin\dtplugin" not deleted
"C:\Program Files\Java\bin\plugin2" not deleted
"C:\Program Files\Java\eclipse\plugins" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030" not deleted
"C:\Program Files\Java\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20140116-2212" not deleted
"C:\Program Files\Java\eclipse\plugins\org.apache.ant_1.8.4.v201303080030\bin" not deleted
"C:\Program Files\Java\jdk1.6.0\bin" not deleted
"C:\Program Files\Java\jdk1.6.0\db" not deleted
"C:\Program Files\Java\jdk1.6.0\demo" not deleted
"C:\Program Files\Java\jdk1.6.0\jre" not deleted
"C:\Program Files\Java\jdk1.6.0\sample" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\embedded" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\embedded\bin" not deleted
"C:\Program Files\Java\jdk1.6.0\db\frameworks\NetworkServer\bin" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\gctest" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\heapTracker" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\heapViewer" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\minst" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\mtrace" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\versionCheck" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\waiters" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\gctest\lib" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\heapTracker\lib" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\heapViewer\lib" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\minst\lib" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\mtrace\lib" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\versionCheck\lib" not deleted
"C:\Program Files\Java\jdk1.6.0\demo\jvmti\waiters\lib" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\client" not deleted
"C:\Program Files\Java\jdk1.6.0\jre\bin\server" not deleted
"C:\Program Files\Java\jdk1.6.0\sample\scripting" not deleted
"C:\Program Files\Java\jdk1.6.0\sample\scripting\scriptpad" not deleted
"C:\Program Files\Java\jdk1.6.0\sample\scripting\scriptpad\src" not deleted
"C:\Program Files\Java\jdk1.6.0\sample\scripting\scriptpad\src\scripts" not deleted
"C:\Program Files\Java\jdk1.7.0_09\bin" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_09\db\bin" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\client" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\dtplugin" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\plugin2" not deleted
"C:\Program Files\Java\jdk1.7.0_09\jre\bin\server" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\platform" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib\deployed" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib\deployed\jdk15" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib\deployed\jdk16" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib\deployed\jdk15\windows" not deleted
"C:\Program Files\Java\jdk1.7.0_09\lib\visualvm\profiler\lib\deployed\jdk16\windows" not deleted
"C:\Program Files\Java\jdk1.7.0_10\bin" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_10\db\bin" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\client" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\dtplugin" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\plugin2" not deleted
"C:\Program Files\Java\jdk1.7.0_10\jre\bin\server" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\platform" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\platform\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib\deployed" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib\deployed\jdk15" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib\deployed\jdk16" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib\deployed\jdk15\windows" not deleted
"C:\Program Files\Java\jdk1.7.0_10\lib\visualvm\profiler\lib\deployed\jdk16\windows" not deleted
"C:\Program Files\Java\jdk1.8.0_05\bin" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib" not deleted
"C:\Program Files\Java\jdk1.8.0_05\db\bin" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\client" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\dtplugin" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\plugin2" not deleted
"C:\Program Files\Java\jdk1.8.0_05\jre\bin\server" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\missioncontrol" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\missioncontrol\plugins" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20120913-144807" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\platform" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\platform\lib" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib\deployed" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib\deployed\jdk15" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib\deployed\jdk16" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib\deployed\jdk15\windows" not deleted
"C:\Program Files\Java\jdk1.8.0_05\lib\visualvm\profiler\lib\deployed\jdk16\windows" not deleted
"C:\Program Files\Java\jre1.6.0\bin" not deleted
"C:\Program Files\Java\jre1.6.0\bin\client" not deleted
"C:\Program Files\Java\jre6\bin" not deleted
"C:\Program Files\Java\jre6\lib" not deleted
"C:\Program Files\Java\jre6\bin\client" not deleted
"C:\Program Files\Java\jre6\bin\dtplugin" not deleted
"C:\Program Files\Java\jre6\bin\plugin2" not deleted
"C:\Program Files\Java\jre6\lib\deploy" not deleted
"C:\Program Files\Java\jre6\lib\deploy\jqs" not deleted
"C:\Program Files\Java\jre6\lib\deploy\jqs\ie" not deleted
"C:\Program Files\Java\jre7\bin" not deleted
"C:\Program Files\Java\jre7\bin\client" not deleted
"C:\Program Files\Java\jre7\bin\dtplugin" not deleted
"C:\Program Files\Java\jre7\bin\plugin2" not deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
37253D8214105EFD00B49AA38FB41638 - C:\Program Files\Java\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U5
30E2DF523975AD5D060B8E49049B6B92 - C:\Program Files\Java\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.50.13
260488E2BC07C276D1EDD54CCA086809 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
5373B9AC92779CE4B6FF9051C3516989 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
052DB5027EAE1AE6FBF02E347AAF1CD7 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in


==== Chromium Look ======================

Google Voice Search Hotword (Beta) - Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com/"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="hxxp://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ deleted successfully

==== Empty IE Cache ======================

Alt 02.10.2014, 08:32   #12
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



C:\Users\Plüming\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Plüming\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Plüming\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Plüming\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Plüming\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJJ8LL4A will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2EB8FMEX will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWKWSHJ8 will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NUSX5BXZ will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z7VPQVIH will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\39I36IQV will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6VDGBN0O will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94SSLK7A will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C9VDOM5U will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Plüming\AppData\Local\Mozilla\Firefox\Profiles\pczmexpb.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================


==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pl%C3%BCming\AppData\Local\Temp emptied successfully
C:\Users\Plüming\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 10/06/2013 um 16:23:48 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzer : Plüming - PLÜMING-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Plüming\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Ordner Gelöscht : C:\Program Files\BabylonToolbar
Ordner Gelöscht : C:\Program Files\Claro LTD
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\Plüming\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\Plüming\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Plüming\AppData\Roaming\Claro
Ordner Gelöscht : C:\Users\Plüming\AppData\Roaming\Funmoods
Ordner Gelöscht : C:\Users\Plüming\AppData\Roaming\yourfiledownloader

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\25976~1.107\{c16c1~1\mngr.dll
Schlüssel Gelöscht : HKCU\Software\9558fd0b56fbe45
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\ClaroDirectory
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\9558fd0b56fbe45
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Funmoods
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16448

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [3385 octets] - [10/06/2013 16:23:48]

########## EOF - C:\AdwCleaner[S1].txt - [3445 octets] ##########
         
--- --- ---










<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2014/10/01 18:14:04 +0200</date>

<logfile>mbam-log-2014-10-01 (18-14-02).xml</logfile>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.00.2.1012</version>

<malware-database>v2014.10.01.06</malware-database>

<rootkit-database>v2014.09.19.01</rootkit-database>

<license>free</license>

<file-protection>disabled</file-protection>

<web-protection>disabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x86</arch>

<username>Plüming</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>335327</objects>

<time>909</time>

<processes>0</processes>

<modules>0</modules>

<keys>0</keys>

<values>0</values>

<datas>0</datas>

<folders>18</folders>

<files>18</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>enabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>warn</pup>

<pum>enabled</pum>

</options>


-<items>


-<folder>

<path>c:\windows\$ntuninstallkb14099$\2765132739</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>0283e40b3249e35322ab54ac7c84f30d</hash>

</folder>


-<folder>

<path>c:\windows\$ntuninstallkb14099$\2765132739\l</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>0283e40b3249e35322ab54ac7c84f30d</hash>

</folder>


-<folder>

<path>c:\windows\$ntuninstallkb14099$\2765132739\u</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>0283e40b3249e35322ab54ac7c84f30d</hash>

</folder>


-<folder>

<path>c:\windows\$ntuninstallkb14099$\828166045</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>6a1b79766318e6504886629ee51b0bf5</hash>

</folder>


-<folder>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>256002ed017a78beada6ec166898e917</hash>

</folder>


-<folder>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>256002ed017a78beada6ec166898e917</hash>

</folder>


-<folder>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>256002ed017a78beada6ec166898e917</hash>

</folder>


-<folder>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>256002ed017a78beada6ec166898e917</hash>

</folder>


-<folder>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\L</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>256002ed017a78beada6ec166898e917</hash>

</folder>


-<folder>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\U</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>256002ed017a78beada6ec166898e917</hash>

</folder>


-<folder>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>44412dc2f18a3ff787cde51dfa065da3</hash>

</folder>


-<folder>

<path>c:\program files\google\desktop\install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ </path>

<vendor>Trojan.0Access</vendor>

<action>delete-on-reboot</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</folder>


-<folder>

<path>c:\program files\google\desktop\install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</folder>


-<folder>

<path>c:\program files\google\desktop\install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</folder>


-<folder>

<path>c:\program files\google\desktop\install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</folder>


-<folder>

<path>c:\program files\google\desktop\install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\l</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</folder>


-<folder>

<path>c:\program files\google\desktop\install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\u</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</folder>


-<folder>

<path>C:\Program Files\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>a1e4f2fda7d42a0c1343ab5746ba34cc</hash>

</folder>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\l\00000004.@</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>bcc9be313249b0866d58fa06f10f936d</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\l\201d3dde</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>a2e310df1c5f0e28f2d3ef1127d912ee</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\l\4cce1f70</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>097c777895e6e74f04c156aa6a969d63</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\l\6715e287</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>8203737c235887afe1e425db5da3df21</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\l\76603ac3</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>f392915e82f9ac8a18ad1ee2f10f7a86</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\l\xadqgnnk</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>4d38be31205b1620b1149c64f50b49b7</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\u\00000004.@</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>f88dbf3078032115dbe8996737c9649c</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\u\00000008.@</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>fc89d11e5b20d16514afeb1542be4eb2</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\u\000000cb.@</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>f0956c83a9d22f07c4ffe71910f0c838</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\u\80000000.@</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>b6cf07e87308f0464e752ed259a7a25e</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\u\80000032.@</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>a1e4896637442e0803c08977bc44c040</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\@</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>0283e40b3249e35322ab54ac7c84f30d</hash>

</file>


-<file>

<path>c:\windows\$ntuninstallkb14099$\2765132739\desktop.ini</path>

<vendor>Backdoor.0Access</vendor>

<action>success</action>

<hash>0283e40b3249e35322ab54ac7c84f30d</hash>

</file>


-<file>

<path>C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\@</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>256002ed017a78beada6ec166898e917</hash>

</file>


-<file>

<path>c:\Program Files\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\@</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</file>


-<file>

<path>c:\Program Files\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\L\201d3dde</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</file>


-<file>

<path>c:\Program Files\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\L\6715e287</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</file>


-<file>

<path>c:\Program Files\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\ \...\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\L\76603ac3</path>

<vendor>Trojan.0Access</vendor>

<action>success</action>

<hash>285d41aebebda591322340c29a66b050</hash>

</file>

</items>

</mbam-log>






FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014
Ran by Plüming (administrator) on PLÜMING-PC on 02-10-2014 06:54:29
Running from C:\Users\Plüming\Desktop
Loaded Profiles: Plüming & UpdatusUser (Available profiles: Plüming & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10988176 2012-05-28] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\..\Interfaces\{3860F474-5B69-428A-A1E7-8947840FB662}: [NameServer] 192.168.1.1,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Plüming\AppData\Roaming\Mozilla\Firefox\Profiles\rjigi514.default-1370874045694
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-26]

Chrome: 
=======
CHR CustomProfile: C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-08]
CHR Extension: (Google Wallet) - C:\Users\Plüming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S2 SbieSvc; H:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
S2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437976 2014-06-12] (VMware, Inc.)
S2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [607168 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43728 2014-04-16] (COMODO)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-05-10] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [92656 2014-04-16] (COMODO)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [55848 2010-03-29] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
S3 SbieDrv; H:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]
S2 VMnetuserif; \??\C:\Windows\system32\drivers\vmnetuserif.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 06:54 - 2014-10-02 06:56 - 00008668 _____ () C:\Users\Plüming\Desktop\FRST.txt
2014-10-02 06:53 - 2014-10-02 05:57 - 00082639 _____ () C:\Users\Plüming\Desktop\zoek-results.log
2014-10-02 00:58 - 2014-10-02 03:59 - 00054040 _____ () C:\files.log
2014-10-01 23:43 - 2014-10-02 05:57 - 00046819 _____ () C:\folders.log
2014-10-01 23:43 - 2014-10-02 05:57 - 00000000 ____D () C:\zoek
2014-10-01 19:23 - 2014-10-02 05:57 - 00082639 _____ () C:\zoek-results.log
2014-10-01 18:51 - 2014-10-02 00:07 - 00000000 ____D () C:\zoek_backup
2014-10-01 18:48 - 2014-10-01 18:48 - 01290752 _____ () C:\Users\Plüming\Desktop\zoek.exe
2014-10-01 18:31 - 2014-10-01 18:31 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\fhtyy.sys
2014-10-01 18:30 - 2014-10-01 18:31 - 00018168 _____ () C:\mbam-log-2014-10-01 (18-14-02).xml
2014-10-01 18:30 - 2014-10-01 18:30 - 00006494 _____ () C:\Users\Plüming\Desktop\mbam.txt
2014-10-01 18:13 - 2014-10-01 18:31 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-10-01 18:13 - 2014-10-01 18:13 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-01 18:13 - 2014-10-01 18:13 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-01 18:13 - 2014-10-01 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-01 18:13 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 18:13 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 18:13 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-01 18:10 - 2014-10-01 18:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Plüming\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-01 17:33 - 2014-10-01 17:33 - 00007954 _____ () C:\Users\Plüming\Desktop\AdwCleaner[S0].txt
2014-10-01 17:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-10-01 17:18 - 2014-10-01 17:25 - 00000000 ____D () C:\AdwCleaner
2014-10-01 17:16 - 2014-10-01 17:16 - 00000000 __SHD () C:\Users\Plüming\AppData\Local\EmieUserList
2014-10-01 17:16 - 2014-10-01 17:16 - 00000000 __SHD () C:\Users\Plüming\AppData\Local\EmieSiteList
2014-10-01 14:49 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 18:27 - 2014-09-30 18:27 - 01373475 _____ () C:\Users\Plüming\Desktop\AdwCleaner_3.310.exe
2014-09-30 17:21 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-30 17:20 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-30 16:32 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-30 16:31 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-30 16:31 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-30 16:31 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-09-30 16:31 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-30 16:29 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-09-30 05:22 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-30 02:18 - 2014-09-30 02:19 - 00700726 _____ () C:\Windows\system32\prfh0416.dat
2014-09-30 02:18 - 2014-09-30 02:19 - 00145832 _____ () C:\Windows\system32\prfc0416.dat
2014-09-30 02:18 - 2014-09-30 02:17 - 00323154 _____ () C:\Windows\system32\prfi0416.dat
2014-09-30 02:18 - 2014-09-30 02:17 - 00038536 _____ () C:\Windows\system32\prfd0416.dat
2014-09-30 02:17 - 2014-09-30 05:34 - 00000000 ____D () C:\Windows\system32\Drivers\pt-BR
2014-09-30 02:17 - 2014-09-30 02:17 - 00000000 ____D () C:\Windows\pt-BR
2014-09-30 01:51 - 2014-09-30 01:51 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-09-30 01:51 - 2014-09-30 01:51 - 00000000 ____D () C:\Windows\ro-RO
2014-09-30 01:42 - 2014-09-30 01:42 - 00000000 ____D () C:\Windows\system32\Drivers\bg-BG
2014-09-30 01:42 - 2014-09-30 01:42 - 00000000 ____D () C:\Windows\bg-BG
2014-09-30 01:34 - 2014-09-30 02:19 - 00644510 _____ () C:\Windows\system32\perfh01F.dat
2014-09-30 01:34 - 2014-09-30 02:19 - 00138460 _____ () C:\Windows\system32\perfc01F.dat
2014-09-30 01:34 - 2014-09-30 01:32 - 00285034 _____ () C:\Windows\system32\perfi01F.dat
2014-09-30 01:34 - 2014-09-30 01:32 - 00037160 _____ () C:\Windows\system32\perfd01F.dat
2014-09-30 01:32 - 2014-09-30 05:34 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-09-30 01:32 - 2014-09-30 01:32 - 00000000 ____D () C:\Windows\tr-TR
2014-09-30 01:32 - 2014-09-30 01:32 - 00000000 ____D () C:\Windows\system32\tr
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\th-TH
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-09-30 01:18 - 2014-09-30 01:18 - 00000000 ____D () C:\Windows\system32\0409
2014-09-29 19:45 - 2014-09-29 19:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-29 19:37 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-29 19:37 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-29 19:37 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-09-29 19:37 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-29 19:37 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-29 19:37 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-09-29 19:36 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-29 19:36 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-29 19:35 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-29 19:35 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-29 19:23 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-09-29 19:23 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-29 19:09 - 2014-09-29 19:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-29 19:09 - 2014-09-29 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-29 19:09 - 2014-09-29 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-29 19:09 - 2014-09-29 19:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-29 19:09 - 2014-09-29 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-29 19:08 - 2014-09-29 19:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-29 19:08 - 2014-09-29 19:08 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-29 19:08 - 2014-09-29 19:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-29 19:08 - 2014-09-29 19:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-09-29 19:07 - 2014-09-29 19:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-09-29 19:07 - 2014-09-29 19:07 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-09-29 19:06 - 2014-09-29 19:06 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-09-29 19:06 - 2014-09-29 19:06 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-09-29 19:03 - 2014-09-29 19:03 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-29 19:03 - 2014-09-29 19:03 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-29 18:59 - 2014-09-29 18:59 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-29 18:56 - 2014-09-29 19:15 - 00015105 _____ () C:\Windows\IE11_main.log
2014-09-29 18:44 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-09-29 18:44 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-29 18:44 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-29 18:44 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-29 18:44 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-29 18:42 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-29 18:42 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-09-29 18:42 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-09-29 18:42 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-09-29 18:42 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-09-29 18:41 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-09-29 18:41 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-09-29 18:41 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-09-29 18:41 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-09-29 18:41 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-09-29 18:41 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-29 18:41 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-09-29 18:41 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-09-29 18:41 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-09-29 18:40 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-29 18:40 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-09-29 18:40 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-29 18:39 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-29 18:39 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-09-29 18:39 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-09-29 18:39 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-09-29 18:38 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-29 18:38 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-29 18:38 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-29 18:38 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-29 18:38 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-29 18:37 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-29 18:37 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-29 18:37 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-29 18:37 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-29 18:37 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-29 18:37 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-09-29 18:37 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-09-29 18:37 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-29 18:37 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-09-29 18:37 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-09-29 18:36 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-29 18:36 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-29 18:36 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-29 18:36 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-29 18:36 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-29 18:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-29 18:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-29 18:36 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-09-29 18:36 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-09-29 18:36 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-09-29 18:36 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-29 18:36 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-09-29 18:36 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-09-29 18:36 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-29 18:36 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-09-29 18:36 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-09-29 18:36 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-09-29 18:36 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-09-29 18:36 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-09-29 18:36 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-09-29 18:36 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-09-29 18:36 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-09-29 18:36 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-29 18:36 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-09-29 18:35 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-09-29 18:35 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-09-29 18:35 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-09-29 18:35 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-09-29 18:35 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-09-29 18:34 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-29 18:34 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-09-29 18:34 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-09-29 18:34 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-09-29 18:34 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-09-29 18:34 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-09-29 18:34 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-09-29 18:34 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-29 18:34 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-09-29 18:34 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-09-29 18:34 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-09-29 18:34 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-09-29 18:34 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-09-29 18:34 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-09-29 18:34 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-09-29 18:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-29 18:33 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-29 18:33 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-29 18:33 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-29 18:33 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-29 18:33 - 2014-05-08 11:06 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-29 18:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-29 18:33 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-29 18:33 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-29 18:33 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-29 18:33 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-29 18:33 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-29 18:33 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-29 18:33 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-29 18:33 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-29 18:33 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-29 18:33 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-29 18:33 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-09-29 18:33 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-29 18:33 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-09-29 18:33 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-29 18:33 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-29 18:33 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-09-29 18:32 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-29 18:32 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-29 18:32 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-29 18:32 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-29 18:32 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-09-29 18:32 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-29 18:32 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-09-29 18:32 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-09-29 18:32 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-29 18:32 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-29 18:32 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-29 18:32 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-29 18:32 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-09-29 18:32 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-09-29 18:32 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-09-29 18:32 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-29 18:32 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-09-29 18:32 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-29 18:32 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-29 18:28 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-29 18:28 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-29 18:28 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-29 18:28 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-29 18:28 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-29 18:28 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-29 18:28 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-29 18:07 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-29 18:00 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-09-29 18:00 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-09-29 18:00 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-09-29 18:00 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-09-29 18:00 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-09-29 18:00 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-09-29 17:52 - 2014-09-29 17:54 - 00000000 ____D () C:\ComboFix
2014-09-29 17:52 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-29 17:52 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-29 17:52 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-29 17:52 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-29 17:50 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-29 17:50 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-29 17:50 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-29 17:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-29 17:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-29 17:33 - 2014-10-02 06:51 - 00001659 _____ () C:\Users\Plüming\Desktop\Neues Textdokument.txt
2014-09-29 17:29 - 2014-09-29 17:29 - 00000332 _____ () C:\Start_.cmd
2014-09-29 17:28 - 2014-09-29 17:28 - 00000000 ____D () C:\Qoobox
2014-09-29 17:27 - 2014-09-29 17:54 - 00000000 ___SD () C:\32788R22FWJFW
2014-09-29 17:27 - 2014-09-29 17:27 - 00000000 ____D () C:\Windows\erdnt
2014-09-29 17:26 - 2014-09-29 17:26 - 05582345 ____R (Swearware) C:\Users\Plüming\Desktop\ComboFix.exe
2014-09-29 17:13 - 2014-09-29 17:13 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-28 18:55 - 2014-09-30 19:01 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\LumacDaemon
2014-09-28 18:54 - 2014-09-28 18:54 - 00002687 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lumac.lnk
2014-09-28 18:54 - 2014-09-28 18:54 - 00002681 _____ () C:\Users\Public\Desktop\Lumac.lnk
2014-09-28 18:54 - 2014-09-28 18:54 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Firstload
2014-09-28 17:26 - 2014-09-28 17:27 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Plüming\Desktop\tdsskiller.exe
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\Abelssoft
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Abelssoft
2014-09-28 17:04 - 2014-09-28 17:04 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-28 17:03 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-09-28 17:03 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-09-27 18:21 - 2014-10-02 06:54 - 00000000 ____D () C:\FRST
2014-09-27 18:20 - 2014-09-27 18:20 - 01100288 _____ (Farbar) C:\Users\Plüming\Desktop\FRST.exe
2014-09-26 09:15 - 2014-09-26 09:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\VMware
2014-09-17 21:07 - 2014-09-17 21:09 - 00000000 ____D () C:\Users\Plüming\AppData\Local\VMware
2014-09-15 19:34 - 2014-09-15 19:34 - 00000000 ____D () C:\Users\Pl%C3%BCming
2014-09-15 19:30 - 2014-09-15 19:30 - 00000000 ____D () C:\Users\Plüming\Documents\Electronic Arts
2014-09-08 19:46 - 2014-09-08 19:46 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MakeTorrent 2.lnk
2014-09-03 17:51 - 2014-09-03 18:06 - 00000000 ____D () C:\Users\Plüming\AppData\Local\Origin
2014-09-03 17:47 - 2014-09-03 17:47 - 00000662 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-03 17:47 - 2014-09-03 17:47 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 17:17 - 2014-09-03 17:19 - 00000000 ____D () C:\Users\Plüming\Documents\MOHW
2014-09-03 17:16 - 2014-09-03 17:16 - 00000925 _____ () C:\Users\Plüming\Desktop\MOHW.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 06:48 - 2012-06-21 14:09 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-10-02 06:44 - 2012-06-20 17:47 - 01467259 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 06:44 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 06:44 - 2009-07-14 06:34 - 00027168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 06:39 - 2014-02-04 10:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-10-02 06:39 - 2012-06-20 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-02 06:39 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 06:39 - 2009-07-14 06:39 - 00079603 _____ () C:\Windows\setupact.log
2014-10-02 06:05 - 2013-06-10 14:05 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA.job
2014-10-02 06:00 - 2012-06-21 13:59 - 01560842 _____ () C:\Windows\PFRO.log
2014-10-02 04:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-10-02 00:08 - 2012-12-04 17:16 - 00000000 ____D () C:\Program Files\Java
2014-10-01 21:04 - 2013-06-10 14:05 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core.job
2014-10-01 18:31 - 2009-07-14 04:37 - 00000000 _SHDC () C:\Windows\$NtUninstallKB14099$
2014-10-01 18:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Cursors
2014-09-30 17:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-30 17:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-30 17:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-30 17:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-09-30 17:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-30 17:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-30 02:17 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-30 02:17 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-30 02:17 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\com
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\IME
2014-09-30 02:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-30 01:18 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\DigitalLocker
2014-09-30 01:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-30 00:03 - 2010-02-09 21:56 - 00005908 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 23:41 - 2012-06-20 18:26 - 00063160 _____ () C:\Users\Plüming\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-29 23:27 - 2009-07-14 06:33 - 00282056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-29 23:21 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-09-29 23:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-09-29 23:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-09-28 20:19 - 2012-07-03 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-09-28 20:19 - 2012-06-20 18:08 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-28 20:10 - 2014-08-16 16:32 - 00000000 ____D () C:\ProgramData\VMware
2014-09-28 20:07 - 2012-06-21 15:25 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\BitTorrent
2014-09-26 17:17 - 2012-07-12 18:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-26 17:17 - 2012-07-12 18:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-26 17:02 - 2013-06-10 14:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-26 10:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-25 21:07 - 2013-06-10 14:07 - 00002328 _____ () C:\Users\Plüming\Desktop\Google Chrome.lnk
2014-09-15 19:56 - 2012-09-16 13:14 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-09-14 18:22 - 2013-08-05 17:29 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\vlc
2014-09-03 19:27 - 2012-09-16 13:46 - 00000000 ____D () C:\ProgramData\Origin
2014-09-03 18:06 - 2012-11-13 21:57 - 00000000 ____D () C:\Users\Plüming\AppData\Roaming\Origin
2014-09-03 17:47 - 2012-09-16 13:46 - 00002696 _____ () C:\Windows\KB893803v2.log

Some content of TEMP:
====================
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0000.EXE
C:\Users\Plüming\AppData\Local\Temp\NERO_TMP_0001.EXE
C:\Users\Plüming\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 17:37

==================== End Of Log ============================
         
--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2014
Ran by Plüming at 2014-10-02 06:57:56
Running from C:\Users\Plüming\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Enabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
ArcaniA - Fall of Setarrif (HKLM\...\{BA1F2D65-B22F-47C7-A3D0-A7827DF20272}_is1) (Version:  - Nordic Games GmbH)
ArcaniA - Gothic 4 (HKLM\...\{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1) (Version:  - Nordic Games GmbH)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
COMODO Internet Security Premium (HKLM\...\{40F962CF-3C1E-44EB-A319-5590BEEB90CF}) (Version: 6.3.35694.2953 - COMODO Security Solutions Inc.)
Die Sims - Tierisch gut drauf (HKLM\...\{7C32C567-DC0F-4C80-B06C-7873850A2E06}) (Version:  - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
Freemake Video Converter Version 4.1.4 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
FuzeZip (HKCU\...\FuzeZip) (Version: 1.0.0.135055 - Koyote-Lab Inc.) <==== ATTENTION
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
IsoBuster 3.1 (HKLM\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.250 - Oracle)
Java 8 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 10 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170100}) (Version: 1.7.0.100 - Oracle)
Java SE Development Kit 7 Update 9 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java SE Development Kit 8 Update 5 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
Java(TM) SE Development Kit 6 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Lumac (HKLM\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (Version: 1.1.92.0 - Firstload) Hidden
MakeTorrent v2.1 (HKLM\...\MakeTorrent 2) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor Warfighter Update.v322991-=AviaRa=- 1.00 (HKLM\...\Medal of Honor Warfighter Update.v322991-=AviaRa=- 1.00) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nero Burning ROM (Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero BurningROM 12 (HKLM\...\{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}) (Version: 12.0.00300 - Nero AG)
Nero ControlCenter (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.18100 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
NVIDIA 3D Vision Controller-Treiber 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 296.10 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.10 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 296.10 (Version: 296.10 - NVIDIA Corporation) Hidden
NVIDIA Update 1.7.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.11 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.11 - NVIDIA Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.0.13.2135 - Electronic Arts, Inc.)
Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden
Project 64 version 2.1.0.1 (HKLM\...\Project 64_is1) (Version: 2.1.0.1 - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6649 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM\...\ResourceHacker_is1) (Version:  - )
Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Shark007 Standard Codecs (HKLM\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.7.0 - Shark007)
SolveigMM Video Splitter (HKLM\...\SolveigMM Video Splitter 3.5.1210.2) (Version: 3.5.1210.2 - Solveig Multimedia)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows 7 Codec Pack 4.0.8 (HKLM\...\Windows 7 - Codec Pack) (Version: 4.0.8 - Windows 7 Codec Pack)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Chrome\Application\37.0.2062.124\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Plüming\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Chrome\Application\29.0.1547.66\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Plüming\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-633634576-854393678-1960327611-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

02-10-2014 01:00:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2011-12-22 16:11 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2833E31A-C0F5-4A11-A66F-BEF58906042B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {45E1198F-B1FD-47B0-8C4F-6136711CD52A} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {518AF47E-699F-4AE7-91B3-158894CE3B5D} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {5FEEE692-DC86-4EE6-96F8-0B4C905E49F3} - System32\Tasks\Google Updater and Installer => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {84CC5C44-E251-440C-81A2-635686952744} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {95711075-8D2B-4F17-886B-8E2AC8E8FB19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {BEDA4044-6DD7-42AB-8405-BAAB43A287AC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-03-18] (Oracle Corporation)
Task: {C8E1E350-F548-49BA-833E-506927311A3B} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {F0605A01-8BE3-4971-A4C8-5F47B52A99D0} - System32\Tasks\Google Update => C:\Users\Plüming\AppData\Local\Google\Desktop\Install\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\❤≸⋙\Ⱒ☠⍨\*ﯹ๛\{400b67f6-d073-2ceb-8e11-a31ac83593d2}\GoogleUpdate.exe
Task: {F9A41EB9-66E4-4E13-89D0-926CD892C1B9} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000Core.job => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-633634576-854393678-1960327611-1000UA.job => C:\Users\Plüming\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-15 19:39 - 2013-04-15 19:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-09-26 09:15 - 2014-09-26 09:15 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-02-29 13:26 - 2012-02-29 13:26 - 00360768 _____ () C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-09-26 17:17 - 2014-09-26 17:17 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\$NtUninstallKB14099$:SummaryInformation
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\14148183.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\14148183.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2

========================= Accounts: ==========================

Administrator (S-1-5-21-633634576-854393678-1960327611-500 - Administrator - Disabled)
Gast (S-1-5-21-633634576-854393678-1960327611-501 - Limited - Disabled)
Plüming (S-1-5-21-633634576-854393678-1960327611-1000 - Administrator - Enabled) => C:\Users\Plüming
UpdatusUser (S-1-5-21-633634576-854393678-1960327611-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: VMware Bridge Protocol
Description: VMware Bridge Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VMnetBridge
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware Network Application Interface
Description: VMware Network Application Interface
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VMnetuserif
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2014 03:41:31 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile  SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/30/2014 06:19:15 PM) (Source: MsiInstaller) (EventID: 11706) (User: Plüming-PC)
Description: Product: Lumac -- Error 1706. No valid source could be found for product Lumac.  The Windows Installer cannot continue.

Error: (09/30/2014 00:11:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce796f3
Name des fehlerhaften Moduls: wucltux.dll, Version: 7.6.7600.320, Zeitstempel: 0x53739709
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000728f2
ID des fehlerhaften Prozesses: 0xb64
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (09/30/2014 00:03:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (09/30/2014 00:03:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (09/30/2014 00:03:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (09/29/2014 11:38:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (09/29/2014 11:38:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (09/29/2014 11:38:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (09/29/2014 05:19:00 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Plüming-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.


System errors:
=============
Error: (10/02/2014 06:39:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware DHCP Service" ist vom Dienst "VMware Network Application Interface" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (10/02/2014 06:39:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware NAT Service" ist vom Dienst "VMware Network Application Interface" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (10/02/2014 06:39:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VMware Network Application Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/02/2014 06:39:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VMware Bridge Protocol" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/02/2014 06:39:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sandboxie Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/02/2014 06:00:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware DHCP Service" ist vom Dienst "VMware Network Application Interface" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (10/02/2014 06:00:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware NAT Service" ist vom Dienst "VMware Network Application Interface" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (10/02/2014 06:00:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VMware Network Application Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/02/2014 06:00:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VMware Bridge Protocol" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/02/2014 06:00:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sandboxie Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (10/01/2014 03:41:31 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (09/30/2014 06:19:15 PM) (Source: MsiInstaller) (EventID: 11706) (User: Plüming-PC)
Description: Product: Lumac -- Error 1706. No valid source could be found for product Lumac.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/30/2014 00:11:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175144ce796f3wucltux.dll7.6.7600.32053739709c0000005000728f2b6401cfdc309348268dC:\Windows\Explorer.EXEC:\Windows\system32\wucltux.dll9dcc0f51-4825-11e4-be5f-c860006a20ce

Error: (09/30/2014 00:03:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (09/30/2014 00:03:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (09/30/2014 00:03:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (09/29/2014 11:38:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (09/29/2014 11:38:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (09/29/2014 11:38:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (09/29/2014 05:19:00 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Plüming-PC)
Description: 


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
Percentage of memory in use: 39%
Total physical RAM: 2047.12 MB
Available physical RAM: 1240.85 MB
Total Pagefile: 4094.23 MB
Available Pagefile: 2946.33 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:28.54 GB) (Free:1.93 GB) NTFS
Drive e: () (Fixed) (Total:18.62 GB) (Free:8.49 GB) NTFS
Drive h: () (Fixed) (Total:596.17 GB) (Free:529.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 18.6 GB) (Disk ID: 00000080)
Partition 1: (Active) - (Size=18.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 28.6 GB) (Disk ID: CE73B166)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=28.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== End Of Log ============================
         
--- --- ---





bei zoek hat er am ende vor dem neustart diesen fehler
angezeigt:


Java Virtual Maschine Launcher

Error:could not open C:\Program Files\Java\lib\i386\jvm.cfg


und mit mbam hat er nix gefunden,erst als ich "nach rootkit suchen"
angeklickt und nochmal gescannt hatte.
ging leider am ende nur im xml format.und sorry das dass
mit den code-tags nicht ging,da hab ich einfach
alles kopiert und eingefügt.
ich musste 2 mal antworten,man darf ja nur maximal 12000 zeichen
haben in einen beitrag und bei mir
waren es über 18000,sorry hab da irgendwie nicht durchgeblickt.



MFG

Alt 02.10.2014, 20:47   #13
M-K-D-B
/// TB-Ausbilder
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Servus,



Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Gruß
M-K-D-B


Das Trojaner-Board unterstützen

Alt 03.10.2014, 22:41   #14
boutscha
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.10.03.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17280
Plüming :: PLÜMING-PC [administrator]

03.10.2014 17:32:03
mbar-log-2014-10-03 (17-32-03).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 336245
Time elapsed: 39 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

das programm hat nix gefunden.

manchmal wenn ich was runterladen will,egal ob bei CHIP oder WINFUTURE oder sonst wo
kann ich alles downloaden aber vorher kommt noch die nachicht von diesem kommischen java update was ich ja schon mehrmahls geschrieben habe.

und noch ein problem,
aufm desktop unten links neben der uhr in der taskleiste:
da ist so ne weisse fahne
und wenn ich die maus drauf halte dann steht da:

PC-Probleme lösen: 1 Meldung


was kann ich da noch machen,ist die malware jetzt mal so langsam weg
von meinem pc?
ich freu mich über jede hilfe

Alt 04.10.2014, 12:54   #15
M-K-D-B
/// TB-Ausbilder
 
Windows 7 - Startmenü fehlerhaft und keine Windows updates - Standard

Windows 7 - Startmenü fehlerhaft und keine Windows updates



Servus,


zu Java kommen wir schon noch, keine Sorge.

Was steht denn dort bei dem einen Problem rechts unten in der Taskleiste?


Lade dir mal bitte die aktuellste (3.311) Version von adwCleaner und scanne neu:

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Dann bitte nochmal FRST zur Kontrolle:
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
__________________
Gruß
M-K-D-B


Das Trojaner-Board unterstützen

Antwort

Themen zu Windows 7 - Startmenü fehlerhaft und keine Windows updates
bereit, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 0xe0434352, fehlercode 24, fehlercode 39, fehlercode windows, win32/adware.ibryte.am, win32/koyotelab.a, win32/toolbar.searchsuite.p, windows updates



Ähnliche Themen: Windows 7 - Startmenü fehlerhaft und keine Windows updates


  1. Windows 7 findet keine Updates
    Alles rund um Windows - 02.08.2015 (21)
  2. Mystartsearch nicht zu entfernen; keine Windows Updates möglich
    Log-Analyse und Auswertung - 14.07.2015 (20)
  3. Windows führt keine updates mehr aus.
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (1)
  4. Kann keine Windows Updates mehr installieren
    Plagegeister aller Art und deren Bekämpfung - 26.03.2014 (16)
  5. sporadische Bluescreens + snap.do + keine Windows-Updates
    Log-Analyse und Auswertung - 24.02.2014 (18)
  6. Trojaner der den Zugang zur Windows-Homepage blockiert und keine Updates zulässt
    Log-Analyse und Auswertung - 21.01.2014 (19)
  7. Mein Windows Vista macht keine Updates mehr
    Plagegeister aller Art und deren Bekämpfung - 11.01.2014 (18)
  8. Windows 7 SP1 keine Downloads oder Updates aus dem Internet möglich
    Log-Analyse und Auswertung - 11.11.2013 (11)
  9. Windows 7 keine Programme im Startmenü
    Plagegeister aller Art und deren Bekämpfung - 19.03.2012 (15)
  10. Meldung: Abbild Fehlerhaft, DLLc:\\progra~1\fun4im\bndhook.dll keine gültige windows datei
    Log-Analyse und Auswertung - 09.08.2011 (22)
  11. Keine Windows Updates möglich: Fehler 0x80072EFD
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (1)
  12. Kann in Windows XP Pro, keine Updates meht installieren. HJThis LOG inside...
    Alles rund um Windows - 04.02.2010 (1)
  13. Keine Updates von Antiviren Programmen und Windows / Problem mit Arbeitsplatz
    Log-Analyse und Auswertung - 22.01.2009 (2)
  14. Ich kann keine Windows Updates machen
    Log-Analyse und Auswertung - 13.01.2009 (8)
  15. Google leitet auf Werbeseiten um, keine Updates von Windows+AntivirenSoftware möglich
    Log-Analyse und Auswertung - 03.01.2009 (10)
  16. Ich kann keine Windows updates aktivieren
    Mülltonne - 17.11.2008 (0)
  17. bekomme keine windows updates
    Plagegeister aller Art und deren Bekämpfung - 03.09.2007 (15)

Zum Thema Windows 7 - Startmenü fehlerhaft und keine Windows updates - Hi, Problem Nr.1: ich bekomme seit einiger zeit schon keine Windows 7 Ultimate updates mehr. Also ich geh aufm desktop auf start-systemsteuerung-system und sicherheit und dann auf windows update.dann klick - Windows 7 - Startmenü fehlerhaft und keine Windows updates...
Archiv
Du betrachtest: Windows 7 - Startmenü fehlerhaft und keine Windows updates auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.