start
CloseProcesses:
CreateRestorePoint:
GroupPolicy: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Micr?osoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Intern?et Explorer\Main,Default_Page_URL? =
HKLM\Software\Wow6432Node\Micr?osoft\Internet Explorer\Main,Default_Page_URL? =
HKLM\Software\Microsoft\Intern?et Explorer\Main,Default_Search_U?RL =
HKLM\Software\Wow6432Node\Micr?osoft\Internet Explorer\Main,Default_Search_U?RL =
HKLM\Software\Microsoft\Intern?et Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Micr?osoft\Internet Explorer\Main,Local Page =
FF HKLM\...\Thunderbird\Extension?s: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Exten?sions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
S3 INSTB32; \??\C:\WINDOWS\TEMP\INSTB64.SY?S [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sy?s [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2017-02-07 22:10 - 2014-03-21 06:55 - 00000000 ____D C:\Users\David\AppData\Roaming?\cacaoweb
C:\Users\David\AppData\Roaming?\cacaoweb
FirewallRules: [TCP Query User{B2583BF0-58F8-4FDF-8D73-3C9ABF9FA37A}C:\users\david\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\david\appdata\roaming?\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{8768230B-26D0-4293-8E7F-EDB27F176725}C:\users\david\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\david\appdata\roaming?\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{9005A62E-BFB0-4434-B786-76A4DA935D70}C:\users\david\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\david\appdata\roaming?\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{35FB3EF8-DBDA-43DD-8049-2190BF0C2DAE}C:\users\david\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\david\appdata\roaming?\cacaoweb\cacaoweb.exe


EmptyTemp:
end