| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win7 ständig 70-100% CPU AuslastungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.03.2015, 09:15
| #1 |
 |  Win7 ständig 70-100% CPU Auslastung Hallo alle miteinander, da ich eure Wertvolle Zeit nicht zu sehr strapazieren möchte -> kurze Zusammenfassung:
Zunächst habe ich einen Virenscan mit Avira gemacht. Und dabei jede Menge Viren in Karantäne verfrachtet. (siehe Ereignisse.txt) Dann bin ich strikt der Anleitung von Euch gefolgt. GMER ist allerdings gecrashed. (Siehe Crash File) Ich weiss, dass das System ziemlich zerrüttet ist. Ist es noch zu retten? Vielen Dank für Eure Hilfe im VOrraus! Sebastian ;-) [CODE]http://www.trojaner-board.de/69886-a...-beachten.html FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2015 01
Ran by Arje (administrator) on MUSICMASHINE on 11-03-2015 08:47:03
Running from C:\Users\Arje\Downloads
Loaded Profiles: Arje (Available profiles: Arje)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Macrovision ) C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SafeNet, Inc.) C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe
(ClientConnect Ltd.) C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\MountPoints2: {32ad0e22-c654-11e4-98c8-c97f0990eda7} - E:\AutoRun.exe
HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\MountPoints2: {42a37471-e33d-11de-831a-00241ddb5c92} - F:\setup.exe
HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\MountPoints2: {42a37472-e33d-11de-831a-00241ddb5c92} - G:\Autorun.exe
HKU\S-1-5-18\...\Run: [DevconDefaultDB] => C:\Windows\system32\READREG /SILENT /FAIL=1
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com?fr=fp-comodo
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Users\Arje\AppData\LocalLow\Softonic_Deutsch\prxtbSof0.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-454721375-3589406793-525374796-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-454721375-3589406793-525374796-1000 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Users\Arje\AppData\LocalLow\Softonic_Deutsch\prxtbSof0.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-454721375-3589406793-525374796-1000 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM-x32 -> DefaultScope {EF742892-2E03-485a-BAFD-8834EFA69EA5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKLM-x32 -> {6B565918-AFF6-4bae-AC3F-63F626BDE74D} URL = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKLM-x32 -> {EF742892-2E03-485a-BAFD-8834EFA69EA5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> DefaultScope {EF742892-2E03-485a-BAFD-8834EFA69EA5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chrf-devicevm&type=STDVM
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> {6B565918-AFF6-4bae-AC3F-63F626BDE74D} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> {EF742892-2E03-485a-BAFD-8834EFA69EA5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chrf-devicevm&type=STDVM
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-13] (Oracle Corporation)
BHO-x32: Octh Class -> {000123B4-9B42-4900-B3F7-F4B073EFC214} -> C:\Program Files (x86)\Orbitdownloader\orbitcth.dll [2011-03-29] (Orbitdownloader.com)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: Softonic Deutsch Toolbar -> {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} -> C:\Users\Arje\AppData\LocalLow\Softonic_Deutsch\prxtbSof0.dll [2014-03-26] (ClientConnect Ltd.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: BHO Class -> {DD92DE22-ED91-4560-B788-DEE2B26612E6} -> C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\IEHelper.dll [2009-06-22] (DeviceVM, Inc.)
Toolbar: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Users\Arje\AppData\LocalLow\Softonic_Deutsch\prxtbSof0.dll [2014-03-26] (ClientConnect Ltd.)
Toolbar: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Arje\AppData\Roaming\Mozilla\Firefox\Profiles\wo46mp0t.default-1403853177353
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-13] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2011-10-20] (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll [2010-09-01] (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-454721375-3589406793-525374796-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Arje\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-02] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll [2008-12-10] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-09-05] (Apple Inc.)
FF Extension: Adblock Plus - C:\Users\Arje\AppData\Roaming\Mozilla\Firefox\Profiles\wo46mp0t.default-1403853177353\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-27]
FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files (x86)\Mozilla Firefox\extensions\{24fa9f3a-3dc5-3c58-1c00-5d6e2b2098ca} [2015-01-29]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-01-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-29]
Chrome:
=======
CHR HKU\S-1-5-21-454721375-3589406793-525374796-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Arje\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-08-06]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Arje\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-08-06]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [Not Found]
Opera:
=======
OPR Extension: (Leo Recherche) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\aenohohbcbcaeadlkkejbceglpdfldig [2014-08-10]
OPR Extension: (Adguard AdBlocker) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2014-08-10]
OPR Extension: (Translator) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2014-08-10]
OPR Extension: (Torrents MultiSearch) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\gckmaajnanfnjncainlndbogelcipljj [2014-08-10]
OPR Extension: (GetThemAll - Any file downloader) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipjignndhlpeimkmgpfnappdcohjealh [2014-08-10]
OPR Extension: (Die Amazon 1Button App) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2014-08-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-12-03] (Adobe Systems) [File not signed]
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-19] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-10-25] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-10-25] (BlueStack Systems, Inc.)
R2 cmdagent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-03-02] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-12-15] (Macrovision Europe Ltd.) [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [85184 2010-03-13] (Macrovision )
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2007-10-23] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [40496 2008-11-11] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [50736 2008-11-11] (National Instruments Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-11-11] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-11-18] (Macrovision Corporation) [File not signed]
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [8656 2007-11-06] (National Instruments Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-16] ()
R2 SACSrv; C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe [8904 2011-01-13] (SafeNet, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
R2 TBSrv; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [350496 2014-03-26] (ClientConnect Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [368832 2009-11-05] (AfaTech )
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-11-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-28] (Avira Operations GmbH & Co. KG)
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-10-25] (BlueStack Systems)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 FFUsbAudio; C:\Windows\System32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Ltd.)
R3 iKeyEnum; C:\Windows\System32\DRIVERS\ikeyenum.sys [16160 2010-03-18] (SafeNet, Inc.)
R3 iKeyIFD; C:\Windows\System32\DRIVERS\ikeyifd.sys [22304 2010-03-18] (SafeNet, Inc.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-11-20] ()
U5 RnbToken; C:\Windows\System32\Drivers\RnbToken.sys [24352 2010-03-18] (SafeNet, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2009-12-07] (Duplex Secure Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [50688 2010-04-19] (Apple, Inc.) [File not signed]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 COMMONFX; system32\drivers\COMMONFX.SYS [X]
S3 COMMONFX.DLL; \SystemRoot\System32\COMMONFX.DLL [X]
S3 COMMONFX.SYS; \SystemRoot\System32\drivers\COMMONFX.SYS [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CT20XUT; system32\drivers\CT20XUT.SYS [X]
S3 CT20XUT.DLL; \SystemRoot\System32\CT20XUT.DLL [X]
S3 CT20XUT.SYS; \SystemRoot\System32\drivers\CT20XUT.SYS [X]
S3 ctac32k; system32\drivers\ctac32k.sys [X]
S3 ctaud2k; system32\drivers\ctaud2k.sys [X]
S3 CTAUDFX; system32\drivers\CTAUDFX.SYS [X]
S3 CTAUDFX.DLL; \SystemRoot\System32\CTAUDFX.DLL [X]
S3 CTAUDFX.SYS; \SystemRoot\System32\drivers\CTAUDFX.SYS [X]
S3 CTEAPSFX; system32\drivers\CTEAPSFX.SYS [X]
S3 CTEAPSFX.DLL; \SystemRoot\System32\CTEAPSFX.DLL [X]
S3 CTEAPSFX.SYS; \SystemRoot\System32\drivers\CTEAPSFX.SYS [X]
S3 CTEDSPFX; system32\drivers\CTEDSPFX.SYS [X]
S3 CTEDSPFX.DLL; \SystemRoot\System32\CTEDSPFX.DLL [X]
S3 CTEDSPFX.SYS; \SystemRoot\System32\drivers\CTEDSPFX.SYS [X]
S3 CTEDSPIO; system32\drivers\CTEDSPIO.SYS [X]
S3 CTEDSPIO.DLL; \SystemRoot\System32\CTEDSPIO.DLL [X]
S3 CTEDSPIO.SYS; \SystemRoot\System32\drivers\CTEDSPIO.SYS [X]
S3 CTEDSPSY; system32\drivers\CTEDSPSY.SYS [X]
S3 CTEDSPSY.DLL; \SystemRoot\System32\CTEDSPSY.DLL [X]
S3 CTEDSPSY.SYS; \SystemRoot\System32\drivers\CTEDSPSY.SYS [X]
S3 CTERFXFX; system32\drivers\CTERFXFX.SYS [X]
S3 CTERFXFX.SYS; \SystemRoot\System32\drivers\CTERFXFX.SYS [X]
S3 CTEXFIFX; system32\drivers\CTEXFIFX.SYS [X]
S3 CTEXFIFX.DLL; \SystemRoot\System32\CTEXFIFX.DLL [X]
S3 CTEXFIFX.SYS; \SystemRoot\System32\drivers\CTEXFIFX.SYS [X]
S3 CTHWIUT; system32\drivers\CTHWIUT.SYS [X]
S3 CTHWIUT.DLL; \SystemRoot\System32\CTHWIUT.DLL [X]
S3 CTHWIUT.SYS; \SystemRoot\System32\drivers\CTHWIUT.SYS [X]
S3 ctprxy2k; system32\drivers\ctprxy2k.sys [X]
S3 CTSBLFX; system32\drivers\CTSBLFX.SYS [X]
S3 CTSBLFX.DLL; \SystemRoot\System32\CTSBLFX.DLL [X]
S3 CTSBLFX.SYS; \SystemRoot\System32\drivers\CTSBLFX.SYS [X]
S3 emupia; system32\drivers\emupia2k.sys [X]
S3 ha10kx2k; system32\drivers\ha10kx2k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-11 08:47 - 2015-03-11 08:47 - 00027908 _____ () C:\Users\Arje\Downloads\FRST.txt
2015-03-11 08:46 - 2015-03-11 08:47 - 00000000 ____D () C:\FRST
2015-03-11 08:44 - 2015-03-11 08:46 - 02095104 _____ (Farbar) C:\Users\Arje\Downloads\FRST64.exe
2015-03-11 08:28 - 2015-03-11 08:28 - 00000056 _____ () C:\Windows\setupact.log
2015-03-11 08:28 - 2015-03-11 08:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-11 08:26 - 2015-03-11 08:26 - 00000580 _____ () C:\Users\Arje\Downloads\defogger_disable.log
2015-03-11 08:26 - 2015-03-11 08:26 - 00000020 _____ () C:\Users\Arje\defogger_reenable
2015-03-11 08:25 - 2015-03-11 08:26 - 00050477 _____ () C:\Users\Arje\Downloads\Defogger.exe
2015-03-11 07:40 - 2015-03-11 07:40 - 00011506 _____ () C:\Users\Arje\Documents\cc_20150311_074027.reg
2015-03-09 23:28 - 2015-03-09 23:28 - 00000000 ____D () C:\Program Files\Focusrite
2015-03-09 23:28 - 2011-10-31 15:22 - 00053080 _____ (Focusrite Audio Engineering Ltd.) C:\Windows\system32\Drivers\ffusbaudio.sys
2015-03-09 23:28 - 2011-10-31 15:22 - 00020824 _____ (Novation DMS Ltd.) C:\Windows\system32\nvnusbaudio_coinst.dll
2015-03-09 23:25 - 2015-03-09 23:26 - 00441487 _____ (Focusrite Audio Engineering Ltd. ) C:\Users\Arje\Downloads\focusrite usb driver-1.10.exe
2015-03-09 22:59 - 2015-03-09 23:00 - 00929768 _____ (Focusrite Audio Engineering Limited. ) C:\Users\Arje\Downloads\focusrite-usb-2-driver-2.5.1 (1).exe
2015-03-09 20:52 - 2015-03-09 21:52 - 30704975 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCApp_L6_2_10_00.exe
2015-03-09 20:43 - 2015-03-09 20:43 - 04958588 _____ () C:\Windows\{00000003-00000000-00000007-00001102-00000008-40041102}.CDF
2015-03-09 20:14 - 2015-03-09 20:14 - 00002950 _____ () C:\Users\Arje\Documents\emu.txt
2015-03-09 19:39 - 2015-03-09 20:13 - 34615739 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00_BETA.exe
2015-03-09 18:15 - 2015-03-09 18:15 - 00000000 ____D () C:\Users\Arje\Desktop\bilder 03.03.2015
2015-03-09 16:01 - 2015-03-09 17:05 - 34934920 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00(2).exe
2015-03-09 15:27 - 2015-03-09 15:38 - 02199632 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00(1).exe
2015-03-09 14:26 - 2015-03-09 15:26 - 21421340 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00.exe
2015-03-09 13:31 - 2015-03-09 13:31 - 00001564 _____ () C:\Users\Arje\Documents\cc_20150309_133132.reg
2015-03-09 13:27 - 2015-03-09 13:58 - 25611342 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_L6_1_82_01.exe
2015-02-22 10:13 - 2015-02-22 10:13 - 00000864 _____ () C:\Users\Arje\Desktop\TalosLauncher.exe - Verknüpfung.lnk
2015-02-21 18:23 - 2015-02-21 18:23 - 00000000 ___SH () C:\Users\Arje\AppData\Local\LumaEmu
2015-02-21 18:23 - 2015-02-21 18:23 - 00000000 ____D () C:\Users\Arje\AppData\Local\LumaEmu_SteamCloud
2015-02-21 17:36 - 2015-02-21 17:36 - 00001607 _____ () C:\Users\Public\Desktop\The Talos Principle.lnk
2015-02-21 17:00 - 2015-02-21 17:00 - 00668672 _____ (FragSoft) C:\Windows\system32\isdone.dll
2015-02-21 16:59 - 2015-02-21 17:00 - 00668672 _____ (FragSoft) C:\Users\Arje\Downloads\isdone.dll
2015-02-21 16:56 - 2015-02-21 16:56 - 05344984 _____ (Dll-Files.com ) C:\Users\Arje\Downloads\dffsetup-isdone.exe
2015-02-21 16:54 - 2015-02-21 16:54 - 00014774 _____ () C:\Users\Arje\Documents\cc_20150221_165436.reg
2015-02-21 15:20 - 2015-02-21 15:20 - 00000000 ____D () C:\Users\Arje\Desktop\fms
2015-02-21 15:20 - 2015-01-11 21:41 - 03274752 _____ (The Dark Mod Team ) C:\Users\Arje\Desktop\tdm_update.exe
2015-02-21 11:56 - 2015-02-21 12:30 - 00000000 ____D () C:\Users\Arje\Downloads\The Talos Principle [FitGirl Repack]
2015-02-21 10:10 - 2015-02-21 10:10 - 00000000 ____D () C:\Users\Arje\AppData\Local\Steam
2015-02-13 20:29 - 2015-02-21 11:53 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2015-02-13 12:11 - 2015-02-13 12:51 - 00000000 ____D () C:\Users\Arje\Downloads\Far Cry 4 - Gold Edition [Update 7] (2014) PC RePack by R.G. Freedom
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-11 08:36 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-11 08:36 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-11 08:35 - 2012-05-21 17:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-11 08:33 - 2012-05-21 17:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-11 08:32 - 2009-12-02 19:55 - 01063687 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 08:29 - 2010-02-26 11:39 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-11 08:29 - 2009-12-02 20:08 - 00000144 _____ () C:\service.log
2015-03-11 08:28 - 2009-12-02 20:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-11 08:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-11 08:26 - 2009-12-02 20:02 - 00000000 ____D () C:\Users\Arje
2015-03-11 08:17 - 2010-12-01 18:19 - 00013153 _____ () C:\Users\Arje\Downloads\hijackthis.log
2015-03-11 08:02 - 2014-09-01 13:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-11 07:41 - 2011-09-21 18:38 - 00000000 ____D () C:\Soldat
2015-03-11 07:39 - 2009-12-02 21:37 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Winamp
2015-03-10 21:54 - 2014-08-10 08:35 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1407656151
2015-03-10 21:54 - 2014-08-10 08:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-10 21:22 - 2010-05-24 18:15 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\vlc
2015-03-09 23:31 - 2011-07-17 13:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-09 23:12 - 2009-12-02 20:15 - 01682440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-09 23:12 - 2009-07-14 18:58 - 00726214 _____ () C:\Windows\system32\perfh007.dat
2015-03-09 23:12 - 2009-07-14 18:58 - 00159152 _____ () C:\Windows\system32\perfc007.dat
2015-03-09 23:09 - 2011-05-26 08:03 - 00000000 ___RD () C:\Users\Arje\Dropbox
2015-03-09 23:09 - 2011-05-26 08:01 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Dropbox
2015-03-09 23:03 - 2009-12-02 20:49 - 00000000 ____D () C:\Program Files\DIFX
2015-03-09 23:02 - 2009-12-08 12:14 - 00000000 ____D () C:\Windows\SysWOW64\Data
2015-03-09 23:02 - 2009-12-08 12:14 - 00000000 ____D () C:\Windows\system32\Data
2015-03-09 23:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-03-09 22:53 - 2009-12-02 20:09 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-03-09 20:40 - 2009-12-08 12:15 - 00431104 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00409600 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00136192 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-03-09 12:38 - 2014-01-30 22:03 - 00000000 ____D () C:\Users\Arje\Desktop\ESposthumus
2015-03-09 11:25 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-23 08:44 - 2009-12-07 12:59 - 00000000 ____D () C:\Filme
2015-02-21 18:18 - 2012-09-24 12:28 - 00007609 _____ () C:\Users\Arje\AppData\Local\Resmon.ResmonCfg
2015-02-21 16:38 - 2012-04-17 09:55 - 00000000 ____D () C:\Games
2015-02-21 15:22 - 2009-12-07 13:09 - 00000000 ____D () C:\Spiele
2015-02-21 12:51 - 2012-08-23 17:11 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\uTorrent
2015-02-14 01:23 - 2010-01-24 18:57 - 00000000 ____D () C:\Users\Arje\Documents\My Games
2015-02-13 20:24 - 2009-12-07 13:01 - 00000000 ____D () C:\Ablage
2015-02-12 15:07 - 2011-05-26 08:01 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-11 21:44 - 2013-07-23 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
==================== Files in the root of some directories =======
2010-06-08 06:11 - 2010-06-08 06:11 - 0003584 _____ () C:\Users\Arje\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-04 15:02 - 2012-04-04 15:02 - 0000092 _____ () C:\Users\Arje\AppData\Local\fusioncache.dat
2015-02-21 18:23 - 2015-02-21 18:23 - 0000000 ___SH () C:\Users\Arje\AppData\Local\LumaEmu
2012-09-24 12:28 - 2015-02-21 18:18 - 0007609 _____ () C:\Users\Arje\AppData\Local\Resmon.ResmonCfg
2010-04-08 21:33 - 2010-04-08 21:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some content of TEMP:
====================
C:\Users\Arje\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-09 13:53
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2015 01
Ran by Arje at 2015-03-11 08:47:56
Running from C:\Users\Arje\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
2nd Speech Center 4.15.10.1202 (HKLM-x32\...\2nd Speech Center_is1) (Version: 4.15.10.1202 - Zero2000.com)
3DMark (HKLM-x32\...\{F1A6C690-C12C-4E7A-B4BD-958678215418}) (Version: 1.0 - Futuremark)
4Musics FLAC to MP3 Converter 5.2 (HKLM-x32\...\4Musics FLAC to MP3 Converter 5.2_is1) (Version: - NeSoft)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Premiere Elements 4.0 (HKLM-x32\...\PremElem40) (Version: 4.0 - Ihr Firmenname)
Adobe Premiere Elements 4.0 Templates (HKLM-x32\...\PremElem40Templates) (Version: 4.0.0 - Ihr Firmenname)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
AIFF MP3 Converter v3.1 build 946 (HKLM-x32\...\{5494AFBC-3EC2-463A-BD6C-EAFB62EB6EE9}_is1) (Version: - Hoo Technologies)
All To MP3 Converter 2.7 (HKLM-x32\...\All To MP3 Converter_is1) (Version: 2.7 - All To MP3 Converter)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Antares Auto-Tune Evo VST (HKLM-x32\...\{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}) (Version: 6.00.0009 - Antares Audio Technologies)
Anti-Twin (Installation 04.05.2011) (HKLM-x32\...\Anti-Twin 2011-05-04 10.43.06) (Version: - Joerg Rosenthal, Germany)
apEQ 1.3.2 (HKLM-x32\...\apEQ) (Version: 1.3.2 - apulSoft)
Armagetron Advanced 0.2.8.3.2 (HKLM-x32\...\Armagetron Advanced) (Version: 0.2.8.3.2 - Armagetron Advanced Team)
Arturia minimoog V v1.6 (HKLM-x32\...\Arturia minimoog V_is1) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: - )
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
AudioShell 1.3.5 (HKLM-x32\...\AudioShell_is1) (Version: 1.3.5 - Softpointer Inc)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Baldur's Gate (HKLM-x32\...\Baldur's Gate) (Version: - )
BitTornado 0.3.18 (HKLM-x32\...\BitTornado) (Version: 0.3.18 - John Hoffman)
BrettspielWelt (HKLM-x32\...\BSW) (Version: - )
Brother HL-2035 (HKLM-x32\...\{D11E2D84-B5DC-48A8-B7CB-F2B14D83AAA4}) (Version: 1.00 - Brother)
Browser Configuration Utility (HKLM-x32\...\{5B363E1D-8C36-4458-BAE4-D5081999E094}) (Version: 1.1.7.0 - DeviceVM) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 3.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2905 - CDBurnerXP)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{82696435-8572-4D8B-A230-D1AA567D0F0F}) (Version: 1.0.0.0 - Electronic Arts)
COMODO Internet Security (HKLM\...\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}) (Version: 5.4.57996.1354 - COMODO Security Solutions Inc.)
Condemned - Criminal Origins (HKLM-x32\...\Condemned - Criminal Origins_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Cool Edit Pro 2.0 (HKLM-x32\...\Cool Edit Pro 2.0) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Digital Audio System (HKLM-x32\...\{6D420D94-7B4A-4213-B8D4-AEC3B45B5158}) (Version: 1.0 - )
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)
Doom 3 (HKLM-x32\...\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.3 - Activision)
Doom 3 (x32 Version: 1.3 - Activision) Hidden
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Dropbox (HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
Duke Nukem Forever (HKLM-x32\...\Steam App 57900) (Version: - Gearbox Software)
Edirol HQ Orchestral v1.01 (HKLM-x32\...\Edirol HQ Orchestral v1.01) (Version: - )
Europa Universalis IV (HKLM-x32\...\Europa Universalis IV_is1) (Version: - Paradox Interactive)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
FileZilla Client 3.3.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.3.2.1 - )
FL Studio 8 (HKLM-x32\...\FL Studio 8) (Version: - Image-Line bvba)
FMOD Programmers API Win64 (HKLM-x32\...\FMOD Programmers API Win64) (Version: - )
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
Free YouTube to MP3 Converter version 3.12.25.223 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.25.223 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
G-sonique Alien303 VSTi (HKLM-x32\...\G-sonique Alien303 VSTi) (Version: - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.10 - PACE Anti-Piracy)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.27 - Irfan Skiljan)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
JonDo (HKLM-x32\...\JonDoUninstall) (Version: - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version: - )
LinPlug Organ 3 (HKLM-x32\...\LinPlug Organ 3) (Version: - )
LinuxSampler 20130503 (HKLM\...\LinuxSampler) (Version: - )
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.14.00.03 - Huawei Technologies Co.,Ltd)
Mouse Recorder Pro 2.0.7.0 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MP3 Splitter Joiner Pro v4.2 build 2612 (HKLM-x32\...\{F88C04C9-9CDC-4830-A533-CC5E3D69F2A1}_is1) (Version: - Hoo Technologies)
MP3 Splitter version 3.1 (HKLM-x32\...\MP3 Splitter_is1) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MurGee Auto Mouse Click 1.0 (HKLM-x32\...\{22300F72-8BFC-4BCA-881A-2D2234979FBB}_is1) (Version: 1.0 - MurGee.com)
My Game Long Name (HKLM\...\UDK-ade6fb38-9b93-44cb-be36-d6e6b86f2b3e) (Version: - Epic Games, Inc.)
National Instruments-Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version: - )
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: - Native Instruments)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NI DataFinder Client 2.1 (x32 Version: 2.1.03805 - National Instruments) Hidden
NI DataFinder Desktop 2.1 (x32 Version: 2.1.03805 - National Instruments) Hidden
NI DIAdem 11.1 (Core) (x32 Version: 11.1.03806 - National Instruments) Hidden
NI DIAdem 11.1 (x32 Version: 11.1.03806 - National Instruments) Hidden
NI DIAdem 11.1 Documentation (TDM) (x32 Version: 11.1.03806 - National Instruments) Hidden
NI DN 2.0 SP1 installer (x32 Version: 2.10.49152 - National Instruments) Hidden
NI DN 2.0 x64 SP1 installer (x32 Version: 2.10.49152 - National Instruments) Hidden
NI EULA Depot (x32 Version: 2.61.251 - National Instruments) Hidden
NI Help Assistant (64bit) (Version: 1.0.10 - National Instruments) Hidden
NI Help Assistant (x32 Version: 1.0.10 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 8.6.244.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 8.6.1 (x32 Version: 8.6.426.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 8.6.41.0 - National Instruments) Hidden
NI LabVIEW Web Services Runtime (x32 Version: 8.6.48.0 - National Instruments) Hidden
NI License Manager (x32 Version: 3.3.39 - National Instruments) Hidden
NI Logos 5.0 (x32 Version: 5.0.53.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.0.53.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.861.0 - National Instruments) Hidden
NI MDF Support (x32 Version: 2.61.251 - National Instruments) Hidden
NI Service Locator (x32 Version: 8.6.317.0 - National Instruments) Hidden
NI TDM Excel Add-In 2.1 (x32 Version: 2.1.36.0 - National Instruments) Hidden
NI TDMS (64-bit) (Version: 2.0.137.0 - National Instruments) Hidden
NI TDMS (x32 Version: 2.0.137.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 8.6.11.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 2.61.251 - National Instruments) Hidden
NI USI 1.7.0 (x32 Version: 1.7.03805 - National Instruments) Hidden
NI USI 1.7.0 64-Bit (Version: 1.7.03805 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.01.5 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.01.5 - National Instruments) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}) (Version: 7.0.2.0 - Nokia)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.1 - )
Notification Center (HKLM-x32\...\{384FA0C0-BB19-4CA0-8DB4-5FD4E938277F}) (Version: 0.7.7.813 - BlueStack Systems, Inc.)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 28.0.1750.40 (HKLM-x32\...\Opera 28.0.1750.40) (Version: 28.0.1750.40 - Opera Software ASA)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version: - www.orbitdownloader.com)
PC Connectivity Solution (HKLM-x32\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia)
Pianoteq v2.3.0 (HKLM-x32\...\Pianoteq23) (Version: - )
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line bvba)
Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)
Quake Live Mozilla Plugin (HKLM-x32\...\{B42A6552-1A83-4D79-9137-AB0C9036249A}) (Version: 1.0.491 - id Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5864 - Realtek Semiconductor Corp.)
Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
ReMouse Micro (HKLM-x32\...\ReMouse_is1) (Version: Micro V3.0 - AutomaticSolution Software)
SafeNet Authentication Client 8.0 SP2 (HKLM\...\{74EA395E-DF72-4273-8B52-7303E97E4E38}) (Version: 8.00.186.0 - SafeNet, Inc.)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Skyrim HD Texture Pack (HKLM-x32\...\The Elder Scrolls V Skyrim HD Texture Pack_is1) (Version: 6 Feb 2013 - Bethesda Softworks)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2135.3 - Hi-Rez Studios)
Softonic_Deutsch Toolbar (HKLM-x32\...\Softonic_Deutsch Toolbar) (Version: - ) <==== ATTENTION
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
SRWare Iron Version SRWare Iron 37.2000.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 37.2000.0 - SRWare)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.2.20141 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strike Vector (HKLM-x32\...\Steam App 246700) (Version: - Ragequit Corporation)
Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
Super Finder XT 1.6.3.2 (HKLM-x32\...\Super Finder XT_is1) (Version: - FSL - FreeSoftLand)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12799 - TeamViewer)
TeXnicCenter Version 2.0 Beta 1 (HKLM-x32\...\TeXnicCenter_is1) (Version: 2.0 Beta 1 - The TeXnicCenter Team)
The Elder Scrolls V Skyrim (HKLM-x32\...\{C57EEBB9-168C-4C98-8162-FD19E7F0AE77}_is1) (Version: 1.9.32.0.8 - Bethesda Softworks)
The Longest Journey (HKLM-x32\...\{0280F0D8-1542-4DAA-913C-8529E2A3835D}) (Version: - )
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version: - Arrowhead Game Studios)
The Talos Principle (HKLM-x32\...\The Talos Principle_is1) (Version: - )
Thief Update v1.2 with DLC (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line bvba)
ToxicIII (HKLM-x32\...\ToxicIII) (Version: - Image-Line bvba)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.3010.9 - TuneUp Software) Hidden
Unity Web Player (HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSL Performance Tool (remove only) (HKLM-x32\...\VSL Performance Tool) (Version: - )
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-454721375-3589406793-525374796-1000\...\Warcraft III) (Version: - )
Warkeys 1.15.7.0b (HKLM-x32\...\Warkeys) (Version: 1.15.7.0b - )
Wave 2 Mp3 1.1 (HKLM-x32\...\Wave 2 Mp3_is1) (Version: - NHGames)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Wise Registry Cleaner 5.8.7 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 5.8.6 - ZhiQing Soft, Inc.)
WordToPDF 2.8 (HKLM-x32\...\WordToPDF_is1) (Version: 2.8 - Mario Noack)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-454721375-3589406793-525374796-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
09-03-2015 17:06:46 Gerätetreiber-Paketinstallation: Creative Audio-, Video- und Gamecontroller
09-03-2015 20:38:52 Gerätetreiber-Paketinstallation: Creative Audio-, Video- und Gamecontroller
09-03-2015 22:00:30 Installed E-MU PatchMix DSP
09-03-2015 23:01:17 Removed E-MU PatchMix DSP
09-03-2015 23:02:56 Gerätetreiber-Paketinstallation: Focusrite Audio-, Video- und Gamecontroller
09-03-2015 23:28:37 Gerätetreiber-Paketinstallation: Focusrite Audio-, Video- und Gamecontroller
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2011-06-23 16:17 - 00001059 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 gosredirector.ea.com
127.0.0.1 blazeserver.blazeemu.org
127.0.0.1 gosgvaprod-qos01.ea.com
127.0.0.1 gosiadprod-qos01.ea.com
127.0.0.1 gossjcprod-qos01.ea.com
127.0.0.1 demangler.ea.com
127.0.0.1 vmp.tools.gos.ea.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1FC6B4D3-013E-40AC-AF8A-CB9D8538F134} - System32\Tasks\Opera scheduled Autoupdate 1407656151 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-10] (Opera Software)
Task: {23F28ADF-C0CC-4E5C-8788-49D394B121CD} - System32\Tasks\{2BD42919-B322-4DEB-B0D7-FF6BA49AE396} => pcalua.exe -a C:\Users\Arje\Downloads\RIFT-Install.exe -d C:\Users\Arje\Downloads
Task: {35F51381-2314-4D36-801E-327F7D4EDC54} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {3B86EA20-B4C8-4E8B-B43C-EB9216A3161C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {43A69068-3C15-4CE0-AB99-60BE4382DB65} - System32\Tasks\{187814D2-F667-4127-8673-359410F7EFE4} => pcalua.exe -a C:\Extract\RTLTOOL\WIN7\64\EXE\RtlStartInstall.exe -d C:\Extract\RTLTOOL\WIN7\64\EXE
Task: {81FD1D0F-A4B5-4415-9D3E-06AB36D38548} - System32\Tasks\{00036827-469B-494A-8D49-0A9831DF9398} => pcalua.exe -a C:\Users\Arje\Downloads\install_flash_player.exe -d C:\Users\Arje\Downloads
Task: {8B7354FA-2118-4814-ABDD-86BC078DD722} - System32\Tasks\{4D68E3AE-BE1F-4C43-A0EB-61358EAE34BE} => pcalua.exe -a C:\Users\Arje\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {9375831E-CFC1-4F35-921B-54766D59F6B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {9A1F8173-678E-412C-83DE-6DAB9F85E48C} - System32\Tasks\{B1DF7B41-118C-40F9-9F56-261A28DE0FBD} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{532F6E8A-AF97-41C3-915F-39F718EC07D1} /l1031
Task: {A3C8A7B4-466C-41ED-9A91-22CAEC147A01} - System32\Tasks\{A335E03A-079F-4003-A1BD-46B6373653EE} => pcalua.exe -a C:\Users\Arje\Downloads\BrettspielWelt.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {AA579816-FD6D-4144-B527-EF0D46D3798E} - System32\Tasks\{5BC96DC0-015B-4637-9AF1-507CFAFE7FB7} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {C13766DE-0613-4F14-853B-F6EF19A955BC} - System32\Tasks\{05988BF7-E6C4-4466-91AC-3B9FE8003752} => pcalua.exe -a C:\Users\Arje\Downloads\winrar300.exe -d C:\Users\Arje\Downloads
Task: {D49A6421-89F7-48C6-9B77-5371DCD3E436} - System32\Tasks\{B508F2DA-3BC6-4978-AF64-98DFF9075550} => pcalua.exe -a C:\Users\Arje\Downloads\EmuPMX_PCApp_L6_2_10_00.exe -d C:\Users\Arje\Downloads
Task: {EB5DFD63-23B3-497D-AB6F-B41C99DBFE16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {F5D1EE46-F4DD-4A86-ABAD-0E30F4510E33} - System32\Tasks\{0E6BD7D0-D39C-4F19-9A45-38144605EACE} => pcalua.exe -a F:\Autorun.exe -d F:\
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2009-12-02 20:08 - 2009-03-02 14:06 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2015-03-09 13:17 - 2012-03-12 10:05 - 00232288 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2009-12-03 18:43 - 2013-04-16 10:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-09 19:15 - 2013-10-29 13:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-01-09 19:15 - 2012-12-11 11:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2009-12-02 20:08 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2015-01-09 19:15 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2015-01-09 19:15 - 2013-11-05 16:31 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-01-29 18:09 - 2015-01-29 18:09 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 02396691 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 02043411 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00244243 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00383507 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00118803 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00021011 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00016403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00021523 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00030739 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00021011 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00063507 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00036883 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00024595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00064531 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00091667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00067603 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00077331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00292371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 01393171 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00130579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00168979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00058899 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00013331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-07-23 00:29 - 2014-07-23 00:29 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2015-02-15 01:40 - 2015-02-15 01:40 - 00381440 _____ () C:\Windows\mod_frst.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Arje\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^JonDo.lnk => C:\Windows\pss\JonDo.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Arje^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Arje^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Arje^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Arje^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Super Finder XT.lnk => C:\Windows\pss\Super Finder XT.lnk.Startup
MSCONFIG\startupreg: 2ndSpeechCenter => C:\Program Files (x86)\2nd Speech Center\iisc.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DataFinder => "C:\Program Files (x86)\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe" /auto
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MSCONFIG\startupreg: SACMonitor => "C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACMonitor.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-454721375-3589406793-525374796-500 - Administrator - Disabled)
Arje (S-1-5-21-454721375-3589406793-525374796-1000 - Administrator - Enabled) => C:\Users\Arje
ASPNET (S-1-5-21-454721375-3589406793-525374796-1004 - Limited - Enabled)
Gast (S-1-5-21-454721375-3589406793-525374796-501 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/11/2015 08:29:01 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
--- Ende der internen Ausnahmestapelüberwachung ---
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/10/2015 09:31:18 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
--- Ende der internen Ausnahmestapelüberwachung ---
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/10/2015 09:14:33 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
--- Ende der internen Ausnahmestapelüberwachung ---
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/09/2015 11:06:25 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
--- Ende der internen Ausnahmestapelüberwachung ---
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/09/2015 11:02:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Setup.exe_InstallShield (R), Version: 9.1.0.429, Zeitstempel: 0x3fb01c5d
Name des fehlerhaften Moduls: iuser.dll, Version: 9.1.0.429, Zeitstempel: 0x3fb01b4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014129
ID des fehlerhaften Prozesses: 0x1754
Startzeit der fehlerhaften Anwendung: 0xSetup.exe_InstallShield (R)0
Pfad der fehlerhaften Anwendung: Setup.exe_InstallShield (R)1
Pfad des fehlerhaften Moduls: Setup.exe_InstallShield (R)2
Berichtskennung: Setup.exe_InstallShield (R)3
Error: (03/09/2015 10:42:34 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (03/09/2015 10:42:01 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
--- Ende der internen Ausnahmestapelüberwachung ---
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/09/2015 10:04:18 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
--- Ende der internen Ausnahmestapelüberwachung ---
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/09/2015 08:42:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Der Vorgang wurde erfolgreich beendet
--- Ende der internen Ausnahmestapelüberwachung ---
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/09/2015 08:40:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_InstallShield (R), Version: 9.1.0.429, Zeitstempel: 0x3fb01c5d
Name des fehlerhaften Moduls: iuser.dll, Version: 9.1.0.429, Zeitstempel: 0x3fb01b4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014129
ID des fehlerhaften Prozesses: 0x1434
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_InstallShield (R)0
Pfad der fehlerhaften Anwendung: setup.exe_InstallShield (R)1
Pfad des fehlerhaften Moduls: setup.exe_InstallShield (R)2
Berichtskennung: setup.exe_InstallShield (R)3
System errors:
=============
Error: (03/11/2015 08:29:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ASPI32
Error: (03/11/2015 08:29:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (03/11/2015 08:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (03/11/2015 08:28:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (03/11/2015 08:28:31 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/11/2015 06:57:02 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (03/11/2015 06:56:58 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (03/10/2015 09:46:14 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (03/10/2015 09:32:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ASPI32
Error: (03/10/2015 09:31:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Microsoft Office Sessions:
=========================
Error: (06/30/2010 10:46:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3977 seconds with 3360 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2010-08-03 00:18:10.911
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\RRZE9BE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-08-03 00:18:10.900
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\RRZE9BE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-20 17:18:35.106
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\BALA8CC.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-20 17:18:35.086
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\BALA8CC.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-16 18:24:36.015
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\IZL280E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-16 18:24:36.004
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\IZL280E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-16 18:24:17.080
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\LGNCE79.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-16 18:24:17.061
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\LGNCE79.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-14 22:40:55.235
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\XIV113E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-06-14 22:40:55.209
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Arje\AppData\Local\Temp\XIV113E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 42%
Total physical RAM: 4094.49 MB
Available physical RAM: 2344.13 MB
Total Pagefile: 8187.13 MB
Available Pagefile: 5960.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:21.84 GB) NTFS
Drive d: (Drakonia) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B05FCFA5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Problemsignatur:
Problemereignisname: APPCRASH
Anwendungsname: Gmer-19357.exe
Anwendungsversion: 2.1.19357.0
Anwendungszeitstempel: 52e7ea83
Fehlermodulname: Gmer-19357.exe
Fehlermodulversion: 2.1.19357.0
Fehlermodulzeitstempel: 52e7ea83
Ausnahmecode: c0000005
Ausnahmeoffset: 000011aa
Betriebsystemversion: 6.1.7600.2.0.0.256.1
Gebietsschema-ID: 1031
Zusatzinformation 1: 0a9e
Zusatzinformation 2: 0a9e372d3b4ad19135b953a78882e789
Zusatzinformation 3: 0a9e
Zusatzinformation 4: 0a9e372d3b4ad19135b953a78882e789
Lesen Sie unsere Datenschutzbestimmungen online:
hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407
Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
C:\Windows\system32\de-DE\erofflps.txt
Geändert von AxiomPro (11.03.2015 um 09:44 Uhr) |
|
11.03.2015, 09:36
| #2 |
| /// the machine /// TB-Ausbilder    | Win7 ständig 70-100% CPU Auslastung Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
11.03.2015, 09:45
| #3 |
| | Win7 ständig 70-100% CPU Auslastung Avira Ereignisse!
__________________Code:
ATTFilter Exportierte Ereignisse:
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\DW\DWTRIG20.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\EQUATION\EQNEDT32.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPSCAN.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPOCRDC.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\CD_START.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\SETUP.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\OWC11\SETUP.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPVIEW.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\DSSM.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\EXCEL.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1031\SCANOST.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1031\SCANPST.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\FINDER.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\MSACCESS.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\MSE7.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\GRAPH.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\INFOPATH.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOXMLED.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\SNAPVIEW\SNAPVIEW.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\MSINFO\OINFOP11.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOICONS.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\SRCENG\OSE.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\11\DFUICOM.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1031\CNFNOT32.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\MDM.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\VS7JIT.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\UNBIND.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\WAVTOASF.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\SETLANG.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\PROFLWIZ.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\SELFCERT.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\WINWORD.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\SYSTEM\CTFMON.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\SYSTEM\WISPTIS.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\1031\UNPACK.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\1031\MSOHELP.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\1031\SCHDPL32.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\MSTORDB.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\MSTORE.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\MSQRY32.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\MSOHTMED.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\MSPUB.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\OFFCLN.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\POWERPNT.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\PPTVIEW.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\OUTLOOK.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\OIS.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03\Office\FILES\PFILES\MSOFFICE\OFFICE11\OSA.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPSCAN.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPOCRDC.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\EQUATION\EQNEDT32.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOICONS.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\MSINFO\OINFOP11.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPVIEW.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\DW\DWTRIG20.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 - Kopie\Office\SETUP.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 - Kopie\CD_START.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOXMLED.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 - Kopie\Office\FILES\OWC11\SETUP.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Arje\Documents\2nd.speech.center.v4.15.10.1202.keygen-tsrh.rar'
enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.115200.93' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7c654c28.qua'
verschoben!
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Arje\Desktop\Starcraft\maps\download\[2]Barbarian
Highlands.scm'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '39de60d2.qua'
verschoben!
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Arje\Downloads\Insert No Coins (2010)(Razor
1911)(Win32)(64k).zip'
enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.Agent.CBKEFIZ.1'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1a4303ea.qua'
verschoben!
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Arje\Downloads\The Talos Principle [FitGirl
Repack]\setup.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '508a76bf.qua'
verschoben!
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Arje\Downloads\Photo_20140819_Z4658966522-068565.rar'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4800591c.qua'
verschoben!
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\SRCENG\OSE.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\O-03 -
Kopie\Office\FILES\PFILES\COMMON\MSSHARED\SNAPVIEW\SNAPVIEW.EXE'
enthielt einen Virus oder unerwünschtes Programm 'W32/Stanit' [virus].
Durchgeführte Aktion(en):
Die Registrierung wurde für diese Datei nicht bereinigt, wegen zu vieler
Mehrfachfunde. Für eine genauere Analyse sollten Sie uns diese Datei über den
Quarantäne Manager zur genaueren Untersuchung zusenden.
Die Datei wurde repariert.
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Ablage\Windows 7 Home Premium (64 Bit)\Windows 7
Activation\Windows 7 Activation.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Rogue.625152.5' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '76543f72.qua'
verschoben!
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Arje\Desktop\Sonst\2nd.speech.center.v4.15.10.1202.keygen-tsrh\keygen.
exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.115200.93' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '46e1536c.qua'
verschoben!
11.03.2015 06:55 [System-Scanner] Malware gefunden
Die Datei 'C:\Spiele\Mass Effect\backup\MassEffect.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Agent.8026373' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0a537f2a.qua'
verschoben!
09.03.2015 13:30 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-SPRRQ.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.02.2015 17:24 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-UTGPT.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.02.2015 17:14 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-UTGPT.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
21.02.2015 17:11 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-PO75V.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.02.2015 17:01 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-PO75V.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
21.02.2015 16:47 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-SPRRQ.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.02.2015 16:38 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-SPRRQ.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
21.02.2015 15:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-2E7P1.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.02.2015 15:22 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Arje\AppData\Local\Temp\is-2E7P1.tmp\rawpack.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
21.02.2015 11:53 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
wurde ein Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper] gefunden.
Ausgeführte Aktion: Zugriff verweigern
14.02.2015 01:35 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
wurde ein Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper] gefunden.
Ausgeführte Aktion: Zugriff erlauben
14.02.2015 01:35 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
wurde ein Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper] gefunden.
Ausgeführte Aktion: Zugriff erlauben
14.02.2015 01:35 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
enthielt einen Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper].
Durchgeführte Aktion(en):
Die Datei wurde ignoriert.
14.02.2015 01:34 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
enthielt einen Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper].
Durchgeführte Aktion(en):
Die Datei wurde ignoriert.
14.02.2015 01:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
wurde ein Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper] gefunden.
Ausgeführte Aktion: Zugriff verweigern
14.02.2015 01:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
wurde ein Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper] gefunden.
Ausgeführte Aktion: Zugriff verweigern
14.02.2015 01:28 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
wurde ein Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper] gefunden.
Ausgeführte Aktion: Zugriff verweigern
13.02.2015 23:25 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold
Edition\bin\FC4Launcher.exe'
wurde ein Virus oder unerwünschtes Programm 'DR/Delphi.Gen7' [dropper] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
|
|
11.03.2015, 20:06
| #4 |
| /// the machine /// TB-Ausbilder | Win7 ständig 70-100% CPU Auslastung Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.03.2015, 22:13
| #5 |
| | Win7 ständig 70-100% CPU AuslastungCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.11.05
rootkit: v2015.02.25.01
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Arje :: MUSICMASHINE [administrator]
11.03.2015 20:56:08
mbar-log-2015-03-11 (20-56-08).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 414981
Time elapsed: 26 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5c026fd8-4021-75c5-673f-f6b4d1c16a04} (Adware.LoudMo) -> Delete on reboot. [dd64172d2367023480aea09c09fac13f]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5C026FD8-4021-75C5-673F-F6B4D1C16A04} (Adware.LoudMo) -> Delete on reboot. [dd64172d2367023480aea09c09fac13f]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Replace on reboot. [ffffffffffffffffffffffffffffffff]
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 22:07:04.0231 0x13c0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:07:24.0282 0x13c0 ============================================================
22:07:24.0282 0x13c0 Current date / time: 2015/03/11 22:07:24.0282
22:07:24.0282 0x13c0 SystemInfo:
22:07:24.0282 0x13c0
22:07:24.0282 0x13c0 OS Version: 6.1.7600 ServicePack: 0.0
22:07:24.0282 0x13c0 Product type: Workstation
22:07:24.0283 0x13c0 ComputerName: MUSICMASHINE
22:07:24.0283 0x13c0 UserName: Arje
22:07:24.0283 0x13c0 Windows directory: C:\Windows
22:07:24.0283 0x13c0 System windows directory: C:\Windows
22:07:24.0283 0x13c0 Running under WOW64
22:07:24.0283 0x13c0 Processor architecture: Intel x64
22:07:24.0283 0x13c0 Number of processors: 4
22:07:24.0283 0x13c0 Page size: 0x1000
22:07:24.0283 0x13c0 Boot type: Normal boot
22:07:24.0283 0x13c0 ============================================================
22:07:26.0793 0x13c0 KLMD registered as C:\Windows\system32\drivers\03221314.sys
22:07:27.0096 0x13c0 System UUID: {71245657-3B8C-2438-2654-988BD306EAE5}
22:07:27.0758 0x13c0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
22:07:27.0793 0x13c0 ============================================================
22:07:27.0793 0x13c0 \Device\Harddisk0\DR0:
22:07:27.0793 0x13c0 MBR partitions:
22:07:27.0793 0x13c0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:07:27.0793 0x13c0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
22:07:27.0793 0x13c0 ============================================================
22:07:27.0830 0x13c0 C: <-> \Device\Harddisk0\DR0\Partition2
22:07:27.0830 0x13c0 ============================================================
22:07:27.0830 0x13c0 Initialize success
22:07:27.0830 0x13c0 ============================================================
22:08:11.0295 0x14bc ============================================================
22:08:11.0295 0x14bc Scan started
22:08:11.0295 0x14bc Mode: Manual; SigCheck; TDLFS;
22:08:11.0295 0x14bc ============================================================
22:08:11.0295 0x14bc KSN ping started
22:08:16.0374 0x14bc KSN ping finished: true
22:08:18.0864 0x14bc ================ Scan system memory ========================
22:08:18.0874 0x14bc System memory - ok
22:08:18.0874 0x14bc ================ Scan services =============================
22:08:18.0994 0x14bc [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:08:19.0074 0x14bc 1394ohci - ok
22:08:19.0124 0x14bc [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
22:08:19.0144 0x14bc ACPI - ok
22:08:19.0184 0x14bc [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
22:08:19.0244 0x14bc AcpiPmi - ok
22:08:19.0314 0x14bc [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:08:19.0334 0x14bc Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
22:08:24.0704 0x14bc Detect skipped due to KSN trusted
22:08:24.0704 0x14bc Adobe LM Service - ok
22:08:24.0774 0x14bc [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:08:24.0784 0x14bc AdobeARMservice - ok
22:08:24.0894 0x14bc [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:08:24.0904 0x14bc AdobeFlashPlayerUpdateSvc - ok
22:08:24.0944 0x14bc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:08:24.0964 0x14bc adp94xx - ok
22:08:25.0014 0x14bc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:08:25.0024 0x14bc adpahci - ok
22:08:25.0064 0x14bc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:08:25.0074 0x14bc adpu320 - ok
22:08:25.0094 0x14bc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:08:25.0174 0x14bc AeLookupSvc - ok
22:08:25.0244 0x14bc [ 4C9CD7370DA679CD54039179133C1631, 94D831F02F2D13A368DCEEC491186A17E82D9151F821807F2A6F3478BC9E2050 ] AF15BDA C:\Windows\system32\DRIVERS\AF15BDA.sys
22:08:25.0294 0x14bc AF15BDA - ok
22:08:25.0334 0x14bc [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
22:08:25.0384 0x14bc AFD - ok
22:08:25.0414 0x14bc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
22:08:25.0414 0x14bc agp440 - ok
22:08:25.0454 0x14bc [ 3392A62BD8C2232C87B94C330AFA91B1, 40D3EB7690161FA13482AEB08B8270781AC57FE143849D2C734868D6D48E2636 ] AKSIFDH C:\Windows\system32\DRIVERS\aksifdh.sys
22:08:25.0474 0x14bc AKSIFDH - ok
22:08:25.0514 0x14bc [ ED56724B39D1B965D64B9EF50FAFD3BD, 629B83F0F9BE2339D210313502D38A800C6ADB84C1D94DD8C5A80A8FA43F1BD8 ] AKSUP C:\Windows\system32\drivers\aksup.sys
22:08:25.0514 0x14bc AKSUP - ok
22:08:25.0544 0x14bc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:08:25.0584 0x14bc ALG - ok
22:08:25.0624 0x14bc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
22:08:25.0624 0x14bc aliide - ok
22:08:25.0674 0x14bc [ BAEB14025E23CB568DF127631252822F, 23686C2B9DDA8B877F24C3FDBDC9C57F31B44129102160A3CC1CDC7DC44DDECF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:08:25.0724 0x14bc AMD External Events Utility - ok
22:08:25.0794 0x14bc AMD FUEL Service - ok
22:08:25.0804 0x14bc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
22:08:25.0804 0x14bc amdide - ok
22:08:25.0854 0x14bc [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
22:08:25.0854 0x14bc amdiox64 - ok
22:08:25.0884 0x14bc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:08:25.0904 0x14bc AmdK8 - ok
22:08:26.0254 0x14bc [ 9E9AE678BBA7E4B80E28F99CE23BC2D2, C10AE63D8D7B4B836B3D0118C25E1D9283DE1800CF1031F19FA5E11431FBF932 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:08:26.0704 0x14bc amdkmdag - ok
22:08:26.0764 0x14bc [ 7A75C6913E3AD123C06D753B5642468E, AFB153A61DE0AB1C80246ED89D351A242863CCD379FA87465B3B6878B5119368 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:08:26.0804 0x14bc amdkmdap - ok
22:08:26.0834 0x14bc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:08:26.0864 0x14bc AmdPPM - ok
22:08:26.0894 0x14bc [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
22:08:26.0904 0x14bc amdsata - ok
22:08:26.0924 0x14bc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:08:26.0944 0x14bc amdsbs - ok
22:08:26.0954 0x14bc [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
22:08:26.0964 0x14bc amdxata - ok
22:08:27.0054 0x14bc [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:08:27.0074 0x14bc AntiVirSchedulerService - ok
22:08:27.0124 0x14bc [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:08:27.0134 0x14bc AntiVirService - ok
22:08:27.0194 0x14bc [ 42C4D3A50A7CCAF716002DD594EEA8B1, 7F61EAE058E89F3039F47EB1B171F0C5D694927BEDCB54093C463A4D6665EDC5 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
22:08:27.0224 0x14bc AntiVirWebService - ok
22:08:27.0264 0x14bc AODDriver4.01 - ok
22:08:27.0274 0x14bc AODDriver4.2.0 - ok
22:08:27.0324 0x14bc [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:08:27.0334 0x14bc AODDriver4.3 - ok
22:08:27.0374 0x14bc [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
22:08:27.0444 0x14bc AppID - ok
22:08:27.0474 0x14bc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:08:27.0504 0x14bc AppIDSvc - ok
22:08:27.0534 0x14bc [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
22:08:27.0564 0x14bc Appinfo - ok
22:08:27.0604 0x14bc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
22:08:27.0644 0x14bc AppMgmt - ok
22:08:27.0674 0x14bc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
22:08:27.0684 0x14bc arc - ok
22:08:27.0694 0x14bc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:08:27.0694 0x14bc arcsas - ok
22:08:27.0734 0x14bc ASPI - ok
22:08:27.0754 0x14bc ASPI32 - ok
22:08:27.0864 0x14bc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:08:27.0904 0x14bc aspnet_state - ok
22:08:27.0924 0x14bc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:08:27.0954 0x14bc AsyncMac - ok
22:08:27.0974 0x14bc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
22:08:27.0984 0x14bc atapi - ok
22:08:28.0034 0x14bc [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:08:28.0064 0x14bc AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
22:08:32.0354 0x14bc Detect skipped due to KSN trusted
22:08:32.0354 0x14bc AtiHDAudioService - ok
22:08:32.0654 0x14bc [ 9E9AE678BBA7E4B80E28F99CE23BC2D2, C10AE63D8D7B4B836B3D0118C25E1D9283DE1800CF1031F19FA5E11431FBF932 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:08:32.0944 0x14bc atikmdag - ok
22:08:33.0004 0x14bc [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
22:08:33.0004 0x14bc AtiPcie - ok
22:08:33.0054 0x14bc [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:08:33.0064 0x14bc atksgt - ok
22:08:33.0124 0x14bc [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:08:33.0164 0x14bc AudioEndpointBuilder - ok
22:08:33.0184 0x14bc [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:08:33.0224 0x14bc AudioSrv - ok
22:08:33.0284 0x14bc [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:08:33.0294 0x14bc avgntflt - ok
22:08:33.0314 0x14bc [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:08:33.0324 0x14bc avipbb - ok
22:08:33.0424 0x14bc [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
22:08:33.0434 0x14bc Avira.OE.ServiceHost - ok
22:08:33.0444 0x14bc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:08:33.0454 0x14bc avkmgr - ok
22:08:33.0494 0x14bc [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:08:33.0554 0x14bc AxInstSV - ok
22:08:33.0614 0x14bc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:08:33.0664 0x14bc b06bdrv - ok
22:08:33.0704 0x14bc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:08:33.0734 0x14bc b57nd60a - ok
22:08:33.0754 0x14bc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:08:33.0784 0x14bc BDESVC - ok
22:08:33.0834 0x14bc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:08:33.0864 0x14bc Beep - ok
22:08:33.0924 0x14bc [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
22:08:33.0974 0x14bc BFE - ok
22:08:34.0024 0x14bc [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
22:08:34.0084 0x14bc BITS - ok
22:08:34.0134 0x14bc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:08:34.0154 0x14bc blbdrive - ok
22:08:34.0184 0x14bc [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:08:34.0204 0x14bc bowser - ok
22:08:34.0224 0x14bc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:08:34.0244 0x14bc BrFiltLo - ok
22:08:34.0264 0x14bc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:08:34.0274 0x14bc BrFiltUp - ok
22:08:34.0324 0x14bc [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
22:08:34.0364 0x14bc Browser - ok
22:08:34.0424 0x14bc [ 91EB9C1FC4A4221CA3CCBD864F815C30, 04F400DB0D0B0C4DF8B30ABBEE035B45223A16E0EEC6D1C1EB0143A2EB3D7328 ] BrPar C:\Windows\System32\drivers\BrPar64a.sys
22:08:34.0474 0x14bc BrPar - ok
22:08:34.0554 0x14bc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:08:34.0644 0x14bc Brserid - ok
22:08:34.0664 0x14bc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:08:34.0684 0x14bc BrSerWdm - ok
22:08:34.0704 0x14bc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:08:34.0734 0x14bc BrUsbMdm - ok
22:08:34.0744 0x14bc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:08:34.0754 0x14bc BrUsbSer - ok
22:08:34.0834 0x14bc [ A9C4AEE6AC10D41BB815468D2E734045, 9019FC32DFAAB2ECB76C3E0970F4867504DFDDB1CE046B1AD16BF9F938D2A218 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
22:08:34.0854 0x14bc BstHdAndroidSvc - ok
22:08:34.0864 0x14bc [ EAE75499461AE856330EBDB3489DB1E9, 143DBC8BE15A34D95D786AEC8E39851F552BC09194F50BCDB36BD2E014C11F0E ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
22:08:34.0874 0x14bc BstHdDrv - ok
22:08:34.0894 0x14bc [ CD96992A52B454CDBB77E56F9F7FA151, BA4A23D718579B813E71174A627252308823EA9082C97BE0491DF0CE8C95A836 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
22:08:34.0904 0x14bc BstHdLogRotatorSvc - ok
22:08:34.0934 0x14bc BT - ok
22:08:34.0944 0x14bc BTCOM - ok
22:08:34.0954 0x14bc BTCOMBUS - ok
22:08:34.0974 0x14bc Btcsrusb - ok
22:08:35.0004 0x14bc [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:08:35.0034 0x14bc BthEnum - ok
22:08:35.0054 0x14bc [ 30B59C7B65092EA44C8668AFEB47AAAD, 8F8FE9D06A65C3E1A6F973F8202C6EFA5BF7F99F11F23E2D9A720054041D23B3 ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
22:08:35.0064 0x14bc BtHidBus - ok
22:08:35.0074 0x14bc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:08:35.0104 0x14bc BTHMODEM - ok
22:08:35.0114 0x14bc [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:08:35.0144 0x14bc BthPan - ok
22:08:35.0184 0x14bc [ A51FA9D0E85D5ADABEF72E67F386309C, 4F6F44D5E3A43239B50BCA75CBAA48FE40097E2AFF9360E1956F41ED52BD8183 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:08:35.0224 0x14bc BTHPORT - ok
22:08:35.0254 0x14bc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:08:35.0274 0x14bc bthserv - ok
22:08:35.0284 0x14bc [ F740B9A16B2C06700F2130E19986BF3B, 92158FD1B3706DE068F077ACA9A25F5479EF282E8B81F5A2FF8A66CBB5F80FCF ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:08:35.0314 0x14bc BTHUSB - ok
22:08:35.0344 0x14bc [ C0D50877BB7EC88A953A2A56CEF170FA, 3312E4EEA35D1B61CF67424E2050575A73608E49999513343EC5B0BF3CB3B60F ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
22:08:35.0344 0x14bc btnetBUs - ok
22:08:35.0384 0x14bc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:08:35.0424 0x14bc cdfs - ok
22:08:35.0474 0x14bc [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:08:35.0484 0x14bc cdrom - ok
22:08:35.0524 0x14bc [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
22:08:35.0574 0x14bc CertPropSvc - ok
22:08:35.0594 0x14bc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:08:35.0614 0x14bc circlass - ok
22:08:35.0644 0x14bc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
22:08:35.0664 0x14bc CLFS - ok
22:08:35.0704 0x14bc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:08:35.0714 0x14bc clr_optimization_v2.0.50727_32 - ok
22:08:35.0754 0x14bc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:08:35.0754 0x14bc clr_optimization_v2.0.50727_64 - ok
22:08:35.0834 0x14bc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:08:35.0844 0x14bc clr_optimization_v4.0.30319_32 - ok
22:08:35.0854 0x14bc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:08:35.0894 0x14bc clr_optimization_v4.0.30319_64 - ok
22:08:35.0914 0x14bc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:08:35.0934 0x14bc CmBatt - ok
22:08:36.0044 0x14bc [ 65FB5097D9EE7E3A99E932CFA0E4B344, 42BFD514204CDFD37BDF388DE0BEB5909F24777807A10C0BB2CEF763B9FEC876 ] cmdagent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
22:08:36.0104 0x14bc cmdagent - ok
22:08:36.0154 0x14bc [ 919ACCC22ABDC1C3CA68326C0E5DEAF9, 25AFA22BD3D5A50C7BE9C05ED03079D1CE9042A235738D3DCFEBB1F5A262BC94 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
22:08:36.0174 0x14bc cmdGuard - ok
22:08:36.0204 0x14bc [ F8FECE0F1D44C4A58778083B00EEADAC, 595E961D5D30BE15FA662A41AA995CD7A03D6B79D5A095489FD20B2F4104C4C5 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
22:08:36.0214 0x14bc cmdHlp - ok
22:08:36.0224 0x14bc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
22:08:36.0224 0x14bc cmdide - ok
22:08:36.0244 0x14bc [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
22:08:36.0274 0x14bc CNG - ok
22:08:36.0284 0x14bc COMMONFX - ok
22:08:36.0294 0x14bc COMMONFX.DLL - ok
22:08:36.0304 0x14bc COMMONFX.SYS - ok
22:08:36.0344 0x14bc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:08:36.0354 0x14bc Compbatt - ok
22:08:36.0374 0x14bc [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:08:36.0404 0x14bc CompositeBus - ok
22:08:36.0424 0x14bc COMSysApp - ok
22:08:36.0444 0x14bc cpuz136 - ok
22:08:36.0464 0x14bc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:08:36.0464 0x14bc crcdisk - ok
22:08:36.0504 0x14bc [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:08:36.0554 0x14bc CryptSvc - ok
22:08:36.0574 0x14bc [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
22:08:36.0634 0x14bc CSC - ok
22:08:36.0674 0x14bc [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
22:08:36.0724 0x14bc CscService - ok
22:08:36.0724 0x14bc CT20XUT - ok
22:08:36.0734 0x14bc CT20XUT.DLL - ok
22:08:36.0744 0x14bc CT20XUT.SYS - ok
22:08:36.0754 0x14bc ctac32k - ok
22:08:36.0754 0x14bc ctaud2k - ok
22:08:36.0754 0x14bc CTAUDFX - ok
22:08:36.0754 0x14bc CTAUDFX.DLL - ok
22:08:36.0764 0x14bc CTAUDFX.SYS - ok
22:08:36.0764 0x14bc CTEAPSFX - ok
22:08:36.0764 0x14bc CTEAPSFX.DLL - ok
22:08:36.0774 0x14bc CTEAPSFX.SYS - ok
22:08:36.0774 0x14bc CTEDSPFX - ok
22:08:36.0774 0x14bc CTEDSPFX.DLL - ok
22:08:36.0774 0x14bc CTEDSPFX.SYS - ok
22:08:36.0784 0x14bc CTEDSPIO - ok
22:08:36.0784 0x14bc CTEDSPIO.DLL - ok
22:08:36.0784 0x14bc CTEDSPIO.SYS - ok
22:08:36.0794 0x14bc CTEDSPSY - ok
22:08:36.0794 0x14bc CTEDSPSY.DLL - ok
22:08:36.0794 0x14bc CTEDSPSY.SYS - ok
22:08:36.0794 0x14bc CTERFXFX - ok
22:08:36.0804 0x14bc CTERFXFX.SYS - ok
22:08:36.0804 0x14bc CTEXFIFX - ok
22:08:36.0804 0x14bc CTEXFIFX.DLL - ok
22:08:36.0814 0x14bc CTEXFIFX.SYS - ok
22:08:36.0814 0x14bc CTHWIUT - ok
22:08:36.0814 0x14bc CTHWIUT.DLL - ok
22:08:36.0814 0x14bc CTHWIUT.SYS - ok
22:08:36.0824 0x14bc ctprxy2k - ok
22:08:36.0824 0x14bc CTSBLFX - ok
22:08:36.0824 0x14bc CTSBLFX.DLL - ok
22:08:36.0824 0x14bc CTSBLFX.SYS - ok
22:08:36.0864 0x14bc [ C2898531A1D40C667718C4D17B7B6535, 0AF983B0936B5A062497724557A199753B3A1EC8FDE65FF68532725677A96D59 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
22:08:36.0874 0x14bc ctsfm2k - ok
22:08:36.0924 0x14bc [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
22:08:36.0924 0x14bc CVirtA - ok
22:08:37.0054 0x14bc [ 98C413E1A2FB6E5A4C101C25B3D0B275, 86C02211285F1807A6B276F07C56DE1A54BD5947E513884D8D971A22F4362849 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
22:08:37.0094 0x14bc CVPND - ok
22:08:37.0124 0x14bc [ 79AF0E203D089AF442A3F70ED00A37FB, BF28BF9AEE23A3052D5ADA6C1B4C255C5F09DED69BB88D2CA3C011D2C3CFA8C1 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
22:08:37.0144 0x14bc CVPNDRVA - ok
22:08:37.0194 0x14bc [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:08:37.0244 0x14bc DcomLaunch - ok
22:08:37.0284 0x14bc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:08:37.0334 0x14bc defragsvc - ok
22:08:37.0374 0x14bc [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:08:37.0414 0x14bc DfsC - ok
22:08:37.0454 0x14bc [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:08:37.0504 0x14bc Dhcp - ok
22:08:37.0514 0x14bc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:08:37.0534 0x14bc discache - ok
22:08:37.0574 0x14bc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:08:37.0584 0x14bc Disk - ok
22:08:37.0624 0x14bc [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
22:08:37.0634 0x14bc DNE - ok
22:08:37.0684 0x14bc [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:08:37.0724 0x14bc Dnscache - ok
22:08:37.0744 0x14bc [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
22:08:37.0794 0x14bc dot3svc - ok
22:08:37.0834 0x14bc [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
22:08:37.0854 0x14bc DPS - ok
22:08:37.0894 0x14bc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:08:37.0924 0x14bc drmkaud - ok
22:08:37.0974 0x14bc [ EBCE0B0924835F635F620D19F0529DCE, 15BF803765373264390879FCA86C6D89C92DAFD0B1A36DEFA78EF01EBA2F9C26 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:08:38.0004 0x14bc DXGKrnl - ok
22:08:38.0054 0x14bc [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
22:08:38.0074 0x14bc E1G60 - ok
22:08:38.0094 0x14bc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:08:38.0144 0x14bc EapHost - ok
22:08:38.0234 0x14bc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:08:38.0344 0x14bc ebdrv - ok
22:08:38.0384 0x14bc [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
22:08:38.0414 0x14bc EFS - ok
22:08:38.0474 0x14bc [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:08:38.0534 0x14bc ehRecvr - ok
22:08:38.0584 0x14bc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:08:38.0614 0x14bc ehSched - ok
22:08:38.0654 0x14bc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:08:38.0674 0x14bc elxstor - ok
22:08:38.0684 0x14bc emupia - ok
22:08:38.0694 0x14bc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
22:08:38.0714 0x14bc ErrDev - ok
22:08:38.0754 0x14bc [ 2C31DCAA88D269E13A935910DBB4CC61, 5D52781D10A01EE63BED8F5BF15B852EA19E192F77E5835B12805A4DF6E9D408 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
22:08:38.0754 0x14bc ES lite Service - ok
22:08:38.0814 0x14bc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:08:38.0854 0x14bc EventSystem - ok
22:08:38.0864 0x14bc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:08:38.0894 0x14bc exfat - ok
22:08:38.0914 0x14bc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:08:38.0954 0x14bc fastfat - ok
22:08:39.0004 0x14bc [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
22:08:39.0034 0x14bc Fax - ok
22:08:39.0044 0x14bc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:08:39.0054 0x14bc fdc - ok
22:08:39.0064 0x14bc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:08:39.0094 0x14bc fdPHost - ok
22:08:39.0114 0x14bc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:08:39.0144 0x14bc FDResPub - ok
22:08:39.0194 0x14bc [ BE4A56A3C7037908425000F916F46A27, 190D132C6C370CB457E793E29BADFA28F1872D4CE0D048B0D2EBCABB4A6BA102 ] FFUsbAudio C:\Windows\system32\DRIVERS\ffusbaudio.sys
22:08:39.0194 0x14bc FFUsbAudio - ok
22:08:39.0214 0x14bc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:08:39.0214 0x14bc FileInfo - ok
22:08:39.0224 0x14bc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:08:39.0264 0x14bc Filetrace - ok
22:08:39.0324 0x14bc [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:08:39.0344 0x14bc FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
22:08:44.0614 0x14bc Detect skipped due to KSN trusted
22:08:44.0614 0x14bc FLEXnet Licensing Service - ok
22:08:44.0634 0x14bc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:08:44.0644 0x14bc flpydisk - ok
22:08:44.0664 0x14bc [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:08:44.0674 0x14bc FltMgr - ok
22:08:44.0704 0x14bc [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache C:\Windows\system32\FntCache.dll
22:08:44.0774 0x14bc FontCache - ok
22:08:44.0814 0x14bc [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:08:44.0884 0x14bc FontCache3.0.0.0 - ok
22:08:44.0894 0x14bc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:08:44.0904 0x14bc FsDepends - ok
22:08:44.0914 0x14bc [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:08:44.0924 0x14bc Fs_Rec - ok
22:08:44.0974 0x14bc [ 290EBA98AD0CE0D1B880B5D71194B069, 60CF4DBCFBF5EABE127663322E0CA2B324DB8A92039E7B7C044ACD64DBD324AB ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
22:08:44.0984 0x14bc Futuremark SystemInfo Service - ok
22:08:45.0024 0x14bc [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:08:45.0034 0x14bc fvevol - ok
22:08:45.0074 0x14bc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:08:45.0084 0x14bc gagp30kx - ok
22:08:45.0124 0x14bc [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
22:08:45.0124 0x14bc gdrv - ok
22:08:45.0164 0x14bc [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
22:08:45.0204 0x14bc gpsvc - ok
22:08:45.0274 0x14bc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:08:45.0284 0x14bc gupdate - ok
22:08:45.0284 0x14bc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:08:45.0294 0x14bc gupdatem - ok
22:08:45.0294 0x14bc ha10kx2k - ok
22:08:45.0334 0x14bc [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
22:08:45.0334 0x14bc hamachi - ok
22:08:45.0354 0x14bc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:08:45.0394 0x14bc hcw85cir - ok
22:08:45.0444 0x14bc [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:08:45.0474 0x14bc HdAudAddService - ok
22:08:45.0504 0x14bc [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:08:45.0534 0x14bc HDAudBus - ok
22:08:45.0544 0x14bc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:08:45.0574 0x14bc HidBatt - ok
22:08:45.0594 0x14bc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:08:45.0624 0x14bc HidBth - ok
22:08:45.0644 0x14bc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:08:45.0664 0x14bc HidIr - ok
22:08:45.0684 0x14bc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:08:45.0714 0x14bc hidserv - ok
22:08:45.0744 0x14bc [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:08:45.0754 0x14bc HidUsb - ok
22:08:45.0824 0x14bc [ DFD1D30D8B68D883B5858748F7E35AD2, 051C9940054558DCB96746C0425A52F5294194163946B4A2A9CAEA64CFA855A1 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:08:45.0844 0x14bc HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
22:08:49.0924 0x14bc Detect skipped due to KSN trusted
22:08:49.0924 0x14bc HiPatchService - ok
22:08:49.0954 0x14bc [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
22:08:50.0044 0x14bc hkmsvc - ok
22:08:50.0134 0x14bc [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:08:50.0174 0x14bc HomeGroupListener - ok
22:08:50.0204 0x14bc [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:08:50.0234 0x14bc HomeGroupProvider - ok
22:08:50.0264 0x14bc [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
22:08:50.0274 0x14bc HpSAMD - ok
22:08:50.0324 0x14bc [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:08:50.0384 0x14bc HTTP - ok
22:08:50.0404 0x14bc [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:08:50.0404 0x14bc hwpolicy - ok
22:08:50.0424 0x14bc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:08:50.0434 0x14bc i8042prt - ok
22:08:50.0454 0x14bc [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
22:08:50.0474 0x14bc iaStorV - ok
22:08:50.0514 0x14bc [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:08:50.0544 0x14bc idsvc - ok
22:08:50.0554 0x14bc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:08:50.0564 0x14bc iirsp - ok
22:08:50.0634 0x14bc [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
22:08:50.0684 0x14bc IKEEXT - ok
22:08:50.0724 0x14bc [ 73BA74701D8E14D1B431BAB1C75641AD, 6B22333326B4BC41338E6F6C722567A022A1ACEECE95107E50DCC04077DABBC0 ] iKeyEnum C:\Windows\system32\DRIVERS\ikeyenum.sys
22:08:50.0724 0x14bc iKeyEnum - ok
22:08:50.0774 0x14bc [ 4E7681D5A354396F95DF46C942733E4A, F900ED0BAED9BBADE2659AEB695FE12C8144C4F1E0C75C42867BCBBF0054BDBC ] iKeyIFD C:\Windows\system32\DRIVERS\ikeyifd.sys
22:08:50.0784 0x14bc iKeyIFD - ok
22:08:50.0824 0x14bc [ C4E67D3037DC79E39D7136581A947F50, 1A632388942B2E3015C021EAA2470B1B4CB8BDFB16B24D85F66245374FE7A0EF ] inspect C:\Windows\system32\DRIVERS\inspect.sys
22:08:50.0834 0x14bc inspect - ok
22:08:50.0874 0x14bc [ 3FF52353F30AFC313DA1D2E2FB75F892, 3D383485CA998CB6E77B3C0AA80B11E061D3277ECC29B5D7CD282614FC6F7830 ] InstallShield Licensing Service C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
22:08:50.0884 0x14bc InstallShield Licensing Service - ok
22:08:50.0994 0x14bc [ F2B52C7B1C8E6A4FC4C4564F4A421F23, E2603B40E9E5C670AD1FDC0074C06CE1F77F024B2D695D0F48553916BC9B491A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:08:51.0044 0x14bc IntcAzAudAddService - ok
22:08:51.0064 0x14bc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
22:08:51.0064 0x14bc intelide - ok
22:08:51.0104 0x14bc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:08:51.0134 0x14bc intelppm - ok
22:08:51.0144 0x14bc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:08:51.0184 0x14bc IPBusEnum - ok
22:08:51.0204 0x14bc [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:08:51.0224 0x14bc IpFilterDriver - ok
22:08:51.0244 0x14bc [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:08:51.0294 0x14bc iphlpsvc - ok
22:08:51.0304 0x14bc [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:08:51.0314 0x14bc IPMIDRV - ok
22:08:51.0344 0x14bc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:08:51.0384 0x14bc IPNAT - ok
22:08:51.0414 0x14bc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:08:51.0424 0x14bc IRENUM - ok
22:08:51.0434 0x14bc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
22:08:51.0444 0x14bc isapnp - ok
22:08:51.0474 0x14bc [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:08:51.0484 0x14bc iScsiPrt - ok
22:08:51.0534 0x14bc [ C7B6BE6BF2B5766648E232077E86B6A0, A93308E112FC948710B2A6A51458E5F66105C544829AB8CD9FFD57695765EE0B ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
22:08:51.0544 0x14bc IvtBtBUs - ok
22:08:51.0564 0x14bc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:08:51.0574 0x14bc kbdclass - ok
22:08:51.0614 0x14bc [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:08:51.0644 0x14bc kbdhid - ok
22:08:51.0664 0x14bc [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
22:08:51.0664 0x14bc KeyIso - ok
22:08:51.0684 0x14bc [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:08:51.0694 0x14bc KSecDD - ok
22:08:51.0704 0x14bc [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:08:51.0714 0x14bc KSecPkg - ok
22:08:51.0724 0x14bc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:08:51.0754 0x14bc ksthunk - ok
22:08:51.0794 0x14bc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:08:51.0834 0x14bc KtmRm - ok
22:08:51.0854 0x14bc [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
22:08:51.0894 0x14bc LanmanServer - ok
22:08:51.0924 0x14bc [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:08:51.0954 0x14bc LanmanWorkstation - ok
22:08:52.0004 0x14bc [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:08:52.0014 0x14bc lirsgt - ok
22:08:52.0094 0x14bc [ 20CDB07017497C94A0BAD253C4BAFCBC, 5633D245525F9B8CAC4E87A95B0E19D1F34839483ED75AC8F7661DA29BC87EE7 ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe
22:08:52.0114 0x14bc LkCitadelServer - ok
22:08:52.0124 0x14bc [ 34139DA409C02DD6CC4361BC8394C1BF, 8522177ED7BA26593909B4130323938A9CC18CBA3BBD46F21A7DB92203369216 ] lkClassAds C:\Windows\SysWOW64\lkads.exe
22:08:52.0134 0x14bc lkClassAds - ok
22:08:52.0144 0x14bc [ 2732F1B21133689EE4512E4C41E35089, 543B42F994624753FAA35011CD28A5FE328E8194018D1D86907444EACF827BDB ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe
22:08:52.0144 0x14bc lkTimeSync - ok
22:08:52.0184 0x14bc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:08:52.0214 0x14bc lltdio - ok
22:08:52.0254 0x14bc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:08:52.0304 0x14bc lltdsvc - ok
22:08:52.0324 0x14bc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:08:52.0354 0x14bc lmhosts - ok
22:08:52.0394 0x14bc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:08:52.0394 0x14bc LSI_FC - ok
22:08:52.0414 0x14bc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:08:52.0424 0x14bc LSI_SAS - ok
22:08:52.0434 0x14bc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:08:52.0444 0x14bc LSI_SAS2 - ok
22:08:52.0454 0x14bc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:08:52.0464 0x14bc LSI_SCSI - ok
22:08:52.0474 0x14bc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:08:52.0514 0x14bc luafv - ok
22:08:52.0534 0x14bc [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:08:52.0564 0x14bc Mcx2Svc - ok
22:08:52.0584 0x14bc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:08:52.0594 0x14bc megasas - ok
22:08:52.0614 0x14bc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:08:52.0634 0x14bc MegaSR - ok
22:08:52.0714 0x14bc [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:08:52.0724 0x14bc Microsoft Office Groove Audit Service - ok
22:08:52.0734 0x14bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:08:52.0784 0x14bc MMCSS - ok
22:08:52.0864 0x14bc [ 5A78BB029FD8414381FF1315F1E46947, 24EC386E9DD1150F705C6BFB02886E6EC6DB97359236DB998F34FFE1F61B4547 ] Mobile Broadband HL Service C:\ProgramData\MobileBrServ\mbbservice.exe
22:08:52.0874 0x14bc Mobile Broadband HL Service - ok
22:08:52.0884 0x14bc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:08:52.0924 0x14bc Modem - ok
22:08:52.0954 0x14bc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:08:52.0974 0x14bc monitor - ok
22:08:53.0004 0x14bc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:08:53.0014 0x14bc mouclass - ok
22:08:53.0044 0x14bc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:08:53.0054 0x14bc mouhid - ok
22:08:53.0064 0x14bc [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:08:53.0074 0x14bc mountmgr - ok
22:08:53.0144 0x14bc [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:08:53.0154 0x14bc MozillaMaintenance - ok
22:08:53.0164 0x14bc [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
22:08:53.0174 0x14bc mpio - ok
22:08:53.0204 0x14bc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:08:53.0234 0x14bc mpsdrv - ok
22:08:53.0274 0x14bc [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:08:53.0334 0x14bc MpsSvc - ok
22:08:53.0354 0x14bc [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:08:53.0384 0x14bc MRxDAV - ok
22:08:53.0404 0x14bc [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:08:53.0444 0x14bc mrxsmb - ok
22:08:53.0464 0x14bc [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:08:53.0494 0x14bc mrxsmb10 - ok
22:08:53.0514 0x14bc [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:08:53.0534 0x14bc mrxsmb20 - ok
22:08:53.0544 0x14bc [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
22:08:53.0554 0x14bc msahci - ok
22:08:53.0564 0x14bc [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
22:08:53.0574 0x14bc msdsm - ok
22:08:53.0584 0x14bc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:08:53.0614 0x14bc MSDTC - ok
22:08:53.0634 0x14bc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:08:53.0664 0x14bc Msfs - ok
22:08:53.0694 0x14bc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:08:53.0734 0x14bc mshidkmdf - ok
22:08:53.0754 0x14bc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
22:08:53.0764 0x14bc msisadrv - ok
22:08:53.0784 0x14bc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:08:53.0814 0x14bc MSiSCSI - ok
22:08:53.0814 0x14bc msiserver - ok
22:08:53.0844 0x14bc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:08:53.0884 0x14bc MSKSSRV - ok
22:08:53.0894 0x14bc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:08:53.0934 0x14bc MSPCLOCK - ok
22:08:53.0954 0x14bc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:08:53.0984 0x14bc MSPQM - ok
22:08:54.0014 0x14bc [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:08:54.0024 0x14bc MsRPC - ok
22:08:54.0034 0x14bc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:08:54.0044 0x14bc mssmbios - ok
22:08:54.0044 0x14bc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:08:54.0084 0x14bc MSTEE - ok
22:08:54.0094 0x14bc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:08:54.0114 0x14bc MTConfig - ok
22:08:54.0154 0x14bc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:08:54.0154 0x14bc Mup - ok
22:08:54.0194 0x14bc [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
22:08:54.0224 0x14bc napagent - ok
22:08:54.0284 0x14bc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:08:54.0334 0x14bc NativeWifiP - ok
22:08:54.0414 0x14bc [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
22:08:54.0434 0x14bc NDIS - ok
22:08:54.0484 0x14bc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:08:54.0504 0x14bc NdisCap - ok
22:08:54.0534 0x14bc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:08:54.0574 0x14bc NdisTapi - ok
22:08:54.0614 0x14bc [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:08:54.0654 0x14bc Ndisuio - ok
22:08:54.0674 0x14bc [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:08:54.0704 0x14bc NdisWan - ok
22:08:54.0724 0x14bc [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:08:54.0744 0x14bc NDProxy - ok
22:08:54.0754 0x14bc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:08:54.0784 0x14bc NetBIOS - ok
22:08:54.0794 0x14bc [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:08:54.0844 0x14bc NetBT - ok
22:08:54.0854 0x14bc [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
22:08:54.0864 0x14bc Netlogon - ok
22:08:54.0894 0x14bc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:08:54.0944 0x14bc Netman - ok
22:08:55.0004 0x14bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:08:55.0014 0x14bc NetMsmqActivator - ok
22:08:55.0034 0x14bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:08:55.0044 0x14bc NetPipeActivator - ok
22:08:55.0054 0x14bc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:08:55.0104 0x14bc netprofm - ok
22:08:55.0244 0x14bc [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
22:08:55.0274 0x14bc netr28ux - ok
22:08:55.0314 0x14bc [ 81B8D0C1CE44A7FDBD596B693783950C, 9F47ACECFE32E935FE03D0134018A9C03698D9E25E6FC9B8A525A4FE4A880642 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
22:08:55.0344 0x14bc netr7364 - ok
22:08:55.0354 0x14bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:08:55.0364 0x14bc NetTcpActivator - ok
22:08:55.0364 0x14bc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:08:55.0374 0x14bc NetTcpPortSharing - ok
22:08:55.0404 0x14bc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:08:55.0414 0x14bc nfrd960 - ok
22:08:55.0474 0x14bc [ 7CC5EEEA597D17A206BF91450F7B97E1, 9BA4679B132B6A5D894E202D26B34052D89ABFE30ECDF2DA1772FE3687582FE1 ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
22:08:55.0484 0x14bc NIDomainService - ok
22:08:55.0544 0x14bc [ B17093B9A2C5F874975C732C1A8BA771, EAF5AF9A5CCBF982D0A4F8ACEDED25588E67981D938FE17A94F1C9B331709FAB ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
22:08:55.0584 0x14bc NILM License Manager - detected UnsignedFile.Multi.Generic ( 1 )
22:09:00.0904 0x14bc Detect skipped due to KSN trusted
22:09:00.0904 0x14bc NILM License Manager - ok
22:09:00.0904 0x14bc niSvcLoc - ok
22:09:00.0934 0x14bc [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
22:09:00.0974 0x14bc NlaSvc - ok
22:09:01.0024 0x14bc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:09:01.0044 0x14bc Npfs - ok
22:09:01.0074 0x14bc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:09:01.0114 0x14bc nsi - ok
22:09:01.0124 0x14bc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:09:01.0164 0x14bc nsiproxy - ok
22:09:01.0214 0x14bc [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:09:01.0264 0x14bc Ntfs - ok
22:09:01.0274 0x14bc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:09:01.0294 0x14bc Null - ok
22:09:01.0314 0x14bc [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
22:09:01.0314 0x14bc nvraid - ok
22:09:01.0334 0x14bc [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
22:09:01.0344 0x14bc nvstor - ok
22:09:01.0384 0x14bc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
22:09:01.0394 0x14bc nv_agp - ok
22:09:01.0444 0x14bc [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:09:01.0464 0x14bc odserv - ok
22:09:01.0474 0x14bc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:09:01.0484 0x14bc ohci1394 - ok
22:09:01.0534 0x14bc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:09:01.0544 0x14bc ose - ok
22:09:01.0584 0x14bc [ E26C2C2F424ABE0C2A9F16536F853E08, 7D5015C1AC2461376E808514D80A1AC6ADC78FCAC1D0B40B8DC2C759DA1794BB ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
22:09:01.0594 0x14bc ossrv - ok
22:09:01.0644 0x14bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:09:01.0684 0x14bc p2pimsvc - ok
22:09:01.0714 0x14bc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:09:01.0734 0x14bc p2psvc - ok
22:09:01.0764 0x14bc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:09:01.0774 0x14bc Parport - ok
22:09:01.0784 0x14bc [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:09:01.0794 0x14bc partmgr - ok
22:09:01.0804 0x14bc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
22:09:01.0834 0x14bc PcaSvc - ok
22:09:01.0894 0x14bc [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:09:01.0924 0x14bc pccsmcfd - ok
22:09:01.0944 0x14bc [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
22:09:01.0954 0x14bc pci - ok
22:09:01.0974 0x14bc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
22:09:01.0984 0x14bc pciide - ok
22:09:01.0994 0x14bc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:09:02.0014 0x14bc pcmcia - ok
22:09:02.0024 0x14bc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:09:02.0024 0x14bc pcw - ok
22:09:02.0054 0x14bc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:09:02.0094 0x14bc PEAUTH - ok
22:09:02.0134 0x14bc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:09:02.0204 0x14bc PeerDistSvc - ok
22:09:02.0224 0x14bc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:09:02.0254 0x14bc PerfHost - ok
22:09:02.0324 0x14bc [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
22:09:02.0404 0x14bc pla - ok
22:09:02.0444 0x14bc [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:09:02.0494 0x14bc PlugPlay - ok
22:09:02.0514 0x14bc PnkBstrA - ok
22:09:02.0534 0x14bc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:09:02.0554 0x14bc PNRPAutoReg - ok
22:09:02.0584 0x14bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:09:02.0604 0x14bc PNRPsvc - ok
22:09:02.0634 0x14bc [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:09:02.0694 0x14bc PolicyAgent - ok
22:09:02.0714 0x14bc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:09:02.0764 0x14bc Power - ok
22:09:02.0794 0x14bc [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:09:02.0824 0x14bc PptpMiniport - ok
22:09:02.0844 0x14bc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:09:02.0864 0x14bc Processor - ok
22:09:02.0884 0x14bc [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
22:09:02.0934 0x14bc ProfSvc - ok
22:09:02.0944 0x14bc [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:09:02.0954 0x14bc ProtectedStorage - ok
22:09:02.0994 0x14bc [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:09:03.0024 0x14bc Psched - ok
22:09:03.0074 0x14bc [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:09:03.0084 0x14bc PxHlpa64 - ok
22:09:03.0134 0x14bc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:09:03.0174 0x14bc ql2300 - ok
22:09:03.0194 0x14bc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:09:03.0204 0x14bc ql40xx - ok
22:09:03.0224 0x14bc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:09:03.0244 0x14bc QWAVE - ok
22:09:03.0254 0x14bc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:09:03.0284 0x14bc QWAVEdrv - ok
22:09:03.0294 0x14bc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:09:03.0324 0x14bc RasAcd - ok
22:09:03.0344 0x14bc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:09:03.0374 0x14bc RasAgileVpn - ok
22:09:03.0384 0x14bc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:09:03.0424 0x14bc RasAuto - ok
22:09:03.0454 0x14bc [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:09:03.0474 0x14bc Rasl2tp - ok
22:09:03.0504 0x14bc [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
22:09:03.0554 0x14bc RasMan - ok
22:09:03.0564 0x14bc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:09:03.0614 0x14bc RasPppoe - ok
22:09:03.0634 0x14bc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:09:03.0664 0x14bc RasSstp - ok
22:09:03.0694 0x14bc [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:09:03.0744 0x14bc rdbss - ok
22:09:03.0764 0x14bc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:09:03.0774 0x14bc rdpbus - ok
22:09:03.0784 0x14bc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:09:03.0814 0x14bc RDPCDD - ok
22:09:03.0824 0x14bc [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:09:03.0864 0x14bc RDPDR - ok
22:09:03.0894 0x14bc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:09:03.0934 0x14bc RDPENCDD - ok
22:09:03.0954 0x14bc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:09:03.0974 0x14bc RDPREFMP - ok
22:09:04.0004 0x14bc [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:09:04.0044 0x14bc RDPWD - ok
22:09:04.0064 0x14bc [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:09:04.0074 0x14bc rdyboost - ok
22:09:04.0124 0x14bc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:09:04.0164 0x14bc RemoteAccess - ok
22:09:04.0194 0x14bc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:09:04.0234 0x14bc RemoteRegistry - ok
22:09:04.0274 0x14bc [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:09:04.0294 0x14bc RFCOMM - ok
22:09:04.0324 0x14bc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:09:04.0364 0x14bc RpcEptMapper - ok
22:09:04.0384 0x14bc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:09:04.0404 0x14bc RpcLocator - ok
22:09:04.0434 0x14bc [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
22:09:04.0464 0x14bc RpcSs - ok
22:09:04.0504 0x14bc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:09:04.0534 0x14bc rspndr - ok
22:09:04.0584 0x14bc [ 483C537E69FA97C77F7FE0E2E1C1F102, B5DCC1C669126C558057B328F86071F35B2FF55A0C595A05FC16F2E893BA48E4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
22:09:04.0594 0x14bc RTHDMIAzAudService - ok
22:09:04.0634 0x14bc [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:09:04.0664 0x14bc RTL8167 - ok
22:09:04.0674 0x14bc [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
22:09:04.0694 0x14bc s3cap - ok
22:09:04.0784 0x14bc [ 2D4DE35F8F7E1D298159949E33424C35, C36E8A10468DBB96728417890E8954B56DEC1015E90BC6CDF7702265DD799EB0 ] SACSrv C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe
22:09:04.0794 0x14bc SACSrv - ok
22:09:04.0804 0x14bc [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
22:09:04.0814 0x14bc SamSs - ok
22:09:04.0824 0x14bc [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
22:09:04.0834 0x14bc sbp2port - ok
22:09:04.0864 0x14bc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:09:04.0904 0x14bc SCardSvr - ok
22:09:04.0924 0x14bc [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:09:04.0964 0x14bc scfilter - ok
22:09:05.0014 0x14bc [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
22:09:05.0064 0x14bc Schedule - ok
22:09:05.0094 0x14bc [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:09:05.0114 0x14bc SCPolicySvc - ok
22:09:05.0134 0x14bc [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:09:05.0184 0x14bc SDRSVC - ok
22:09:05.0214 0x14bc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:09:05.0244 0x14bc secdrv - ok
22:09:05.0264 0x14bc [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
22:09:05.0304 0x14bc seclogon - ok
22:09:05.0324 0x14bc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:09:05.0364 0x14bc SENS - ok
22:09:05.0374 0x14bc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:09:05.0404 0x14bc SensrSvc - ok
22:09:05.0444 0x14bc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:09:05.0454 0x14bc Serenum - ok
22:09:05.0524 0x14bc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:09:05.0554 0x14bc Serial - ok
22:09:05.0574 0x14bc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:09:05.0594 0x14bc sermouse - ok
22:09:05.0674 0x14bc [ 3334DE016FDCDE5C98E30A405A72DD8D, 15F7496DD091B120476411113399B68E5EA074E270AF72A15221DE0D29C3AE15 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:09:05.0694 0x14bc ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
22:09:11.0224 0x14bc Detect skipped due to KSN trusted
22:09:11.0224 0x14bc ServiceLayer - ok
22:09:11.0254 0x14bc [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
22:09:11.0314 0x14bc SessionEnv - ok
22:09:11.0324 0x14bc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:09:11.0354 0x14bc sffdisk - ok
22:09:11.0364 0x14bc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:09:11.0394 0x14bc sffp_mmc - ok
22:09:11.0394 0x14bc [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:09:11.0404 0x14bc sffp_sd - ok
22:09:11.0424 0x14bc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:09:11.0444 0x14bc sfloppy - ok
22:09:11.0494 0x14bc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:09:11.0544 0x14bc SharedAccess - ok
22:09:11.0584 0x14bc [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:09:11.0614 0x14bc ShellHWDetection - ok
22:09:11.0654 0x14bc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:09:11.0664 0x14bc SiSRaid2 - ok
22:09:11.0674 0x14bc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:09:11.0684 0x14bc SiSRaid4 - ok
22:09:11.0714 0x14bc [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:09:11.0724 0x14bc SkypeUpdate - ok
22:09:11.0764 0x14bc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:09:11.0804 0x14bc Smb - ok
22:09:11.0834 0x14bc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:09:11.0844 0x14bc SNMPTRAP - ok
22:09:11.0844 0x14bc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:09:11.0854 0x14bc spldr - ok
22:09:11.0874 0x14bc [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
22:09:11.0894 0x14bc Spooler - ok
22:09:11.0994 0x14bc [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
22:09:12.0114 0x14bc sppsvc - ok
22:09:12.0134 0x14bc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:09:12.0164 0x14bc sppuinotify - ok
22:09:12.0254 0x14bc [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd C:\Windows\System32\Drivers\sptd.sys
22:09:12.0274 0x14bc sptd - ok
22:09:12.0324 0x14bc [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:09:12.0364 0x14bc srv - ok
22:09:12.0404 0x14bc [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:09:12.0484 0x14bc srv2 - ok
22:09:12.0494 0x14bc [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:09:12.0534 0x14bc srvnet - ok
22:09:12.0554 0x14bc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:09:12.0604 0x14bc SSDPSRV - ok
22:09:12.0624 0x14bc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:09:12.0654 0x14bc SstpSvc - ok
22:09:12.0734 0x14bc [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:09:12.0754 0x14bc Steam Client Service - ok
22:09:12.0774 0x14bc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:09:12.0784 0x14bc stexstor - ok
22:09:12.0844 0x14bc [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
22:09:12.0904 0x14bc stisvc - ok
22:09:12.0914 0x14bc [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
22:09:12.0924 0x14bc storflt - ok
22:09:12.0954 0x14bc [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
22:09:12.0964 0x14bc storvsc - ok
22:09:12.0974 0x14bc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:09:12.0974 0x14bc swenum - ok
22:09:13.0004 0x14bc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:09:13.0044 0x14bc swprv - ok
22:09:13.0094 0x14bc [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
22:09:13.0164 0x14bc SysMain - ok
22:09:13.0194 0x14bc [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:09:13.0224 0x14bc TabletInputService - ok
22:09:13.0254 0x14bc [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:09:13.0294 0x14bc TapiSrv - ok
22:09:13.0314 0x14bc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
22:09:13.0344 0x14bc TBS - ok
22:09:13.0404 0x14bc [ BE4D8D4C01B655CA06ACFEF1D20B8168, D87A65313BC1B48CEEA554AD003EDB7947151863056E2040879C741FC2C32F5C ] TBSrv C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
22:09:13.0414 0x14bc TBSrv - ok
22:09:13.0474 0x14bc [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:09:13.0524 0x14bc Tcpip - ok
22:09:13.0584 0x14bc [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:09:13.0624 0x14bc TCPIP6 - ok
22:09:13.0654 0x14bc [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:09:13.0674 0x14bc tcpipreg - ok
22:09:13.0694 0x14bc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:09:13.0724 0x14bc TDPIPE - ok
22:09:13.0744 0x14bc [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:09:13.0764 0x14bc TDTCP - ok
22:09:13.0794 0x14bc [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:09:13.0814 0x14bc tdx - ok
22:09:13.0954 0x14bc [ 74FC70AE64A7B7DABEC9697CE0A1F4FA, 7F538BA773AE12D9BCF3F7976E3620DD353DA9B17FE8AF7946FD3850103E8B74 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
22:09:14.0034 0x14bc TeamViewer7 - ok
22:09:14.0054 0x14bc [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:09:14.0064 0x14bc TermDD - ok
22:09:14.0094 0x14bc [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
22:09:14.0154 0x14bc TermService - ok
22:09:14.0164 0x14bc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:09:14.0194 0x14bc Themes - ok
22:09:14.0224 0x14bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:09:14.0254 0x14bc THREADORDER - ok
22:09:14.0294 0x14bc [ 199C2E87D9A5EC58D0BCD94E893BF629, A3CE21A62BB3D31FEE36E517D7ED7B86E41D4A80F22A51B9821AC57991014DC9 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
22:09:14.0314 0x14bc TIEHDUSB - ok
22:09:14.0334 0x14bc [ E36C2B04B7EB90A7C3E29EBDFC3A8D30, 26E604E6FD1FDE52943E1B6E35A0CAE089EB28E5575322E2696439AC4FC58507 ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
22:09:14.0354 0x14bc Tpkd - detected UnsignedFile.Multi.Generic ( 1 )
22:09:18.0544 0x14bc Detect skipped due to KSN trusted
22:09:18.0544 0x14bc Tpkd - ok
22:09:18.0564 0x14bc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:09:18.0624 0x14bc TrkWks - ok
22:09:18.0664 0x14bc [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:09:18.0694 0x14bc TrustedInstaller - ok
22:09:18.0714 0x14bc [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:09:18.0744 0x14bc tssecsrv - ok
22:09:18.0794 0x14bc [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:09:18.0834 0x14bc tunnel - ok
22:09:18.0854 0x14bc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:09:18.0864 0x14bc uagp35 - ok
22:09:18.0874 0x14bc [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:09:18.0924 0x14bc udfs - ok
22:09:18.0954 0x14bc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:09:18.0964 0x14bc UI0Detect - ok
22:09:18.0984 0x14bc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
22:09:18.0984 0x14bc uliagpkx - ok
22:09:19.0014 0x14bc [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:09:19.0034 0x14bc umbus - ok
22:09:19.0044 0x14bc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:09:19.0054 0x14bc UmPass - ok
22:09:19.0074 0x14bc [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll
22:09:19.0084 0x14bc UmRdpService - ok
22:09:19.0104 0x14bc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:09:19.0144 0x14bc upnphost - ok
22:09:19.0184 0x14bc [ CD03479F2DA26500B203ED075C146A7A, D2A6C1D64AC213B3A181AFD298B3C3AAA820B0D9783812F10512846BC3BD8584 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:09:19.0194 0x14bc USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
22:09:23.0174 0x14bc Detect skipped due to KSN trusted
22:09:23.0174 0x14bc USBAAPL64 - ok
22:09:23.0234 0x14bc [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:09:23.0254 0x14bc usbaudio - ok
22:09:23.0264 0x14bc [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:09:23.0294 0x14bc usbccgp - ok
22:09:23.0314 0x14bc [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
22:09:23.0344 0x14bc usbcir - ok
22:09:23.0364 0x14bc [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:09:23.0384 0x14bc usbehci - ok
22:09:23.0424 0x14bc [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:09:23.0454 0x14bc usbhub - ok
22:09:23.0464 0x14bc [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:09:23.0474 0x14bc usbohci - ok
22:09:23.0534 0x14bc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:09:23.0554 0x14bc usbprint - ok
22:09:23.0574 0x14bc [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:09:23.0584 0x14bc USBSTOR - ok
22:09:23.0594 0x14bc [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:09:23.0604 0x14bc usbuhci - ok
22:09:23.0654 0x14bc [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:09:23.0684 0x14bc usbvideo - ok
22:09:23.0744 0x14bc [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
22:09:23.0754 0x14bc usb_rndisx - ok
22:09:23.0784 0x14bc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:09:23.0814 0x14bc UxSms - ok
22:09:23.0824 0x14bc [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
22:09:23.0834 0x14bc VaultSvc - ok
22:09:23.0864 0x14bc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
22:09:23.0874 0x14bc vdrvroot - ok
22:09:23.0914 0x14bc [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
22:09:23.0934 0x14bc vds - ok
22:09:23.0974 0x14bc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:09:23.0984 0x14bc vga - ok
22:09:23.0994 0x14bc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:09:24.0034 0x14bc VgaSave - ok
22:09:24.0054 0x14bc [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
22:09:24.0064 0x14bc vhdmp - ok
22:09:24.0084 0x14bc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
22:09:24.0084 0x14bc viaide - ok
22:09:24.0104 0x14bc [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
22:09:24.0114 0x14bc vmbus - ok
22:09:24.0124 0x14bc [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
22:09:24.0144 0x14bc VMBusHID - ok
22:09:24.0174 0x14bc [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
22:09:24.0174 0x14bc volmgr - ok
22:09:24.0194 0x14bc [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:09:24.0204 0x14bc volmgrx - ok
22:09:24.0214 0x14bc [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
22:09:24.0234 0x14bc volsnap - ok
22:09:24.0274 0x14bc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:09:24.0284 0x14bc vsmraid - ok
22:09:24.0334 0x14bc [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
22:09:24.0404 0x14bc VSS - ok
22:09:24.0424 0x14bc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:09:24.0434 0x14bc vwifibus - ok
22:09:24.0454 0x14bc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:09:24.0474 0x14bc vwififlt - ok
22:09:24.0504 0x14bc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:09:24.0514 0x14bc vwifimp - ok
22:09:24.0544 0x14bc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:09:24.0584 0x14bc W32Time - ok
22:09:24.0594 0x14bc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:09:24.0614 0x14bc WacomPen - ok
22:09:24.0654 0x14bc [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:09:24.0694 0x14bc WANARP - ok
22:09:24.0694 0x14bc [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:09:24.0724 0x14bc Wanarpv6 - ok
22:09:24.0784 0x14bc [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
22:09:24.0844 0x14bc wbengine - ok
22:09:24.0854 0x14bc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:09:24.0874 0x14bc WbioSrvc - ok
22:09:24.0894 0x14bc [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:09:24.0914 0x14bc wcncsvc - ok
22:09:24.0924 0x14bc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:09:24.0934 0x14bc WcsPlugInService - ok
22:09:24.0954 0x14bc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:09:24.0964 0x14bc Wd - ok
22:09:24.0984 0x14bc [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:09:25.0014 0x14bc Wdf01000 - ok
22:09:25.0054 0x14bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:09:25.0084 0x14bc WdiServiceHost - ok
22:09:25.0084 0x14bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:09:25.0104 0x14bc WdiSystemHost - ok
22:09:25.0134 0x14bc [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
22:09:25.0144 0x14bc WebClient - ok
22:09:25.0164 0x14bc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:09:25.0204 0x14bc Wecsvc - ok
22:09:25.0224 0x14bc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:09:25.0274 0x14bc wercplsupport - ok
22:09:25.0294 0x14bc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:09:25.0324 0x14bc WerSvc - ok
22:09:25.0364 0x14bc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:09:25.0384 0x14bc WfpLwf - ok
22:09:25.0404 0x14bc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:09:25.0404 0x14bc WIMMount - ok
22:09:25.0424 0x14bc WinDefend - ok
22:09:25.0424 0x14bc WinHttpAutoProxySvc - ok
22:09:25.0464 0x14bc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:09:25.0504 0x14bc Winmgmt - ok
22:09:25.0564 0x14bc [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
22:09:25.0664 0x14bc WinRM - ok
22:09:25.0694 0x14bc [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:09:25.0704 0x14bc WinUsb - ok
22:09:25.0744 0x14bc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:09:25.0774 0x14bc Wlansvc - ok
22:09:26.0034 0x14bc [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:09:26.0084 0x14bc wlidsvc - ok
22:09:26.0224 0x14bc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:09:26.0274 0x14bc WmiAcpi - ok
22:09:26.0314 0x14bc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:09:26.0364 0x14bc wmiApSrv - ok
22:09:26.0404 0x14bc WMPNetworkSvc - ok
22:09:26.0434 0x14bc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:09:26.0444 0x14bc WPCSvc - ok
22:09:26.0464 0x14bc [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:09:26.0484 0x14bc WPDBusEnum - ok
22:09:26.0504 0x14bc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:09:26.0544 0x14bc ws2ifsl - ok
22:09:26.0564 0x14bc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:09:26.0594 0x14bc wscsvc - ok
22:09:26.0604 0x14bc WSearch - ok
22:09:26.0684 0x14bc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
22:09:26.0754 0x14bc wuauserv - ok
22:09:26.0774 0x14bc [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:09:26.0794 0x14bc WudfPf - ok
22:09:26.0844 0x14bc [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:09:26.0864 0x14bc WUDFRd - ok
22:09:26.0884 0x14bc [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:09:26.0924 0x14bc wudfsvc - ok
22:09:26.0954 0x14bc [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:09:26.0984 0x14bc WwanSvc - ok
22:09:27.0064 0x14bc ================ Scan global ===============================
22:09:27.0084 0x14bc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:09:27.0114 0x14bc [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
22:09:27.0124 0x14bc [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
22:09:27.0144 0x14bc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:09:27.0174 0x14bc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:09:27.0184 0x14bc [ Global ] - ok
22:09:27.0184 0x14bc ================ Scan MBR ==================================
22:09:27.0194 0x14bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:09:27.0524 0x14bc \Device\Harddisk0\DR0 - ok
22:09:27.0524 0x14bc ================ Scan VBR ==================================
22:09:27.0524 0x14bc [ AEF219172D065928B01B3A763D1D7CE9 ] \Device\Harddisk0\DR0\Partition1
22:09:27.0524 0x14bc \Device\Harddisk0\DR0\Partition1 - ok
22:09:27.0524 0x14bc [ 2A4F285901DF51850F850AA3C4F7165C ] \Device\Harddisk0\DR0\Partition2
22:09:27.0534 0x14bc \Device\Harddisk0\DR0\Partition2 - ok
22:09:27.0534 0x14bc ================ Scan generic autorun ======================
22:09:27.0804 0x14bc [ 4F7A4BC2C730D881C48D22A6E7EF547C, F1B98F9B65C7EC0FDCCB5DEED49010AB046EA85EFA3FB3F693F51E9C33B02DF4 ] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
22:09:27.0984 0x14bc COMODO Internet Security - ok
22:09:28.0054 0x14bc [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:09:28.0064 0x14bc avgnt - ok
22:09:28.0134 0x14bc [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
22:09:28.0914 0x14bc StartCCC - ok
22:09:28.0954 0x14bc [ ED13374E76D833772A687EA3594C1120, 3A2A0C41DED8555ACEB9CAAE7F9C0053B11CEE1877B06D993BDCA0E491DB6CE6 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
22:09:28.0964 0x14bc GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
22:09:32.0974 0x14bc GamingMouse ( UnsignedFile.Multi.Generic ) - warning
22:09:32.0974 0x14bc Force sending object to P2P due to detect: C:\Program Files (x86)\Drakonia Configurator\hid.exe
22:09:45.0824 0x14bc Object send P2P result: true
22:09:50.0394 0x14bc [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
22:09:50.0404 0x14bc GrooveMonitor - ok
22:09:50.0444 0x14bc [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
22:09:50.0444 0x14bc Avira Systray - ok
22:09:50.0514 0x14bc [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:09:50.0564 0x14bc Sidebar - ok
22:09:50.0594 0x14bc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:09:50.0604 0x14bc mctadmin - ok
22:09:50.0634 0x14bc [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:09:50.0674 0x14bc Sidebar - ok
22:09:50.0674 0x14bc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:09:50.0684 0x14bc mctadmin - ok
22:09:50.0694 0x14bc Waiting for KSN requests completion. In queue: 6
22:09:51.0694 0x14bc Waiting for KSN requests completion. In queue: 6
22:09:52.0694 0x14bc Waiting for KSN requests completion. In queue: 6
22:09:53.0694 0x14bc Waiting for KSN requests completion. In queue: 6
22:09:54.0694 0x14bc Waiting for KSN requests completion. In queue: 6
22:09:55.0764 0x14bc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.650 ), 0x41000 ( enabled : updated )
22:09:55.0774 0x14bc FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ( 5.12.59641.2599 ), 0x61010 ( enabled )
22:10:00.0364 0x14bc ============================================================
22:10:00.0364 0x14bc Scan finished
22:10:00.0364 0x14bc ============================================================
22:10:00.0364 0x15ec Detected object count: 1
22:10:00.0364 0x15ec Actual detected object count: 1
22:10:57.0744 0x15ec GamingMouse ( UnsignedFile.Multi.Generic ) - skipped by user
22:10:57.0744 0x15ec GamingMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.03.2015, 12:08
| #6 |
| /// the machine /// TB-Ausbilder | Win7 ständig 70-100% CPU Auslastung hi, Scan mit Combofix
__________________ --> Win7 ständig 70-100% CPU Auslastung |
|
12.03.2015, 13:16
| #7 |
| | Win7 ständig 70-100% CPU Auslastung Danke soweit! Combofix lief durch. -> Automatischer Neustart. Danach nochmal Neustart, weil Avira nicht aktiviert war (und sich auch nicht aktivieren ließ) Code:
ATTFilter ComboFix 15-03-09.01 - Arje 12.03.2015 12:34:53.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.4094.2221 [GMT 1:00]
ausgeführt von:: c:\users\Arje\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Arje\AppData\Local\Adobe\downloader.dll
c:\users\Arje\AppData\Local\Adobe\gccheck.exe
c:\users\Arje\AppData\Local\Adobe\gtbcheck.exe
c:\users\Arje\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Arje\AppData\Roaming\Local
c:\users\Arje\AppData\Roaming\Local\Skyrim\DLCList.txt
c:\users\Arje\AppData\Roaming\Local\Skyrim\plugins.txt
c:\users\Arje\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Arje\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Arje\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\48a89600a78c9dff3ab0e76d8fe65546.avi(2).ddp
c:\users\Arje\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\48a89600a78c9dff3ab0e76d8fe65546.avi(3).ddp
c:\users\Arje\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\48a89600a78c9dff3ab0e76d8fe65546.avi.ddp
c:\users\Arje\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Tron.1982.avi.ddp
c:\users\Arje\AppData\Roaming\Local\Temp\DDM\Settings\Tron.1982.avi.ddr
c:\users\Arje\Documents\~WRL0003.tmp
c:\users\Arje\Documents\~WRL0004.tmp
c:\windows\msdownld.tmp
c:\windows\SysWow64\AF15BDAEX.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-12 bis 2015-03-12 ))))))))))))))))))))))))))))))
.
.
2015-03-11 19:56 . 2015-03-11 19:56 -------- d-----w- c:\programdata\Malwarebytes
2015-03-11 19:55 . 2015-03-12 11:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-03-11 19:55 . 2015-03-11 20:33 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-11 19:54 . 2015-03-11 20:33 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-11 19:43 . 2015-03-11 19:43 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-03-11 07:46 . 2015-03-11 07:48 -------- d-----w- C:\FRST
2015-03-09 22:28 . 2015-03-09 22:28 -------- d-----w- c:\program files\Focusrite
2015-03-09 22:28 . 2011-10-31 14:22 20824 ----a-w- c:\windows\system32\nvnusbaudio_coinst.dll
2015-03-09 22:28 . 2011-10-31 14:22 53080 ----a-w- c:\windows\system32\drivers\ffusbaudio.sys
2015-03-09 16:06 . 2003-11-10 17:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2015-03-09 16:06 . 2003-11-10 17:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2015-03-09 16:06 . 2003-11-10 17:10 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2015-03-09 16:05 . 2003-11-10 17:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2015-03-09 16:05 . 2003-11-10 17:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2015-03-09 16:05 . 2003-11-10 17:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2015-03-09 16:05 . 2015-03-09 16:05 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2015-03-09 16:05 . 2015-03-09 16:05 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2015-03-09 12:17 . 2015-03-09 12:17 -------- d-----w- c:\programdata\MobileBrServ
2015-02-21 17:23 . 2015-02-21 17:23 -------- d-----w- c:\users\Arje\AppData\Local\LumaEmu_SteamCloud
2015-02-21 16:00 . 2015-02-21 16:00 668672 ----a-w- c:\windows\system32\isdone.dll
2015-02-21 09:10 . 2015-02-21 09:10 -------- d-----w- c:\users\Arje\AppData\Local\Steam
2015-02-13 19:29 . 2015-02-21 10:53 -------- d-----w- c:\program files (x86)\R.G. Freedom
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-12 11:47 . 2009-12-02 19:50 25640 ----a-w- c:\windows\gdrv.sys
2015-03-11 19:38 . 2013-07-23 20:01 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-03-11 19:38 . 2013-07-23 12:44 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-03-11 19:38 . 2013-07-23 12:44 128536 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-03-09 19:40 . 2009-12-08 11:15 431104 ----a-w- c:\windows\system32\wrap_oal.dll
2015-03-09 19:40 . 2009-12-08 11:15 409600 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-03-09 19:40 . 2009-12-08 11:15 136192 ----a-w- c:\windows\system32\OpenAL32.dll
2015-03-09 19:40 . 2009-12-08 11:15 114688 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-02-04 23:02 . 2014-08-07 09:58 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 23:02 . 2014-08-07 09:58 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-09 18:15 . 2015-01-09 18:15 1192533 ----a-w- c:\windows\unins000.exe
2015-01-06 03:36 . 2009-10-14 05:13 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-15 03:13 . 2015-01-12 08:01 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{11CC5330-3927-48E4-96A4-12EC89FD4797}\mpengine.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-03-11 703280]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"GamingMouse"="c:\program files (x86)\Drakonia Configurator\hid.exe" [2013-10-29 248832]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-01-19 126712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"="c:\windows\system32\READREG" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AKSUP;AKSUP;c:\windows\system32\drivers\aksup.sys;c:\windows\SYSNATIVE\drivers\aksup.sys [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys;c:\windows\SYSNATIVE\DRIVERS\ASPI32.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys;c:\windows\SYSNATIVE\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys;c:\windows\SYSNATIVE\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys;c:\windows\SYSNATIVE\Drivers\btnetBus.sys [x]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTEAPSFX.SYS;CTEAPSFX.SYS;c:\windows\System32\drivers\CTEAPSFX.SYS;c:\windows\SYSNATIVE\drivers\CTEAPSFX.SYS [x]
R3 CTEAPSFX;CTEAPSFX;c:\windows\system32\drivers\CTEAPSFX.SYS;c:\windows\SYSNATIVE\drivers\CTEAPSFX.SYS [x]
R3 CTEDSPFX.SYS;CTEDSPFX.SYS;c:\windows\System32\drivers\CTEDSPFX.SYS;c:\windows\SYSNATIVE\drivers\CTEDSPFX.SYS [x]
R3 CTEDSPFX;CTEDSPFX;c:\windows\system32\drivers\CTEDSPFX.SYS;c:\windows\SYSNATIVE\drivers\CTEDSPFX.SYS [x]
R3 CTEDSPIO.SYS;CTEDSPIO.SYS;c:\windows\System32\drivers\CTEDSPIO.SYS;c:\windows\SYSNATIVE\drivers\CTEDSPIO.SYS [x]
R3 CTEDSPIO;CTEDSPIO;c:\windows\system32\drivers\CTEDSPIO.SYS;c:\windows\SYSNATIVE\drivers\CTEDSPIO.SYS [x]
R3 CTEDSPSY.SYS;CTEDSPSY.SYS;c:\windows\System32\drivers\CTEDSPSY.SYS;c:\windows\SYSNATIVE\drivers\CTEDSPSY.SYS [x]
R3 CTEDSPSY;CTEDSPSY;c:\windows\system32\drivers\CTEDSPSY.SYS;c:\windows\SYSNATIVE\drivers\CTEDSPSY.SYS [x]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys;c:\windows\SYSNATIVE\Drivers\IvtBtBus.sys [x]
R3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys;c:\windows\SYSNATIVE\Drivers\BtHidBus.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe;c:\programdata\MobileBrServ\mbbservice.exe [x]
S2 SACSrv;SACSrv;c:\program files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe;c:\program files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe [x]
S2 TBSrv;Toolbar Service;c:\program files (x86)\Tbccint\ToolbarService\ToolbarService.exe;c:\program files (x86)\Tbccint\ToolbarService\ToolbarService.exe [x]
S3 FFUsbAudio;Focusrite USB Audio Driver;c:\windows\system32\DRIVERS\ffusbaudio.sys;c:\windows\SYSNATIVE\DRIVERS\ffusbaudio.sys [x]
S3 iKeyEnum;Rainbow iKey Enumerator;c:\windows\system32\DRIVERS\ikeyenum.sys;c:\windows\SYSNATIVE\DRIVERS\ikeyenum.sys [x]
S3 iKeyIFD;Rainbow iKey Virtual Reader;c:\windows\system32\DRIVERS\ikeyifd.sys;c:\windows\SYSNATIVE\DRIVERS\ikeyifd.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-07 23:02]
.
2015-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-21 16:06]
.
2015-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-21 16:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.yahoo.com?fr=fp-comodo
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{AC27E51F-2341-4B40-A135-4DB33CA5F4E0}: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Arje\AppData\Roaming\Mozilla\Firefox\Profiles\wo46mp0t.default-1403853177353\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - (no file)
AddRemove-{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88} - c:\program files (x86)\InstallShield Installation Information\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-454721375-3589406793-525374796-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-454721375-3589406793-525374796-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
c:\windows\SysWOW64\lkcitdl.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\SysWOW64\nisvcloc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-03-12 13:01:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-03-12 12:01
.
Vor Suchlauf: 42 Verzeichnis(se), 28.996.042.752 Bytes frei
Nach Suchlauf: 48 Verzeichnis(se), 28.851.138.560 Bytes frei
.
- - End Of File - - 487B4F1A752DE96515747B729C7C68D7
A36C5E4F47E84449FF07ED3517B43A31
|
|
13.03.2015, 08:01
| #8 |
| /// the machine /// TB-Ausbilder | Win7 ständig 70-100% CPU Auslastung Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.03.2015, 11:41
| #9 |
| | Win7 ständig 70-100% CPU Auslastung WAhrscheinlich habe ich jetzt irgendwo was falsch gemacht  MBam ist durchgelaufen, hat 117 Fehler gefunden, aber keine Log File erstellt! ... Was jetzt? Soll ich alles wiederherstellen? Und nochmal durchlaufen lassen? O_o hab mbar jetzt -> allse wieder hergestellt -> scan nochmal durchgeführt! ich hoffe, das war ok so! Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 13.03.2015 Suchlauf-Zeit: 10:47:44 Logdatei: mbar.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.03.13.04 Rootkit Datenbank: v2015.02.25.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 CPU: x64 Dateisystem: NTFS Benutzer: Arje Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 412276 Verstrichene Zeit: 11 Min, 58 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 8 PUP.Optional.ClientConnect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TBSrv, , [1bed8abb8a00a39316f4d3f8629f03fd], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [0305e85d1a708ea889ff4117c93a3fc1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [a167ff46e3a77bbbacdda9af59aa718f], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [0404f84d0783b482021b7ade44bf20e0], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [bf495fe6b7d3a29404514eacd2316b95], PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\leocdeigfnkaojcapikdjcdbedcjmffc, , [f81072d3c5c590a63aa2c0ed59aa1de3], PUP.Optional.PriceGong.A, HKU\S-1-5-21-454721375-3589406793-525374796-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [c7419ea72e5c46f0ec4bfac3af54a55b], PUP.Optional.Conduit.A, HKU\S-1-5-21-454721375-3589406793-525374796-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\leocdeigfnkaojcapikdjcdbedcjmffc, , [42c68bba37532a0c4b90f7b6be4514ec], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 16 PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\DE, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar, , [5aaedb6af793e254c73cd3d2b3509769], Dateien: 92 PUP.Optional.ClientConnect, C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe, , [1bed8abb8a00a39316f4d3f8629f03fd], PUP.RiskwareTool.CK, C:\Users\Arje\Downloads\sylenth1.rar, , [b15761e487031c1ae984a5446c9503fd], PUP.Optional.Softonic, C:\Users\Arje\Downloads\Nicht bestätigt 220070.crdownload, , [060269dcfe8ce3539e2f86d4619f6799], PUP.Optional.Softonic, C:\Users\Arje\Downloads\Nicht bestätigt 828173.crdownload, , [789012333654dd59e4e997c346bac33d], PUP.Optional.ClientConnect, C:\Users\Arje\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll, , [3eca87bedbafcc6a41c97556b54c0ef2], PUP.Optional.ClientConnect, C:\Users\Arje\AppData\Local\Conduit\Community Alerts\Alert.dll, , [45c389bc8a00e65005054388be43b848], PUP.Optional.ClientConnect, C:\Users\Arje\AppData\Local\Conduit\CT1351351\Softonic_DeutschAutoUpdaterHelper.exe, , [1debf84d2b5f3ff7f317636804fda15f], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\1.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\a.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\b.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\c.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\d.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\e.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\f.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\g.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\h.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\i.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\j.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\k.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\l.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\m.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\n.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\o.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\p.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\q.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\r.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\s.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\t.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\u.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\v.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\w.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\wlu.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\x.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\y.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.PriceGong.A, C:\Users\Arje\AppData\LocalLow\PriceGong\Data\z.txt, , [45c354f1f694c96dc30e3a35e023ec14], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\voucher.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\Configuration.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\OptionDlg.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\RegionalSettings.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\UserInterface.xml, , [9f69b392781282b48082bee753b0e31d], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\config.xml, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\Icons.bmp, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\icq6Toolbar.ico, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\logo_small.gif, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ServiceStarter.exe, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\short.wav, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\Version.txt, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\voucher.bmp, , [5aaedb6af793e254c73cd3d2b3509769], PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\voucher2.bmp, , [5aaedb6af793e254c73cd3d2b3509769], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 13/03/2015 um 11:12:49
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 7 Ultimate (x64)
# Benutzername : Arje - MUSICMASHINE
# Gestarted von : C:\Users\Arje\Downloads\AdwCleaner_4.112.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
[!] Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\Program Files (x86)\Conduit
[!] Ordner Gelöscht : C:\Program Files (x86)\orbitdownloader
[!] Ordner Gelöscht : C:\Program Files (x86)\Tbccint
[!] Ordner Gelöscht : C:\Users\Arje\AppData\Local\Babylon
[!] Ordner Gelöscht : C:\Users\Arje\AppData\Local\Conduit
[!] Ordner Gelöscht : C:\Users\Arje\AppData\LocalLow\Conduit
[!] Ordner Gelöscht : C:\Users\Arje\AppData\Roaming\Babylon
[!] Ordner Gelöscht : C:\Users\Arje\AppData\Roaming\GrabPro
[!] Ordner Gelöscht : C:\Users\Arje\AppData\Roaming\ProgSense
[!] Ordner Gelöscht : C:\Users\Arje\Documents\Updater
[!] Ordner Gelöscht : C:\Users\Arje\AppData\Local\Chromium\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Datei Gelöscht : C:\Users\Arje\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Arje\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1351351
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Orbit
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Tbccint_HKLM
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\ProgSense
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Orbit
Schlüssel Gelöscht : HKLM\SOFTWARE\dll-files.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
***** [ Internetbrowser ] *****
-\\ Internet Explorer v8.0.7600.16385
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v36.0.1 (x86 de)
-\\ Chromium v
-\\ Opera v28.0.1750.40
*************************
AdwCleaner[R0].txt - [6251 Bytes] - [13/03/2015 11:05:12]
AdwCleaner[S0].txt - [5210 Bytes] - [13/03/2015 11:12:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5269 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Ultimate x64
Ran by Arje on 13.03.2015 at 11:21:02,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Arje\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Arje\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{007F8255-7E05-4AB7-B0F7-7176155DEAA0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{00A402FD-135B-4C85-8E4E-9195507ABEA2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{01567D65-C332-4CCB-938A-D36D71731D54}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{01D803AC-DBE0-47C8-B6F2-980018371537}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0253E272-038E-4E0E-8404-A47819A2DBBF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{026E2433-90AB-4995-B1EB-528D539FBCB5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{027CCE9C-C364-4B2D-837D-F7780D979C04}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{037CE816-B8A5-4CC3-A498-57877FC91ADA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{03CAC558-F57F-45B0-B3E9-4F6E10E3B322}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{045CDB61-AE31-46F4-9805-45E69E52EDCD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0465B2F9-157D-4250-B7A3-5406553972A2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{049CBACD-B508-4709-A278-44A3DF6D9D61}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{05120F03-C690-4EAB-B795-CEFF987342FB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{05B00984-5B99-4E9A-B6F2-19EA499AB384}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{05FB0C9E-B1B4-4208-AA93-ED0608E2F441}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0607C88F-C0E4-49ED-8A2D-E50D22BBA266}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0655642C-141E-4C72-9D0E-7FFEEF942D5A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0685CF24-AD3D-490D-9B21-EA496D2B6263}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{073F34A8-6A2F-41FD-9BF9-B6A8FE12E270}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0812E005-6E45-4E67-8EB8-D04F4130C6A8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{083A1F35-6E0E-42C8-AE3D-3ED5C6218414}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{087213AD-3DD8-4A6B-B5CC-AE42DEB19DCD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{087E1270-0C3F-4D80-B433-FD89C6789B8C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{08B1B658-3D1B-41B9-81D6-1440AFB837E0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{08EA8E4D-F0FF-4FEC-8B80-5E14F08A56ED}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{09AF8882-32C0-4769-B664-11ED7F7147CF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{09FF392D-F595-40CA-A078-F161BA65303D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0A2D11BA-E762-415C-A94B-A8784A5E9680}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0A726881-C4DD-42CC-8808-D49527769793}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0ACBED8B-CC1A-4381-B8AF-4574FE058162}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0ACD0EB5-27FE-4199-AC32-D16005E5AD29}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0B29DB6D-5D29-4F33-A946-31A2089BCEFC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0B84C769-12E2-4AED-B7E8-C29012F8305E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0C1FC3BA-FD1A-4983-9838-89D027F70B52}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0C556A17-89FD-433C-A051-42CF2A2A206A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0C886A39-F4A5-4D91-ADEF-71AF3EC75D3C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0CF02BD5-9F32-4D30-8413-B1206AA58A39}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0CFB790C-86CC-4A84-B863-BECD615182F5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0D03A00C-EE27-4B86-8205-E879BB8016F4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0D5CB43E-2424-4F2A-91BF-3B4357EDCC2F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0DC21E88-8130-4E6C-B1FC-1541DB31B5AB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0DE3E69C-71BB-4B97-9EBC-FCF365790C15}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0E0F3AC7-631B-447C-AE97-709FBBAE4738}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0E43D0F3-077A-46CB-8CA1-D3ABCBA5655D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0EA5F89B-E6EE-4F48-AADF-8FBE793F8132}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{0F842CE0-CDCB-4B50-A7E4-FA7FFD7EB28C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{105A11D1-8776-49E9-866D-7419379D0056}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1077C976-2898-4912-A488-7D73993FE555}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{10C90A18-98CE-4047-B34B-7B291711ACCD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{10EAC8A6-D514-425E-A462-A1793405B8F6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1131B478-698C-43EE-B1CA-E91EBCDF544D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1183CAED-EA54-4536-AB52-8C3D1C5E5D53}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{11B13D8B-71FA-4A12-BBD5-CC5B23FEC057}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{11ECBCA2-06C6-40FC-8E32-790B0DDB0126}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{12662E93-632F-409E-BBB4-FB8EFEB73E95}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{12677AA2-1818-42CB-8DE0-6972B6151802}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{127A8D8A-E091-4DA3-BDDA-FA942C0B44BA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{12A61858-D786-43F7-B2FB-274C7E361DFD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{13652062-4B26-47DA-AD61-3FEEC00E8360}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{15301A0C-CD61-45F3-A61F-C6869CF0F59C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1587C98E-A69B-41AA-A529-D3F3F82F5FC0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{16F0A946-89CF-4A35-9FFA-5E589903A1C7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{170B6976-2055-4316-8562-4D27F1A27053}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1772008B-52F0-4884-B63A-F9EE946B092C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{17AAE7EA-B49C-4F47-A82C-77905A2831B7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{17D7FC7D-BC0A-419D-9D8E-9171F6014FAE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{18BA2049-0F3A-4B18-93A0-D1356AA9A627}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{18CFDA8C-D42F-4ED5-86CE-41D4112222F3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{18E44B53-DCB4-4FA3-9F17-0D2FE441C0E4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{19E2FC29-2F20-46A3-BC8D-F31306F274B1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{19F27DE1-DFDB-4CD6-B130-E7E170C4E106}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1A6C3509-F2F9-49F5-AAC7-71B111391E0A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1AFCA48D-1E29-4541-939D-F03127031779}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1B2AAF57-49E3-4C15-9C86-F1089E90D107}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1BF20F62-4827-4C7B-9BE8-015B2951C0F2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1C3A7DCB-DC64-4AC8-832B-B2860A641501}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1D239B94-6CC5-4DE6-A4BF-D159BF3A43D2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1D43F8D7-FE13-4AF5-A961-26B5FD14799B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1E69E62E-3D85-4396-9E19-C969C8644657}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{1F28435D-C35D-4AB9-BF4B-4223FDB8BA66}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{201B5954-DD98-47BF-B16E-CEBDC5981392}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{206BC46F-1B37-435F-A6C9-43AB2679D5E2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2170E0EF-B317-4B86-9690-AE29AC260EFE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{219C4C20-2C8A-46F1-BCBB-67C3AD9B5DD9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{21B5D720-F637-445F-8C89-8E2E505D078C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{226DB005-6015-4FC9-9586-7150537D4331}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{22BD6737-F728-4F49-8B1F-858C999CF5E7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{22E6CC2E-A96E-4972-9C55-76A198C2569A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{231D7057-E994-4A5B-A638-72F87978779B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2336C027-6393-4A5C-9E55-1BD0E49694E9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{233FFB25-284A-407C-9DD2-ACBDDBA1AADF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{23727050-2E0A-470C-823E-CBA97CDAFB6B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{23BDDA5A-6143-434A-AE38-22BBC77E45BF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{23E2BBEC-3D44-4D7F-AFF6-A09EA7E5B686}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{24116B77-8660-4851-8573-AD6861EB0E5B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{24B9A934-ECBA-414A-98C4-28CCB6698250}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{250A2D99-A7FB-4587-B749-EA7396E629CB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{25107A6B-278E-4F48-8DB2-CF2D6F0EFCD4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{25446121-34E9-4DD6-B393-254C54AA0C45}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{255AD493-DD92-47C0-84A1-D14043A6369C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{258D3C69-4D4D-44CE-9554-8AE685E8C381}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{25AF862D-FE54-4260-8D51-889369947870}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{25CC9D87-8762-478F-B581-5E3FEF67708C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{27628DD1-3ABF-4FD3-942A-122785722661}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{27734FC1-B093-4157-89E0-8B2854F10291}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{279A8AD1-2AE9-4938-B084-1F1B3EC76F2F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{27B5BEDB-A220-4CC8-A0B6-9059BFF2F8FD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{27C1D952-C755-46CB-A660-3EB6B9FD50B9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{27E89414-5615-4F19-B393-E4118886CABF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{289673C0-13C8-4F89-90D4-E94A75610E0C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{28D1618C-15F9-4E9D-A26B-081DA9A64255}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{28E04642-1E96-4094-89C8-B28BB6DC7859}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2926F627-B14A-4848-9F01-1A8B251A5D79}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2967A311-C14A-428F-B788-5DB6B3BD530D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{29D264CD-5494-4845-BDD1-5349C688AC8D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2A1ADDC8-FC03-43F9-98BF-5EC2887E2B38}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2AA30513-BF5A-4433-9E5D-E3515AED918C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2AAD60E5-D9A2-4F0C-902A-CDBE6B77C1C8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2AE84CF2-3BC6-4009-9763-F2AAC2956512}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2B01EF8E-ED07-4B3F-814F-7CDA8A5051EC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2B67A9C6-40E4-4662-A27F-C413B6CABC96}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2BA2B633-F762-48BC-A631-3C7CA55D9A83}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2BE96463-AF5B-4D40-93C0-A43ED7C7F1D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2C476653-4D9F-45A9-B81D-1A9B0EB319D6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2CAF7C8C-DE62-400B-A1D9-D68D17B972E8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2CBDFBA5-769E-4C5E-9AD4-26A4172BA6CC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2CBFBE6D-53FD-4F56-A805-60F51929C103}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2D41F90D-CEC5-48B0-B14B-192E8E087DE2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2D6C16E4-9331-4E81-9EDE-1E01761CEB8C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2DB97B29-9176-4DE5-A799-6D5D04668C90}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2DFF0311-4C40-4087-B102-3AED98228613}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2E05BEEA-C39B-434A-86C0-B1FC9AEB71C1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2E1AC427-8A24-4BDD-9FA2-6A77A83A7DBC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2E380D8E-E5FA-4395-98F7-DD42142FB809}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2E417349-723B-4E15-8BF0-459E7C92A87D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2E5F4921-B53B-4227-87C6-8A4E60EA9EDF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2EB563B7-E905-460D-BB2A-9CF790C0AD14}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2EFBA8E8-7CF0-48F1-BF99-2927B7814D78}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2F215416-6084-4E5D-A75B-8ADAD8B45B74}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2F3C0D19-28FA-4C65-85C8-CE26C445AC8C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2F3D3984-7F14-4123-9D13-B765C9E3D0E1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2F4B235A-B183-4283-8E23-490C376F7C2B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{2F66A39E-571B-4AD9-B79E-741DA026315A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{300D11B2-8353-4AC8-90F8-67C69DF31630}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{30868BF9-04C2-4A92-8852-A3FBBF71DFDB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{30A2896F-6001-445D-A43E-D0036133C99C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{30F3B16A-5541-46F1-8268-9CB049B14416}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3139B4A5-60A9-4FC7-81C7-DC1984F41773}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3179A280-27E0-4C29-BCD2-002F1B217029}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{31ADDDE3-2159-49D1-8172-AB83B47C2CB9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{32058FE0-7270-4F98-B69B-011A1FCAE759}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{320CADF5-D557-4D7E-AB85-F5FB50DB53B9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3371A73B-B947-4809-A891-A3CE535AB961}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{337A2940-4BB5-4F3D-9E37-F6A2AF3E9C44}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{33A93D6E-ECB6-49EC-B398-D56470B211C1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{33CD2457-CD54-489E-ABFE-E72CFF6A1CAE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{34BA646B-08C2-4E53-A4D9-15B460FE178C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{34C284A3-FF02-4F6E-921E-127F335C7685}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{34E74458-493B-4975-B973-AE58CFE36317}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{35E4E068-5020-41C1-A080-871E75044F00}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{36B7E5B2-27D7-482F-9D87-50C2A459207B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{36E48169-4803-44BA-85FA-6615892DA295}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{370AD635-D63A-4743-9E4E-F496611EC8E0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{371CDE65-B191-41E3-BD25-7E632403BF55}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{372B3463-9221-45F5-8EE6-2E1BCC7E7E89}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{37355784-9902-499F-9DF8-E25AC9B934B4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{37BCCDC9-EBB2-461B-98C0-7C82319BF943}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{38CA2F93-084D-4F53-AEA5-0EF8B395D4D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{396409BB-A604-4DC4-988E-AE3F334BA4DB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3A27BFF6-6C56-4FE7-AF1D-34261CDF6932}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3A37A487-5C7D-4766-9542-7CA0E0ED7B59}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3A3C2210-7201-4B40-A454-845DA76982F1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3A8F8922-B8BE-4D8C-B387-0EC405B2592D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3AAE64A9-8093-41F7-9C08-634F36AAD101}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3B265B2A-60ED-4464-B7C4-87FB01B9D49D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3BAF6669-3C9F-4EE5-9B98-09A5C52E0139}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3BC20D4D-CC01-4F2F-8E71-4F3BF51D38C4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3BCA759D-366A-4AEA-8B4C-4B1F0181E943}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3BF7E6C0-A16B-420C-8276-CF6D28107C67}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3C11B16E-3178-4159-8DD6-26A65BC5216F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3C37D3DD-277C-40A7-9E4B-E2322F452F3D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3C64334C-E198-4856-8CA1-9A40D2092387}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3CB04411-17B0-4AD3-89D8-DE4452240CDC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3CD35771-AFB2-48B0-8F8A-54BE60CF4A5B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3D36BC12-F88D-4215-82AB-E28724252CCF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3D443259-C485-4EE5-AF21-4931EB781285}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3D932B29-7F1C-4047-AD5C-A0F1B5AA779C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3E08936E-4285-4569-8B8E-C2E9BA008F22}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3E383EC3-05D7-4D99-84FA-8BA95B041FF1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3E6DD9FA-97A1-4DD1-9720-305ED510192B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3EA1D99B-7FE4-4CE7-921B-64608918BE1C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3ED380B7-2053-4D98-A535-356FE59D8940}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3F028597-D216-41EE-91CC-38FAE7D3683B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3F1D4E3F-7F5C-4F9F-8C41-E5681DFF480B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{3FDE5DB2-ECAE-4099-8280-2C504049C493}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{401A8F0D-6EAC-4E91-9EB8-8F44CD68989A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{40432261-E9F3-4AE7-AF51-4600394F3CB8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{40707BB5-3EED-4BE2-BE68-6C5799D88184}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{40C7C147-07DE-44EC-8206-8D618F50D467}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{41949DDD-159D-47B9-A048-7A95EAE5DE57}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{41C8F3AC-E944-412B-9E20-76C8A485E73D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{41D6E1C4-8850-47D5-BE79-37C2C987F57F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{41EDBC8F-EA80-415B-838E-49D27A70CE2D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{422F8C2B-D601-4133-9ED2-CBCBD4A2D514}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{42AD60DB-0138-4F14-BF7F-FB662C411077}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{42C4932C-5BAA-4B67-A58A-90EFE2AB0C96}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{437D0489-9F35-47AF-BE15-EAFA56EE1B4D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{43955046-94A1-4A3B-B0F0-FB2ABE289B7E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{43C5F1C1-E1EF-4DC1-B475-8D58E7D65938}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{43FD11F3-D796-4568-98A0-AC6BB672EEE4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{445AA926-FB7F-4AC0-872E-7B406332DB3D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{44678696-BDFC-4731-AF5E-64EAABB6B1B4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4470D67F-54B3-49CB-A01A-72EE1014162F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4530B6BD-7DE9-49AC-9A40-395562B1424B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4564DD09-CBFE-4D29-8A46-5F9806C6F87C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{456B1B35-A5FB-4481-91CF-E7D087E2C5F3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{459AA339-00D4-4A7F-98A2-9C7B89CE38EF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{45C3E516-2DDC-41EF-AB86-B5815B1BB2F8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{462D3F54-08E1-41FB-AF0C-4574DF07DFEA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4658FF0D-71E1-4090-9D59-4190A51C2AAE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{46D1ADCE-DCF6-4D0D-BA72-B30DC374F3A0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4741E621-437A-4743-8617-5B27DABC12B8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4789E524-A23B-401F-BB48-92BDDFC90B4F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4794C605-00F4-40A8-9748-100E42CB7ACF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{482D5702-2A62-4474-BD70-7EC1D27D45F6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{486F28AC-E226-44BA-BA18-D0F950D7CE5C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{48F5DC32-1E58-4069-B400-F22DA2833830}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{493E0E81-3337-46F5-B0ED-CDB55B7234F9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{49CD9DCD-05F2-4A13-A254-D51FC8E8E3C7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4A637A8C-66EC-4AC4-B750-630EC4DCC3F9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4A753B59-CBA0-40EA-83A1-387AFFAB8EE0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4AAFDF6D-4EC0-4ADF-8767-4BFD99488E3C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4AE20601-14A4-4176-BDA4-16DD15B3D84D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4B002A50-F61F-4602-9FBF-9FDE0168F6D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4B91569D-086F-4CCB-BDEE-1A01168BF773}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4B9892A7-2B6A-43B9-BDD3-DEF5811A113C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4BC77E34-D9BE-470B-ABC5-D0B4592BFD73}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4C1601E1-27A9-4391-8B66-AF98CC96D57F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4C161FF9-5100-4A88-B97B-1C74ACB090CC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4C737F13-391E-4C1C-A813-88387A2EA413}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4CF9DB69-71A5-4A68-A358-5CC5039BEB14}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4D46170C-46F2-430A-8B0A-A98CCC6DAD13}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4D681683-1C11-46AB-A17C-933E7BEBD1FA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4DDD73EC-AFC0-49D1-BC06-B618FD5486A7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4DDDECA1-2199-4F7E-8C51-063D1C6314B3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4E2AA382-90E2-42D7-A5B3-C580DA1446B0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4EF3D073-205F-40C1-A7BF-880CBD928BA3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4EF528A6-8EF1-4797-939D-9ADFB5FA316C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4F2D7B41-55D2-4D78-9A0A-5D12E0C0EB5D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4F97F550-09DE-4071-BD15-806C040C3271}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{4FD240D1-2BE0-4829-BDED-9B27E9849ED1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{50089B36-3037-49D4-8B3E-22B1E95DC753}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{50325D14-FF4B-4A9E-B91A-DDF54C43AA28}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{51A49F11-F07B-4CB1-B210-D939709DB97C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{51B35B7D-867C-4FB7-B2B9-EDC4D7573CB9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{524862CB-A736-4868-873A-320A1726C6C2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{525727E4-5978-4360-99B0-FD2EEEE158DF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{53AD63CE-C029-4514-A6C6-D325A89F5B49}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{53CDE7F8-2FCC-447D-B9CA-47580B0C31D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{543E30B6-85D7-4FFA-B9B1-1F88663EC126}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{547936A2-8CA3-4998-810B-DC11E24873E5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{54BC8E36-6768-4626-9D88-C4A3E5931132}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{54C3C7E5-6E7D-4BFE-B093-91E5DA4E3974}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{54F8142B-3760-4B8A-BD4D-07AF5F0B05C4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5505C9A9-0C85-4446-ACCE-DEF9457BEE4C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{55311378-461F-448E-BC0F-C907E9C7AD6C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{556E5F79-587F-48F0-A678-0B03DB7067CA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{56202BA0-69C9-46F5-8527-3DBA4F9214B8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{56608E47-EA0A-46F0-A355-BFD85CF148F2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{56905A96-8D2F-409B-B02F-7F3D74F66641}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{56D177EE-5A1F-4166-B297-237FB09AFA8B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{57425C33-3BA8-43BD-B07B-858AB7D0A476}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5746C8D0-6E05-42FA-80B3-FF2438795294}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{576FCAEE-79ED-47BB-AF88-CF6A0CFB2A16}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5771B2D3-44DA-4A37-A637-CF1560C96F75}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{57B4B6B0-FD7A-4C15-ABE4-201C56755677}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{57D42C4C-BA02-4A86-8376-1E9060A42321}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5836FFFD-FEDB-428D-A813-38A09B66BE5A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{585F25AE-627B-4165-A731-696F3E9335E9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{58F2E419-DF80-4C74-B377-D78B52431176}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{595F04FA-5948-44E7-89B4-04A3AD9A4930}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5A12FDD9-C36F-4E38-844B-6E6B5D45D5A8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5A65C8FB-A364-4A55-9A5B-C2F3993EEAFE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5A895366-EE14-49E3-8AE3-6A7FE5AA573C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5A9E183C-2BC0-4323-907A-B527E71F12A5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5B35CBD0-0038-455B-BE14-662188308BFB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5B420FA2-A7DD-4673-ADB3-2C57E76042FB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5B86B337-DD49-4C89-B91B-195EB0E5682E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5BFD90F3-4114-484E-8547-CECCCBC6311E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5C0FE90B-C1BE-45AC-A0CE-75CB6AA0E72A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5C61CB05-5370-4886-92B2-0889F263D0B1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5CAE90E2-40D1-4162-B565-3AD88EA7AD30}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5CBC1CFB-E80F-480C-B906-A75851D6AD78}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5E381849-7892-4D29-A39B-8FBD17421346}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5E56373C-4FAE-4DF4-9C69-7BF828B076F6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{5EBA1D85-E9E0-4F09-9728-08BA3F20E577}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{60082853-2C4C-4CF8-AA3D-F0FE15540A56}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6009B4A2-1F69-4783-9D8B-21FF9B8F106E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6018F4E2-29B4-42A1-9960-F818593CA4FA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{60849AA4-FFE6-4845-845F-61C7A5BADF5C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6117B4CE-9003-4824-9984-C1D9AC6842CC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6176139B-0CD6-40C2-B748-3A618A17B785}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{623FAF47-6287-4D45-ACAC-9803BD6E0B8A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{625E201C-1C8C-460D-9849-64DDC9249203}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{629FDD67-B7DD-4EBD-A4F9-1EEEBA14B1D6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6374236F-7496-404A-93EF-598564DCDBB8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{63938187-F378-43A7-8AD2-579C4993C3BA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{63C45BE2-1865-4C56-804A-FD1A493053D3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{63E0D297-55CF-47B6-9DAA-800B633208CB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6405BC2D-120B-410F-B662-2038A2D6F0D8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{643EB2B9-1806-4257-9AA7-998339CDF78B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{64F14677-DB8E-408D-B9C8-A373DEF834C0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{65370BC5-A9CF-40D7-8718-ED6CB504720D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6539428E-98C0-4EDE-B9C6-318D2A340685}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{659C2E34-E4AE-40BA-AC00-CB8D8A2ECF72}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{65A331A8-9B7C-4315-AC39-D665062A55B1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{65F61D41-4976-4347-AF3A-36501F9E52F9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{66201019-9B58-4B07-AD63-ABB408545027}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{66405A56-D863-4641-A5FE-C3EFD3FA7DF4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{665BA805-A799-4481-83EB-13DFAA93819E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{66F9D20E-36B1-4D19-8A20-E4D3082262D6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{675C0932-7195-4DF3-8208-42199FBC8084}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{677A02DB-9509-48DB-8B59-7B0A0F2B7F25}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{67DDCC4A-7256-4541-8627-B570A4AF17DC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{684D9759-0776-4761-8E3D-475A9C54E4E8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{686264BF-8F24-4B50-8672-466E8C99B723}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{68A5EA77-07BD-4AE9-9634-5AA5D777C777}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{68B07C6C-F392-494A-8977-E352316C2D03}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{696709A6-B6F9-4540-B43F-C425AA955A42}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{69CCD0C3-EBB1-4394-9B81-B0981931A59D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{69FF9D6C-AE9F-4CBB-B94C-E0554FCFB6A1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6B4F2BC3-04F7-404D-93EE-215B16764EF7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6B7D9885-4F7F-44A1-B48F-990DF5362382}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6B7E0399-6A14-44E2-B6A5-36A445F8C57D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6B8DA4A2-1D94-4EE9-AD36-DB700A32C35A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6BC1E72A-EF20-402F-8DA4-CBC77EFC3EC2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6BF34471-D279-412C-8D7D-2EE3EB7B63C9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6C530EB7-07FF-4680-B67D-FE344F573ED7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6CB5D9E8-DEB6-4708-ACF3-743BE8A6D33F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6CD2B588-3D6E-41E9-B433-D8EC6DBB67EC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6CD99FED-1DD0-42A1-A175-8F531B218913}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6D6530AF-FC42-4AE0-B0F8-0F059B3851AC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6D8D46A5-ADCE-4501-8350-1EDED9A91E63}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6E0DFED9-8D53-4E80-B165-B0E9B3FBD6A2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6E8A7152-E250-40D4-8D16-1821D1F7C4D5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6EA095E5-81E9-4275-86D7-B4155490E257}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6EA0C90A-A3C9-4E94-B891-5AEFECF9E246}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6F2044B7-2973-4F71-844F-EC1A59E1D1E8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6F469B01-EAA6-47EE-BD27-1520D92A11B2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6F6B3520-17B2-4E43-8694-951FB297E1DA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6F6C830E-E459-40E8-9A41-C1CADED154C1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6FAFE884-6D96-4FED-AEFB-E092F0214BBA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{6FB0E716-2E16-449B-B850-92FD76DB49C9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{703559C8-24D9-4F35-B53F-7C76E1F5E9AC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{703FDDFE-62BE-4350-95A5-42AAB866DC5D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7064E3BE-4F63-4F37-866E-69C2ACCD2683}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{70F8D6A2-090B-48A2-84CF-79DBA723D1C6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{71772130-0969-48CE-A9BB-E4E85A6379ED}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{717C6047-1B78-4CEE-91AB-B460C7309395}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{717EA1DC-8DAF-4EC4-B614-5E886DF210BC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{718CA5C9-6E95-4EFB-8D2B-4C521DBC2382}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{71B949F5-BE2B-4BD4-BC09-641EB475AA32}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{71CF08FC-41AF-45D1-A9D2-1E96D52AB1ED}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{72CAE59F-6A15-4707-853A-7F991283D27F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7342E316-06A6-4F5F-8F6E-8FC19E4435A3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{734AE404-9461-4097-BF5B-DACBE2D49070}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{736981B5-90C7-46C4-B92C-5A703810BB60}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{73873C25-03BB-484E-9515-1DD3D8D6C5B3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{742ED633-A967-49A7-AD36-FA28580A3542}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{745228F3-539F-44F5-939D-450230CD31FE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{765F6295-52F8-49F8-8539-E927EAC6ADCD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{766ED8C1-6296-46E2-80C7-05F0574FE0D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7678CBC4-DB13-480E-B2C4-6760894FFD18}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7730787A-6D6A-4608-9338-D0E633864DFB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7737951E-2936-4F5F-92D4-729142563FA8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{778C2153-C543-4102-97C8-1E83EBD13532}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7793E3FB-5695-4FC5-BF07-C15E2415D2A2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{77ED7F9E-5997-4C94-B7E1-541C2ABB1D08}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{78599BCD-27B2-4148-9516-E133279FD1DF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{786C30F0-4365-41A5-998C-620601BAE6D9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{79087F3E-6A94-4F3F-BC3F-D95B687B0A4E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{792F32FC-61F1-4F94-B876-75FECB7AC6B8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{79C2776D-3E59-4AE6-8878-2D8C97F64E13}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{79DC87F5-B5CE-48B5-8A0A-8732E22EC10E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{79EA235E-36EC-4F79-A207-3592954B4A70}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7A0CB6A2-7F19-407D-8A7D-3F3D42984100}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7A4BDD0D-4F48-43F4-BBEA-D6344708B755}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7AFB65FF-943A-4364-959E-69F52D7DFAA3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7BBAF97B-DB20-4295-A8B5-3F4103C43A1D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7BCAC6B9-E274-49EF-91CB-75C31C721E4A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7BE9C96E-87E9-461F-971F-196D5E4FCF1F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7C409C66-94F9-4138-A127-7E2AF2D2B355}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7CB4F7E8-8816-47BD-B3BC-D59B17E7A267}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7DD3E4BF-2601-4F61-976B-887DD7AD534E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7E18BCB7-DB95-43A2-BD3B-811F4DBB1921}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7E1C25DF-127A-45A1-BDA3-E2137BC2D77C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7E354589-7B49-45D8-8F43-1C7BE202290D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7FB4C5A0-1047-4C2A-BE28-3A3340988D90}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{7FB62CA3-6524-4A39-92A7-6DEBF6EB78F5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{800DA1A1-0EE8-4B0E-B759-4B8A12CE552F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8146DD95-2678-46A0-87E0-2E97D54DE539}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{81AA7685-C118-4FC1-9160-DE27C465A03A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{82046B01-1772-4F57-A62E-D89764EA1282}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{826683DE-ABFB-432F-80A8-C242B22B1CA0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{82B76298-5005-42EE-95C3-6907DF2A524D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{82F62E19-3C6B-4944-9A76-51FA8ABB37E0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{833D9D26-E2C4-4103-92FD-9FD9A042BF2C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8363B184-3982-4DA6-9E2B-3B4BB6975076}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{83CE2DC6-3FA7-4B6A-B7E7-92834B71003F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{83FDA5AB-D6C2-4F07-8F14-625BDA6FE5A1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8419DCD8-FA50-4492-9C3C-EF00AD6F7832}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{845FF319-5C44-4EAE-925D-6DC49A46A684}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{84661492-628F-489B-B027-72D6951E5C01}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{84B87431-C56C-4285-B9FB-269B4351C0E7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{85307A5E-43BB-4E40-A7AB-B1EE948024E6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8590B688-0A27-4906-A70F-AE2994D49EE8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{85EA4EBB-0AA9-40C9-91FF-87CEE9411FC3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{860693A3-F41E-401B-BBCA-B27AB06F00BD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{86AF83CB-6B08-4CB1-930F-3595A798CDBC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{87598F52-D758-4A06-BD03-262D12573647}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{87A5B766-1D1D-4400-9189-F39D4626655F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{87C762DA-1682-4C1B-8AD4-F659D5E59736}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{87F01C62-F5FC-4694-9739-F1CB8AA3CA6A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{883A4363-1320-4DD2-9016-D4C64E5A65C4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{88945746-DB25-493F-8EA9-FF16FBDA311D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{88A961D9-CD9F-43AB-9185-A4197458F59A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{88C6F1D0-F411-450B-A472-670CB5A363F2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8947B6CF-C793-4C1E-9238-EA833E6CB7BC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{899AC5B4-636E-4E7B-A9AF-86DFF0474056}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8A788B4E-930E-4255-B59A-3EFD0FA1A84B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8AFF539C-DD62-43F4-99BD-917851A742E2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8B1265A9-BA69-4F88-8FDF-AC54006A3CDD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8B2ED673-349E-4C94-96F6-5928AC035007}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8BA51928-A93C-4ADE-A86C-E1B043232F6C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8BB87335-DB1F-4A21-94AB-EDCE2F6DE54A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8BBB0A45-B94E-4B18-858E-0AFDC48323AA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8BF9C2C4-8FD2-4D3D-8BD3-45F67DF117CD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8C1D7D83-3E82-44F7-96D5-DF697C1CC3DC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8D3A0D9B-7712-4F6F-B825-F6B7A4565871}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8D555A95-2DD4-457A-B5DC-6732D4564DBD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8D844A29-2D16-42BC-B149-AB555C8077DE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8DA55DC0-3089-4E6F-920C-B7AD361FDC79}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8E582E62-768E-4822-8DFF-FCAE79FDABBA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{8EAD4DA5-3545-4E28-AD68-13F9C94D00DA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{90150397-4D6E-442F-9F6A-286A29E8AAB2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{902243E3-54D4-4E2E-8463-58C55A13F24B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{90342A9B-EE5D-4A15-9A5A-D245D42A8186}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{904FAFCA-CAAB-4995-950C-B01ED82B9F75}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{909D102C-62AF-4346-B683-31ECF7BF5B8D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{911F0C83-DECF-4474-B0E4-B2C598EDFF88}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{914A5FE2-6269-4B13-A147-EEEEEC5CAFE5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{915DA015-70DB-464A-9EA8-2E239A3B39E0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{91B7CCAA-1260-4A09-A6D3-2332589A23EA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{91C6D190-8AF5-4F6C-A2BC-0061E7674E07}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9231C7C6-1CF7-4D49-A34B-F06FFBBC1B39}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{92B50D88-6112-4540-9B6B-6F7D5C1A78B7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{93104925-37AA-4BA9-8005-94E00E297AD9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9359623C-2D79-4FF1-8236-3E2BAB723A8F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9376C274-C192-408F-8BAC-FABBB6370815}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9473E1BA-A2D9-4AF4-9E10-61C41509CC8B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{94B0AB43-73F8-42F1-9B96-521677C87CA6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{951D5560-759A-4F40-9742-273CE6CC4FED}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{956794A3-4555-4184-AF80-BBAD52E16CF1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{95ADC9A3-459D-46A6-AB22-BEC74BD1F7C5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{96366259-2046-46E8-9811-58404411AF03}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{96758351-1769-42CC-82A8-65B20789FD1D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9689ABEE-7FCB-4A90-9600-49B6FC06F9D8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{96D3C124-FBC4-4767-802B-047D01DC3BFA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{971CAD56-68F9-485C-BBE5-D31E616CC1E5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{97B15518-8AD0-4D0D-994F-144FDFB985B7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{97F1E37F-9043-4440-BE0F-18D42E996B14}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{986B488C-C6D7-4294-8425-52E6DD1B2D88}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{98C7D57B-F616-480E-91BC-773C6B3A9324}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9A2420A8-DA2B-405D-8E3A-37413B0F789B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9A5FB3DF-CA78-4A9D-AF15-C6730DB3FBD4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9B59EC3A-B937-4232-AC1E-341214453C40}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9B8A6B49-9C8B-41F5-968A-F08552AF45ED}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9C2E3220-A7ED-405F-B66A-CFB9C78DA0CC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9CCE9BCA-9C90-4F4E-A2B1-0E9AFD27A659}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9DF7316A-F79D-4BE0-A4C1-791847E0E237}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9E5B49B0-5E87-478F-A5D6-CE8CB1DD18D9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9E63FA62-D8E9-47A9-ADEC-A505436F19E6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9EA65098-7CF2-4DD6-8A52-29CB0708CE92}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9ED7E1CA-ED73-40D5-A88C-91B561E5D636}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9EE10D56-43F4-4F74-92EB-76BC19566AC8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9F0144E3-9850-4B37-873A-101D6B525BCC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{9FF18824-2F7B-4DDC-AB0B-C5AB56DF3DAD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A00C6BFA-90C0-4B15-AD8D-DD288378A322}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A07551C6-8275-4334-BE98-77324CC9B050}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A07B4F6F-5451-49E3-B503-3512EB80F375}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A0DE85A8-C299-48ED-B95F-2BCFAF886D02}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A0F22D44-0FAF-4546-88DE-036E7682CA46}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A178C4DA-9A64-4DB1-9858-B210779604FB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A19CF6D9-D841-4742-9F2E-F8B4A15B64F5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A36C4517-F078-406E-9023-402FBFAC2E79}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A3889239-892D-44AB-99CF-19F20D1E4004}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A38B0268-2051-402A-919B-12E4D8270533}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A396CF67-FC93-4B5C-A57F-79692E090B4F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A3A7DCCE-D1AD-418F-A571-E63E06ADF41A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A3B06913-BD65-4C81-9D2A-E826C43B02C9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A3F22414-76B0-42C3-980F-0BBB1598FEC6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A42904CC-A33A-42C4-B76C-1C6A47AC1540}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A4393A9A-6CA8-41BD-A3EA-CC2FD9E7B4C5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A48313D4-F868-43CD-90D6-2F8AB5BDEB83}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A4D1139F-7070-4AC1-A45E-3FA7CEC4A372}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A50BB2F6-C3FD-4CE1-BAB7-B753D9B5628D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A5792CA4-3FEE-465D-BD47-E88106AD24C6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A5AB500A-C67F-49BD-9972-2FC10E3D56D7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A5FAC4AC-2FAC-480B-A77B-8053E0CF0E1B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A6212CA2-BCEF-488C-B5DC-6A31EE6AEAA7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A64F1205-583B-414A-AFC0-D8B653812F6D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A6ACF579-E2C5-48CD-A81B-AAA0EFA3E884}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A6CD1ADA-3C62-4EE3-BDE5-1C1D1E297817}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A6EB68C7-B067-4B50-858B-92F0AFE9F13D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A7EFB74B-CF21-44BD-9CB6-41925F28AC91}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A85ABB7B-D7FB-41F9-8E53-9D25A848B02D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A865702E-DCB7-470E-ABA8-3182606CC58B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A8E536E7-6B94-468E-8642-57805C026E15}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A9531621-308F-4ADD-9AB3-1FD35990A092}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A9581EC0-A849-4D5B-AFEE-20D8DDC96908}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A9A10F57-81FC-457A-BF88-B9C662DF640A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{A9C3BDC2-06BE-4194-9EC0-46BC6F5DCC34}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AA11CD59-3F49-47F8-843F-D8789C0C2B9A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AB38E3AA-951C-4EE0-99E1-B3B6A634B22F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{ABDA49F1-EB9C-4C37-BB86-C8E3FF22C986}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AC0F2ACE-0048-4134-B49C-07889E757318}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AC166BDE-2967-4789-A68B-6E1DC8454A33}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AD1A2F36-B086-4869-AAB3-96F053CAF247}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AD319E25-03FC-43D5-AB1C-A97763E8742B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AEC0E97E-CC27-44AA-8A06-1FE986EBBA8F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AED8FDD0-55EF-4053-8775-1AD4EC806E5E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AF040592-C30E-4545-9433-0E92176AB0FC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AF7332F3-D8F2-40B7-BA5C-0C989B6E2FD5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{AFEA4827-5BBD-45FE-A2E3-483428F012C1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B06CFF68-743D-49C2-9DB9-B3BE8DFD5FED}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B12D3B37-7AC9-4A2B-B808-9990CA4B5CB5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B152926C-B17B-4651-BA82-C68840CF787E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B161A344-1FAA-41CC-BFBB-4C8C4FCB5386}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B1CC05D6-73BE-488E-89E8-1031F81613A3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B1FC7336-75AA-4044-90D9-5A21AEF25294}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B244B555-1769-4F13-9F20-2E74742AC345}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B27BF327-ECBB-4B8D-A10F-AD0881E40CEE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B2A43283-122D-4DAD-9392-7B663094F23D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B2A8A67C-092C-4B07-8C9A-0429E4247C4A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B2B5B475-4F19-4B35-BECA-4844ECAE4DC6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B347F55B-2170-4479-AFC0-A59539C96681}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B3A457AD-532D-45C8-90AC-EE4E89DB9BF8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B3ADB855-CE81-4E22-9312-267234D353F8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B4107C45-5ABC-49AB-885C-F9FA2A2DF60F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B42652B6-A0D0-40C0-914C-E86566CCD033}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B4824E73-316C-40F3-8945-EF9FAE71245A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B5436E00-C8A6-4185-AC92-E339D639CA38}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B5890094-8FC0-4DDB-94C9-21BF6AFD0153}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B63F528C-800F-4F43-B62E-FB174E96C252}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B661A17A-9626-479F-9776-ADBE6A4F4E8B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B689A954-A630-4F86-A991-41D1BE54D1DC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B762C8BB-3516-4E6F-A2EB-BEF6A8D413C3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B7A9C189-9E9F-4EC5-838B-B5CF25596B7C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B8409F6F-5FA2-4A49-A718-DE5A246CAC93}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B845F117-0DBB-4BE0-9ABB-00070EE47752}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B849ABFD-2902-4A63-ACEA-FFCFB89FCC1A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B8FAE692-AF89-4B95-AACF-5FCE360F1BB7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B925F6DD-08C7-4DB2-A20C-FACD4CC9D6C5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B95913FD-57E7-41ED-8131-0D6E5CF62E59}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{B9611FC2-5BFE-4D12-A4D6-2414F596E962}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BAF16213-6131-484C-8C2F-A788F2A3A1A7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BAF42FF1-F711-4D9D-8168-4065F435EC85}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BB1F2C02-653C-4470-B5C8-43D1872F8EAA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BB4089B6-BD65-4FFF-BE90-241D2F4DB168}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BB73573C-99CC-4629-AF5B-F8C7BA3D1C90}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BBFCBDDF-0BC9-4AD2-9052-EF3A8640BB17}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BCAD1FAB-95E8-4BA7-B81A-ABA3359EDFCD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BCD503B1-BF41-4ADD-A273-54785F34C6F7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BCD58B50-D550-4260-997A-B2B77A6886E0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BCE51252-854C-41F6-9E09-2BEE4E4463C9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BCEF6D6E-9553-4DE0-9CC2-3D8371B9D14B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BD237597-875C-470A-A377-B58A5DF37F2E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BD6B97F0-2EBE-46B9-A9E1-98B58E8F0204}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BDAB1156-7E9E-436F-8EF7-3FF42689D783}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BDC539AB-C4B8-42EE-9F63-A14B554D42DA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BE16667E-3743-44B4-AE6B-A7E95826EBD9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BE33C8C4-6638-49D2-9091-BD538E73AE87}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BE3AF2B8-C94C-4703-9A65-437B09C42186}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BE5945E8-4A11-40E4-8296-DFC944633095}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BE5A22A1-FA5C-411E-987E-222A0190A64D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BF3ABCB0-7E95-4D9D-B068-B5AFC2C2041C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BFA25553-3A85-4E38-A5CD-6CD8358C6141}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BFBB71BB-2C1B-4EEC-9009-BBF1E12734BD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BFBB7974-C45D-44AF-9836-949296E7CB85}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BFD6DF05-5ADA-41D6-82B2-917DF90C1678}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{BFDBE2B1-BAF4-49F4-ABED-5A15E1141680}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C0070A6D-31B7-4E46-9969-C7CCCAC3B87A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C05C92AB-BB08-4C13-A495-2228038BE38B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C0A1C3F7-B52D-447D-B4C5-F50238FACF6F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C0F5477A-A1E1-4414-AD51-E14505C68F5C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C0F5716F-1F4A-4995-B6DA-ACC700D9E80D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C1009E58-E4E7-41CF-A796-F3D01F612998}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C1BF0FB6-8762-4120-8218-F6DE11A428E7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C1DD3F41-8E54-48D1-9F25-A50ABEA336BE}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C259FA24-731A-4348-881F-380E0120972B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C393B5F4-B60D-4631-87E8-9E1A04A42695}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C3B59A45-EBF2-4C23-AA93-7852E48E100A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C3BC1542-E2E2-48A2-AAFC-6F975534D1F0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C61EA768-E794-48CD-965F-DE0B4D8FF1C2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C66F322D-30D4-47FF-AD53-09330DAB342C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C6D78F30-4106-49C6-A3DC-ACAE93707361}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C6EE66A3-C841-46D3-9CED-43E343B75EE9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C824E24B-DA4F-4AEF-B0E0-C05DB3091E63}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C8BE76AA-F133-4D07-81A9-1ABEE54C5428}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C9240208-E57B-47F9-B336-8351D7FA6E32}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C9B6CE3E-01DF-4ABA-8CC0-F5538F4E701C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{C9ED3024-0EA1-4D14-A0D1-DA9DDBEBC630}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CAF5AD9E-C142-405A-B0C1-1538F8939C4C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CAF68802-BA56-45FE-AEB8-33E54A083214}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CBB95989-C626-4F2A-84D9-BDBAEB4F29D9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CC54CDAF-8676-43EB-B70D-3EF8EE63D5B3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CC82ED2C-3988-497F-A8E8-8AC781F06019}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CD697698-F8F7-419A-93D9-6B4C77F6D254}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CE16344A-86B4-48BB-88D0-3DF946BAF377}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CEA4883B-AEA4-44F0-A05B-BEF8A70E60E8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CEA73145-7A03-40AC-B509-002A3367B730}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CEE21B65-D946-4B93-99BE-0A7764F0D7D2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CF085041-40A4-4E00-87D0-7F9D473E9249}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CF64ED58-0F78-44D1-8A5C-2AD80871E66A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CF7EFEF3-126E-442A-8649-3EC7B963C9F7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{CFF0D6C9-975D-48EA-A658-B3D1814B2422}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D0441A61-383C-4B45-A694-B7C9FCBD9E34}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D06F22E8-283B-41B6-B27E-844B929D1D7D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D0A01A0B-578C-45E2-BA76-343009B700D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D13BCF81-B27B-4EC0-8D57-6672B838D7BC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D15A9BCA-027C-4C3D-918F-BD8F16402EF0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D176E1B0-BDE2-467C-BD18-D73ECA096CBD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D1A7A845-1F3E-4E79-A841-B63F4CAB0679}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D1C4BA2A-E215-4F86-9FBA-19856F3B5F94}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D1D06959-9D49-49E6-8307-607D5734AEA5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D1FC87E7-45D5-4FC8-93FA-7E9CE2E9C4CB}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D21DA4DA-F658-4078-95B9-4BDD5C8E94E8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D3CF254E-E1D0-4842-86A2-BF6E69D500F8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D4A59F79-EDEB-4DE9-883A-77E3E1C66847}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D4B90686-1332-4608-AA9C-821A94FE1715}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D4DD11F2-0EDF-47B2-883F-F72084525DA1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D5065942-519E-4BA8-91EF-C343E1D172AD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D52D2D4E-F9FD-44EE-AF09-94621CD3B210}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D5C6C629-E102-4C52-93D9-69E1E5B12443}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D5D19A40-354E-4236-830E-025A4CC3A937}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D611C191-4EB5-4BDC-95A7-445322FD2939}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D61D2C4A-3359-411D-9C67-021393C3DA4E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D650F638-E9C4-4536-B0B3-02482CFC2329}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D694CB6F-B45C-41BB-9D32-F605BF4C756A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D6C3BCCF-4902-41C9-AB73-D5794F02346E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D74AE26D-D936-4A1E-BC7F-FBAF11FB3A92}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D78B7EC9-9A23-4686-A87A-ED5B87183546}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D8025F49-E910-4E6C-8B9D-921FF3962D89}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D80D8A6F-28B4-4E8F-86E7-560F6CB73E6E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D8FB5F17-97F1-4378-8BDC-C951E5F18EC9}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D9267CAF-67AB-442F-99D2-AA44F004FF60}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D928870A-A751-4A55-A6C5-6F35C13E55E8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{D9851E7A-B591-4870-9F1B-1582B5E1DF05}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DA993CCA-7647-407D-A61B-9B46586C4224}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DB105B36-1ABC-4066-885D-C0F0E7550BE5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DB87BB30-94A7-4AA0-93B3-6FFCEA86B1F8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DC1DB94E-B951-4D75-A8BF-5C0BDADC0433}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DC25D3AC-FE5A-46D2-989D-8BF99E8A3DB1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DC73C4CE-DA6D-4403-B23C-411DF21EBB24}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DC95E12C-0B76-4FF5-B595-DFAF0012F9C4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DC9AE782-949B-4AC8-9978-113FCAAC6751}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DCA60594-9933-4876-A26A-C62A8B150FEC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DCE0F6EF-553F-4608-AE2A-49FD7816C10A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DCFB25E7-954F-4E4A-AC6E-F5ABD37A7AFD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DD153967-9C14-4517-A433-2427F2FA2A0F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DD72AA0D-2ABF-4268-BA48-57A3A5FD9DA8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DDA2CE6A-E6F7-497B-B512-45E0E6280966}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DDC1B634-0830-4F0C-830A-B5ECF17AFEB0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DE5AD4D8-9CA9-43A9-AA2A-97C7080CCE02}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DF06F5A4-E793-47D4-B2C8-5086A1BFC008}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DF7FD09D-48FB-49FB-9174-1527AFA60033}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DF9C034E-5DBB-47BB-906C-7F077CE1F126}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DF9C5D6A-37DA-444C-8BDA-BF7503A51AC5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{DFC3A832-C81A-41BC-8B9A-59121AD2D036}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E0E2D1A8-BD71-46CC-8DC7-B29C6490873D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E2874809-D538-4DF0-BE1D-0CC3E86FB4FD}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E2E05BE2-60C9-4D01-81FD-0EAC61F52542}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E2E65F31-F828-4F32-8427-1CFF8A078A99}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E329BFB0-26A0-4B75-A772-ECB514194827}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E32C147D-C47E-47BA-90B0-F543D97816FC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E39AB806-7AF5-4DDD-8788-5280296BA1D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E41DABD2-92A8-4B75-88F8-930C014CF005}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E440EF90-9CD3-4068-AF0D-975BF480AD7F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E4E2CD3F-3564-4591-8225-53052BCBAF0C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E511E355-B337-4C22-B4BE-D03DC5044743}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E51A78E0-E601-4888-950B-A0A08A0433D0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E58CF947-F2A2-4027-8902-8275BE244735}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E615AF82-8D66-446B-B8A2-2DAF2A3A9E19}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E751D140-FBB0-4B2B-9A4C-AB8C02F5085D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E7DB6553-7FF8-47C3-BA5B-6B93606677C0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E7DF7878-106C-4C3D-BDB0-CDF2A130620D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E7F8ED74-A718-4F15-B254-ED926613D546}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E82F4AB1-3419-4E2A-8A38-ECE6B77FBD34}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E8501AE2-6655-4511-8737-F6A90E2A75C5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E85565B1-B6BD-45DE-B5CB-8D9D39DD9ED1}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E8A308D5-BE67-4E0D-B2CE-C94B0CAC93E8}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E8C74A4A-F552-4683-902F-52F4BD83F587}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E8CAAAB1-0D70-4680-805A-20A6A2E2783A}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E9227635-6C0A-4E59-BEB4-FACD69EA484E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E93C4F52-6D7E-4D21-BB7E-100026CEBF3E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E9F5D0B9-2A29-41BE-B193-B2AB3D19CE8D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{E9FD35F2-8A50-4817-B8EB-BD82852CE52C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EA1D88CF-AE9B-4E2F-B421-D16B192CCC64}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EAEE2197-467A-427F-AD33-FB09B60FBDDA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EB0172CC-43DB-4AE6-BE10-4F5075BF6D84}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EB5D075B-83CD-486E-91DA-FB8947ADB487}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EBF7877B-BABF-454C-A73E-10CECC51B056}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EC165D47-9FFA-40FB-8D17-FF9D703419F3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EDFEA470-12F7-4513-AE77-24165ADD543B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EECF54EC-31E1-44A0-8ADB-FC67FAD32327}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EF340A9A-634C-4093-9978-C7643C496C97}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{EF923AB9-EB34-4F48-B746-F8463ECCB1CA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F013E1BF-83A4-4F8D-BF05-BE6ED0ECE64E}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F0EE01DB-C9CD-43A4-B291-BCC06B71139F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F10532D7-D467-4B0D-9E5A-3AC01093C470}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F10964C3-0691-4782-AF75-724A9CF5C094}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F12FA433-EAC9-472A-B943-1A092F3B76D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F158D006-4025-4AD5-B019-E726573219DC}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F1BD5EA0-C543-41FB-8E32-C76C15486F01}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F209535E-DD5A-4B56-B84C-387F833F8F4F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F2793DC5-D205-4D36-AFED-5657CDCB5C9D}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F2CAAA26-144D-479E-BC46-FE7528123956}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F32D4B89-69C5-41A6-851E-5D8B80739480}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F67CEF29-5FAA-4E5C-97DE-2E2C6ADF6664}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F685426A-33C8-43DA-897F-F749B35608A0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F77FA3A5-E463-456C-83C6-2DAFBADA2A76}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F7CD082F-631C-4F67-B90B-DE44F7B2617C}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F7E84537-1DA8-4F31-BD46-685E57EB517F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F800C587-8A62-4408-B23B-AD5A882C3CF3}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F84DE240-FF9C-4038-A527-C747E9767A82}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F8D04454-4DD5-4854-B602-E8883AB063D4}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F978436F-4996-4190-BEF0-38050E2916F2}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{F9C94026-F024-4ED6-A153-8CBBBFC63DD0}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FA6DF803-E61F-4423-A577-AF54DE780CA5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FA6FFA8E-61E7-491F-AD68-A7BCE260ED88}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FAD7B82E-86DB-4A3D-AA28-447CD3D265A6}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FAFF7F26-3510-4E12-A2B7-2B1C1D6007DF}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FB1CDE17-CE41-40CC-8C75-17C1D5FA6B0F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FB2ED22F-0CDC-4FE6-8D70-972E6C91C10F}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FBD8C2A7-AF40-4176-BA0E-883CDB1307A7}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FCA5161A-F399-4760-9211-3A1FA05DF9ED}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FDA3A025-2461-488B-867E-119EC0C01325}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FDB67369-584B-4897-A74C-32ADD00B98C5}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FDEA77F9-8B25-4E7C-A602-14020423C68B}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FE2746C6-E806-410C-9F42-6C1EE72C6644}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FE8B5154-131D-4555-BB9F-06C92B775E79}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FF0C1CCC-0CAF-4B60-BEBB-8D49EC2F2267}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FF65323F-D4F9-4ADA-A2CC-5B14F91B6CEA}
Successfully deleted: [Empty Folder] C:\Users\Arje\appdata\local\{FF826528-345D-4AE7-808A-CE6B428C70F4}
~~~ FireFox
Emptied folder: C:\Users\Arje\AppData\Roaming\mozilla\firefox\profiles\wo46mp0t.default-1403853177353\minidumps [12 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.03.2015 at 11:23:42,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Geändert von AxiomPro (13.03.2015 um 10:19 Uhr) |
|
13.03.2015, 11:43
| #10 |
| | Win7 ständig 70-100% CPU AuslastungFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Arje (administrator) on MUSICMASHINE on 13-03-2015 11:34:38
Running from C:\Users\Arje\Downloads
Loaded Profiles: Arje (Available profiles: Arje)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Macrovision ) C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SafeNet, Inc.) C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-18\...\Run: [DevconDefaultDB] => C:\Windows\system32\READREG /SILENT /FAIL=1
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-454721375-3589406793-525374796-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com?fr=fp-comodo
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-13] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Arje\AppData\Roaming\Mozilla\Firefox\Profiles\wo46mp0t.default-1403853177353
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-13] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2011-10-20] (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll [2010-09-01] (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-454721375-3589406793-525374796-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Arje\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-02] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll [2008-12-10] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-09-05] (Apple Inc.)
FF Extension: Adblock Plus - C:\Users\Arje\AppData\Roaming\Mozilla\Firefox\Profiles\wo46mp0t.default-1403853177353\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-27]
FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files (x86)\Mozilla Firefox\extensions\{24fa9f3a-3dc5-3c58-1c00-5d6e2b2098ca} [2015-03-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-03-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-03-13]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [Not Found]
Opera:
=======
OPR Extension: (Leo Recherche) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\aenohohbcbcaeadlkkejbceglpdfldig [2014-08-10]
OPR Extension: (Adguard AdBlocker) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2014-08-10]
OPR Extension: (Translator) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2014-08-10]
OPR Extension: (Torrents MultiSearch) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\gckmaajnanfnjncainlndbogelcipljj [2014-08-10]
OPR Extension: (GetThemAll - Any file downloader) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipjignndhlpeimkmgpfnappdcohjealh [2014-08-10]
OPR Extension: (Die Amazon 1Button App) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2014-08-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-12-03] (Adobe Systems) [File not signed]
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-11] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-10-25] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-10-25] (BlueStack Systems, Inc.)
R2 cmdagent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-03-02] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-12-15] (Macrovision Europe Ltd.) [File not signed]
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [85184 2010-03-13] (Macrovision )
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2007-10-23] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [40496 2008-11-11] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [50736 2008-11-11] (National Instruments Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-11-11] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-11-18] (Macrovision Corporation) [File not signed]
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [8656 2007-11-06] (National Instruments Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-16] ()
R2 SACSrv; C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe [8904 2011-01-13] (SafeNet, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [368832 2009-11-05] (AfaTech )
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-11-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-28] (Avira Operations GmbH & Co. KG)
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-10-25] (BlueStack Systems)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 FFUsbAudio; C:\Windows\System32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Ltd.)
R3 iKeyEnum; C:\Windows\System32\DRIVERS\ikeyenum.sys [16160 2010-03-18] (SafeNet, Inc.)
R3 iKeyIFD; C:\Windows\System32\DRIVERS\ikeyifd.sys [22304 2010-03-18] (SafeNet, Inc.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-11-20] ()
U5 RnbToken; C:\Windows\System32\Drivers\RnbToken.sys [24352 2010-03-18] (SafeNet, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2009-12-07] (Duplex Secure Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [50688 2010-04-19] (Apple, Inc.) [File not signed]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 COMMONFX; system32\drivers\COMMONFX.SYS [X]
S3 COMMONFX.DLL; \SystemRoot\System32\COMMONFX.DLL [X]
S3 COMMONFX.SYS; \SystemRoot\System32\drivers\COMMONFX.SYS [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CT20XUT; system32\drivers\CT20XUT.SYS [X]
S3 CT20XUT.DLL; \SystemRoot\System32\CT20XUT.DLL [X]
S3 CT20XUT.SYS; \SystemRoot\System32\drivers\CT20XUT.SYS [X]
S3 ctac32k; system32\drivers\ctac32k.sys [X]
S3 ctaud2k; system32\drivers\ctaud2k.sys [X]
S3 CTAUDFX; system32\drivers\CTAUDFX.SYS [X]
S3 CTAUDFX.DLL; \SystemRoot\System32\CTAUDFX.DLL [X]
S3 CTAUDFX.SYS; \SystemRoot\System32\drivers\CTAUDFX.SYS [X]
S3 CTEAPSFX; system32\drivers\CTEAPSFX.SYS [X]
S3 CTEAPSFX.DLL; \SystemRoot\System32\CTEAPSFX.DLL [X]
S3 CTEAPSFX.SYS; \SystemRoot\System32\drivers\CTEAPSFX.SYS [X]
S3 CTEDSPFX; system32\drivers\CTEDSPFX.SYS [X]
S3 CTEDSPFX.DLL; \SystemRoot\System32\CTEDSPFX.DLL [X]
S3 CTEDSPFX.SYS; \SystemRoot\System32\drivers\CTEDSPFX.SYS [X]
S3 CTEDSPIO; system32\drivers\CTEDSPIO.SYS [X]
S3 CTEDSPIO.DLL; \SystemRoot\System32\CTEDSPIO.DLL [X]
S3 CTEDSPIO.SYS; \SystemRoot\System32\drivers\CTEDSPIO.SYS [X]
S3 CTEDSPSY; system32\drivers\CTEDSPSY.SYS [X]
S3 CTEDSPSY.DLL; \SystemRoot\System32\CTEDSPSY.DLL [X]
S3 CTEDSPSY.SYS; \SystemRoot\System32\drivers\CTEDSPSY.SYS [X]
S3 CTERFXFX; system32\drivers\CTERFXFX.SYS [X]
S3 CTERFXFX.SYS; \SystemRoot\System32\drivers\CTERFXFX.SYS [X]
S3 CTEXFIFX; system32\drivers\CTEXFIFX.SYS [X]
S3 CTEXFIFX.DLL; \SystemRoot\System32\CTEXFIFX.DLL [X]
S3 CTEXFIFX.SYS; \SystemRoot\System32\drivers\CTEXFIFX.SYS [X]
S3 CTHWIUT; system32\drivers\CTHWIUT.SYS [X]
S3 CTHWIUT.DLL; \SystemRoot\System32\CTHWIUT.DLL [X]
S3 CTHWIUT.SYS; \SystemRoot\System32\drivers\CTHWIUT.SYS [X]
S3 ctprxy2k; system32\drivers\ctprxy2k.sys [X]
S3 CTSBLFX; system32\drivers\CTSBLFX.SYS [X]
S3 CTSBLFX.DLL; \SystemRoot\System32\CTSBLFX.DLL [X]
S3 CTSBLFX.SYS; \SystemRoot\System32\drivers\CTSBLFX.SYS [X]
S3 emupia; system32\drivers\emupia2k.sys [X]
S3 ha10kx2k; system32\drivers\ha10kx2k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 11:34 - 2015-03-13 11:34 - 00000000 ____D () C:\Users\Arje\Downloads\FRST-OlderVersion
2015-03-13 11:23 - 2015-03-13 11:23 - 00080672 _____ () C:\Users\Arje\Desktop\JRT.txt
2015-03-13 11:20 - 2015-03-13 11:20 - 01388333 _____ (Thisisu) C:\Users\Arje\Downloads\JRT.exe
2015-03-13 11:18 - 2015-03-13 11:18 - 00005357 _____ () C:\Users\Arje\Desktop\AdwCleaner[S0].txt
2015-03-13 11:04 - 2015-03-13 11:13 - 00000000 ____D () C:\AdwCleaner
2015-03-13 11:04 - 2015-03-13 11:04 - 02171392 _____ () C:\Users\Arje\Downloads\AdwCleaner_4.112.exe
2015-03-13 11:00 - 2015-03-13 11:01 - 00015254 _____ () C:\Users\Arje\Desktop\mbar.txt
2015-03-13 09:18 - 2015-03-13 09:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-13 09:01 - 2015-03-13 09:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-13 09:01 - 2015-03-13 09:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-13 09:01 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 09:01 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-13 08:58 - 2015-03-13 08:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Arje\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-12 13:01 - 2015-03-12 13:01 - 00026175 _____ () C:\ComboFix.txt
2015-03-12 12:32 - 2015-03-12 13:01 - 00000000 ____D () C:\Qoobox
2015-03-12 12:32 - 2015-03-12 13:01 - 00000000 ____D () C:\ComboFix
2015-03-12 12:32 - 2015-03-12 12:58 - 00000000 ____D () C:\Windows\erdnt
2015-03-12 12:32 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-12 12:32 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-12 12:32 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-12 12:29 - 2015-03-12 12:29 - 05613296 ____R (Swearware) C:\Users\Arje\Desktop\ComboFix.exe
2015-03-11 21:26 - 2015-03-13 11:25 - 00055002 _____ () C:\Windows\PFRO.log
2015-03-11 20:59 - 2015-03-11 20:59 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Arje\Desktop\tdsskiller.exe
2015-03-11 20:55 - 2015-03-13 09:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-11 20:54 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-11 20:51 - 2015-03-11 22:01 - 00000000 ____D () C:\Users\Arje\Desktop\mbar
2015-03-11 20:48 - 2015-03-11 20:48 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Arje\Downloads\mbar-1.09.1.1004.exe
2015-03-11 20:43 - 2015-03-11 20:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Arje\Downloads\revosetup95.exe
2015-03-11 20:43 - 2015-03-11 20:43 - 00001264 _____ () C:\Users\Arje\Desktop\Revo Uninstaller.lnk
2015-03-11 20:43 - 2015-03-11 20:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-11 08:55 - 2015-03-11 08:54 - 00380416 _____ () C:\Users\Arje\Desktop\Gmer-19357.exe
2015-03-11 08:54 - 2015-03-11 08:54 - 00380416 _____ () C:\Users\Arje\Downloads\Gmer-19357.exe
2015-03-11 08:52 - 2015-03-13 09:24 - 00000000 ____D () C:\Users\Arje\Documents\Trojanerboard files
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (5)
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (4)
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (3)
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (2)
2015-03-11 08:50 - 2015-03-11 08:50 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner
2015-03-11 08:47 - 2015-03-13 11:34 - 00023326 _____ () C:\Users\Arje\Downloads\FRST.txt
2015-03-11 08:47 - 2015-03-11 08:48 - 00059849 _____ () C:\Users\Arje\Downloads\Addition.txt
2015-03-11 08:46 - 2015-03-13 11:34 - 00000000 ____D () C:\FRST
2015-03-11 08:44 - 2015-03-13 11:34 - 02095616 _____ (Farbar) C:\Users\Arje\Downloads\FRST64.exe
2015-03-11 08:28 - 2015-03-13 11:25 - 00000616 _____ () C:\Windows\setupact.log
2015-03-11 08:28 - 2015-03-11 08:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-11 08:26 - 2015-03-11 08:26 - 00000580 _____ () C:\Users\Arje\Downloads\defogger_disable.log
2015-03-11 08:26 - 2015-03-11 08:26 - 00000020 _____ () C:\Users\Arje\defogger_reenable
2015-03-11 08:25 - 2015-03-11 08:26 - 00050477 _____ () C:\Users\Arje\Downloads\Defogger.exe
2015-03-11 07:40 - 2015-03-11 07:40 - 00011506 _____ () C:\Users\Arje\Documents\cc_20150311_074027.reg
2015-03-09 23:28 - 2015-03-09 23:28 - 00000000 ____D () C:\Program Files\Focusrite
2015-03-09 23:28 - 2011-10-31 15:22 - 00053080 _____ (Focusrite Audio Engineering Ltd.) C:\Windows\system32\Drivers\ffusbaudio.sys
2015-03-09 23:28 - 2011-10-31 15:22 - 00020824 _____ (Novation DMS Ltd.) C:\Windows\system32\nvnusbaudio_coinst.dll
2015-03-09 23:25 - 2015-03-09 23:26 - 00441487 _____ (Focusrite Audio Engineering Ltd. ) C:\Users\Arje\Downloads\focusrite usb driver-1.10.exe
2015-03-09 22:59 - 2015-03-09 23:00 - 00929768 _____ (Focusrite Audio Engineering Limited. ) C:\Users\Arje\Downloads\focusrite-usb-2-driver-2.5.1 (1).exe
2015-03-09 20:52 - 2015-03-09 21:52 - 30704975 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCApp_L6_2_10_00.exe
2015-03-09 20:43 - 2015-03-09 20:43 - 04958588 _____ () C:\Windows\{00000003-00000000-00000007-00001102-00000008-40041102}.CDF
2015-03-09 20:14 - 2015-03-09 20:14 - 00002950 _____ () C:\Users\Arje\Documents\emu.txt
2015-03-09 19:39 - 2015-03-09 20:13 - 34615739 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00_BETA.exe
2015-03-09 18:15 - 2015-03-09 18:15 - 00000000 ____D () C:\Users\Arje\Desktop\bilder 03.03.2015
2015-03-09 16:01 - 2015-03-09 17:05 - 34934920 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00(2).exe
2015-03-09 15:27 - 2015-03-09 15:38 - 02199632 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00(1).exe
2015-03-09 14:26 - 2015-03-09 15:26 - 21421340 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00.exe
2015-03-09 13:31 - 2015-03-09 13:31 - 00001564 _____ () C:\Users\Arje\Documents\cc_20150309_133132.reg
2015-03-09 13:27 - 2015-03-09 13:58 - 25611342 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_L6_1_82_01.exe
2015-02-22 10:13 - 2015-02-22 10:13 - 00000864 _____ () C:\Users\Arje\Desktop\TalosLauncher.exe - Verknüpfung.lnk
2015-02-21 18:23 - 2015-02-21 18:23 - 00000000 ___SH () C:\Users\Arje\AppData\Local\LumaEmu
2015-02-21 18:23 - 2015-02-21 18:23 - 00000000 ____D () C:\Users\Arje\AppData\Local\LumaEmu_SteamCloud
2015-02-21 17:36 - 2015-02-21 17:36 - 00001607 _____ () C:\Users\Public\Desktop\The Talos Principle.lnk
2015-02-21 17:00 - 2015-02-21 17:00 - 00668672 _____ (FragSoft) C:\Windows\system32\isdone.dll
2015-02-21 16:59 - 2015-02-21 17:00 - 00668672 _____ (FragSoft) C:\Users\Arje\Downloads\isdone.dll
2015-02-21 16:56 - 2015-02-21 16:56 - 05344984 _____ (Dll-Files.com ) C:\Users\Arje\Downloads\dffsetup-isdone.exe
2015-02-21 16:54 - 2015-02-21 16:54 - 00014774 _____ () C:\Users\Arje\Documents\cc_20150221_165436.reg
2015-02-21 15:20 - 2015-02-21 15:20 - 00000000 ____D () C:\Users\Arje\Desktop\fms
2015-02-21 15:20 - 2015-01-11 21:41 - 03274752 _____ (The Dark Mod Team ) C:\Users\Arje\Desktop\tdm_update.exe
2015-02-21 11:56 - 2015-02-21 12:30 - 00000000 ____D () C:\Users\Arje\Downloads\The Talos Principle [FitGirl Repack]
2015-02-21 10:10 - 2015-02-21 10:10 - 00000000 ____D () C:\Users\Arje\AppData\Local\Steam
2015-02-13 20:29 - 2015-02-21 11:53 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2015-02-13 12:11 - 2015-02-13 12:51 - 00000000 ____D () C:\Users\Arje\Downloads\Far Cry 4 - Gold Edition [Update 7] (2014) PC RePack by R.G. Freedom
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 11:35 - 2012-05-21 17:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 11:34 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-13 11:34 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-13 11:27 - 2010-02-26 11:39 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-13 11:27 - 2009-12-02 20:08 - 00000144 _____ () C:\service.log
2015-03-13 11:26 - 2012-05-21 17:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-13 11:26 - 2009-12-02 20:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-13 11:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-13 11:24 - 2009-12-02 19:55 - 01100484 _____ () C:\Windows\WindowsUpdate.log
2015-03-13 11:14 - 2014-12-07 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-13 11:02 - 2014-09-01 13:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-13 11:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2015-03-12 13:11 - 2012-04-10 09:07 - 00000000 ____D () C:\AMD
2015-03-12 12:50 - 2009-07-14 03:34 - 00000241 _____ () C:\Windows\system.ini
2015-03-12 12:43 - 2014-08-27 19:19 - 00000000 ____D () C:\Users\Arje\AppData\Local\Adobe
2015-03-11 20:49 - 2009-12-02 20:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-11 20:38 - 2013-07-23 21:01 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-11 20:38 - 2013-07-23 13:44 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-11 20:38 - 2013-07-23 13:44 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-11 08:56 - 2010-05-24 18:15 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\vlc
2015-03-11 08:26 - 2009-12-02 20:02 - 00000000 ____D () C:\Users\Arje
2015-03-11 08:17 - 2010-12-01 18:19 - 00013153 _____ () C:\Users\Arje\Downloads\hijackthis.log
2015-03-11 07:41 - 2011-09-21 18:38 - 00000000 ____D () C:\Soldat
2015-03-11 07:39 - 2009-12-02 21:37 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Winamp
2015-03-10 21:54 - 2014-08-10 08:35 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1407656151
2015-03-10 21:54 - 2014-08-10 08:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-09 23:31 - 2011-07-17 13:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-09 23:12 - 2009-12-02 20:15 - 01682440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-09 23:12 - 2009-07-14 18:58 - 00726214 _____ () C:\Windows\system32\perfh007.dat
2015-03-09 23:12 - 2009-07-14 18:58 - 00159152 _____ () C:\Windows\system32\perfc007.dat
2015-03-09 23:09 - 2011-05-26 08:03 - 00000000 ___RD () C:\Users\Arje\Dropbox
2015-03-09 23:09 - 2011-05-26 08:01 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Dropbox
2015-03-09 23:03 - 2009-12-02 20:49 - 00000000 ____D () C:\Program Files\DIFX
2015-03-09 23:02 - 2009-12-08 12:14 - 00000000 ____D () C:\Windows\SysWOW64\Data
2015-03-09 23:02 - 2009-12-08 12:14 - 00000000 ____D () C:\Windows\system32\Data
2015-03-09 23:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-03-09 22:53 - 2009-12-02 20:09 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-03-09 20:40 - 2009-12-08 12:15 - 00431104 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00409600 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00136192 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-03-09 12:38 - 2014-01-30 22:03 - 00000000 ____D () C:\Users\Arje\Desktop\ESposthumus
2015-03-09 11:25 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-23 08:44 - 2009-12-07 12:59 - 00000000 ____D () C:\Filme
2015-02-21 18:18 - 2012-09-24 12:28 - 00007609 _____ () C:\Users\Arje\AppData\Local\Resmon.ResmonCfg
2015-02-21 16:38 - 2012-04-17 09:55 - 00000000 ____D () C:\Games
2015-02-21 15:22 - 2009-12-07 13:09 - 00000000 ____D () C:\Spiele
2015-02-21 12:51 - 2012-08-23 17:11 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\uTorrent
2015-02-14 01:23 - 2010-01-24 18:57 - 00000000 ____D () C:\Users\Arje\Documents\My Games
2015-02-13 20:24 - 2009-12-07 13:01 - 00000000 ____D () C:\Ablage
2015-02-12 15:07 - 2011-05-26 08:01 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-11 21:44 - 2013-07-23 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
==================== Files in the root of some directories =======
2010-06-08 06:11 - 2010-06-08 06:11 - 0003584 _____ () C:\Users\Arje\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-04 15:02 - 2012-04-04 15:02 - 0000092 _____ () C:\Users\Arje\AppData\Local\fusioncache.dat
2015-02-21 18:23 - 2015-02-21 18:23 - 0000000 ___SH () C:\Users\Arje\AppData\Local\LumaEmu
2012-09-24 12:28 - 2015-02-21 18:18 - 0007609 _____ () C:\Users\Arje\AppData\Local\Resmon.ResmonCfg
2010-04-08 21:33 - 2010-04-08 21:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some content of TEMP:
====================
C:\Users\Arje\AppData\Local\Temp\avgnt.exe
C:\Users\Arje\AppData\Local\Temp\Quarantine.exe
C:\Users\Arje\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-09 13:53
==================== End Of Log ============================
|
|
13.03.2015, 15:26
| #11 |
| /// the machine /// TB-Ausbilder | Win7 ständig 70-100% CPU AuslastungESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.03.2015, 19:49
| #12 |
| | Win7 ständig 70-100% CPU Auslastung Hallo! Ordner c:/Programme/Eset nicht gefunden. Ich mache jetzt einen Neustart und dann werde ich schreiben, welche Probleme noch da sind: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=40f323b0299aa94cbf1ab4f3031b0d7b
# engine=22893
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-13 05:57:48
# local_time=2015-03-13 06:57:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1='COMODO Antivirus'
# compatibility_mode=3074 16777213 100 100 41285316 128585450 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 224114 178675139 0 0
# scanned=454524
# found=10
# cleaned=0
# scan_time=11001
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=A20C2805001C00AB67160C73D6FA0576941E05CF ft=1 fh=3adbe17ce52f1d8b vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arje\AppData\Local\Babylon\Setup\Setup.exe.vir"
sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arje\AppData\Local\Chromium\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\10.31.4.510_0\APISupport\APISupport.dll.vir"
sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arje\AppData\Local\Chromium\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir"
sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arje\AppData\Local\Chromium\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir"
sh=BBC107B3C4335A094162EA909ED16DEC2B56B01F ft=1 fh=421fc8cb27121ff1 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arje\Documents\Downloads\Integrated_FreewareDE.exe"
sh=B81622A5B9BB23083D90FAD77D0D5EEF7B6E6A8A ft=1 fh=295a60c62ef2fe00 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arje\Downloads\dffsetup-isdone.exe"
sh=BA874A9D6EEF9725F59ABFCEA6B4F3DED75E8458 ft=1 fh=92d9349641cbef10 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Arje\Downloads\PSeMu3_Setup.exe"
sh=F4E1A0B30C2633EC3585AEDEB8E3164CF1D0694F ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAH Trojaner" ac=I fn="C:\Users\Arje\Downloads\rld-tesvskdb.iso"
sh=3C9DD80D994CEA5C7433EA6DB711A816D69F6721 ft=0 fh=0000000000000000 vn="Win32/Packed.VMProtect.D Trojaner" ac=I fn="C:\Users\Arje\Downloads\Anno 1404 with Venice Expansion Pack\3.Anno 1404 Venice.iso"
Code:
ATTFilter Results of screen317's Security Check version 0.99.97
Windows 7 x64
Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities Language Pack (de-DE)
DH Driver Cleaner Professional Edition
Wise Registry Cleaner 5.8.7
Java 7 Update 67
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.305
Adobe Reader XI
Mozilla Firefox (36.0.1)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Also: Schlechte Nachrichten. Mein System ist jetzt zwar wohl Malware/Viren befreit, allerdings bricht es sich immer noch einen ab. Sobald hochgefahren bleibt er erstmal bei 100% und es dauert eine Ewigkeit bis er benutzbar wird. In dem Moment wo ich das hier schreibe, wechselt die Auslastung zweischen 50-60% relativ grundlos, habe nichts anderes offen als genau diese Seite hier... Erst 10 Minuten später ca geht die Prozessorleistung runter. Das Paradoxe: Wenn man auf Anwendungen klickt und die Summe der einzelnen Prozesse bildet kommt ich immer auf maximal 2-5%. Angezeigt wird aber 70-80% Könnte ein Treiberkonflikt die Ursache sein? Zusammenfassend:
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Arje (administrator) on MUSICMASHINE on 13-03-2015 19:33:20
Running from C:\Users\Arje\Downloads
Loaded Profiles: Arje (Available profiles: Arje)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Macrovision ) C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SafeNet, Inc.) C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-18\...\Run: [DevconDefaultDB] => C:\Windows\system32\READREG /SILENT /FAIL=1
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arje\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-454721375-3589406793-525374796-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-454721375-3589406793-525374796-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com?fr=fp-comodo
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-454721375-3589406793-525374796-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-13] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Arje\AppData\Roaming\Mozilla\Firefox\Profiles\wo46mp0t.default-1403853177353
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-13] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2011-10-20] (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll [2010-09-01] (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-454721375-3589406793-525374796-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Arje\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-02] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll [2008-12-10] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-09-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-09-05] (Apple Inc.)
FF Extension: Adblock Plus - C:\Users\Arje\AppData\Roaming\Mozilla\Firefox\Profiles\wo46mp0t.default-1403853177353\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-27]
FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files (x86)\Mozilla Firefox\extensions\{24fa9f3a-3dc5-3c58-1c00-5d6e2b2098ca} [2015-03-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-03-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-03-13]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [Not Found]
Opera:
=======
OPR Extension: (Leo Recherche) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\aenohohbcbcaeadlkkejbceglpdfldig [2014-08-10]
OPR Extension: (Adguard AdBlocker) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2014-08-10]
OPR Extension: (Translator) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2014-08-10]
OPR Extension: (Torrents MultiSearch) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\gckmaajnanfnjncainlndbogelcipljj [2014-08-10]
OPR Extension: (GetThemAll - Any file downloader) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipjignndhlpeimkmgpfnappdcohjealh [2014-08-10]
OPR Extension: (Die Amazon 1Button App) - C:\Users\Arje\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2014-08-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-12-03] (Adobe Systems) [File not signed]
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-11] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-10-25] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-10-25] (BlueStack Systems, Inc.)
R2 cmdagent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-03-02] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-12-15] (Macrovision Europe Ltd.) [File not signed]
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [85184 2010-03-13] (Macrovision )
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2007-10-23] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [40496 2008-11-11] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [50736 2008-11-11] (National Instruments Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [213552 2008-11-11] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2008-11-18] (Macrovision Corporation) [File not signed]
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [8656 2007-11-06] (National Instruments Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-16] ()
R2 SACSrv; C:\Program Files\Common Files\Aladdin Shared\eToken\SAC\x64\SACSrv.exe [8904 2011-01-13] (SafeNet, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [368832 2009-11-05] (AfaTech )
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-11-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-28] (Avira Operations GmbH & Co. KG)
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-10-25] (BlueStack Systems)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 FFUsbAudio; C:\Windows\System32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Ltd.)
R3 iKeyEnum; C:\Windows\System32\DRIVERS\ikeyenum.sys [16160 2010-03-18] (SafeNet, Inc.)
R3 iKeyIFD; C:\Windows\System32\DRIVERS\ikeyifd.sys [22304 2010-03-18] (SafeNet, Inc.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-11-20] ()
U5 RnbToken; C:\Windows\System32\Drivers\RnbToken.sys [24352 2010-03-18] (SafeNet, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2009-12-07] (Duplex Secure Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [50688 2010-04-19] (Apple, Inc.) [File not signed]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 COMMONFX; system32\drivers\COMMONFX.SYS [X]
S3 COMMONFX.DLL; \SystemRoot\System32\COMMONFX.DLL [X]
S3 COMMONFX.SYS; \SystemRoot\System32\drivers\COMMONFX.SYS [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CT20XUT; system32\drivers\CT20XUT.SYS [X]
S3 CT20XUT.DLL; \SystemRoot\System32\CT20XUT.DLL [X]
S3 CT20XUT.SYS; \SystemRoot\System32\drivers\CT20XUT.SYS [X]
S3 ctac32k; system32\drivers\ctac32k.sys [X]
S3 ctaud2k; system32\drivers\ctaud2k.sys [X]
S3 CTAUDFX; system32\drivers\CTAUDFX.SYS [X]
S3 CTAUDFX.DLL; \SystemRoot\System32\CTAUDFX.DLL [X]
S3 CTAUDFX.SYS; \SystemRoot\System32\drivers\CTAUDFX.SYS [X]
S3 CTEAPSFX; system32\drivers\CTEAPSFX.SYS [X]
S3 CTEAPSFX.DLL; \SystemRoot\System32\CTEAPSFX.DLL [X]
S3 CTEAPSFX.SYS; \SystemRoot\System32\drivers\CTEAPSFX.SYS [X]
S3 CTEDSPFX; system32\drivers\CTEDSPFX.SYS [X]
S3 CTEDSPFX.DLL; \SystemRoot\System32\CTEDSPFX.DLL [X]
S3 CTEDSPFX.SYS; \SystemRoot\System32\drivers\CTEDSPFX.SYS [X]
S3 CTEDSPIO; system32\drivers\CTEDSPIO.SYS [X]
S3 CTEDSPIO.DLL; \SystemRoot\System32\CTEDSPIO.DLL [X]
S3 CTEDSPIO.SYS; \SystemRoot\System32\drivers\CTEDSPIO.SYS [X]
S3 CTEDSPSY; system32\drivers\CTEDSPSY.SYS [X]
S3 CTEDSPSY.DLL; \SystemRoot\System32\CTEDSPSY.DLL [X]
S3 CTEDSPSY.SYS; \SystemRoot\System32\drivers\CTEDSPSY.SYS [X]
S3 CTERFXFX; system32\drivers\CTERFXFX.SYS [X]
S3 CTERFXFX.SYS; \SystemRoot\System32\drivers\CTERFXFX.SYS [X]
S3 CTEXFIFX; system32\drivers\CTEXFIFX.SYS [X]
S3 CTEXFIFX.DLL; \SystemRoot\System32\CTEXFIFX.DLL [X]
S3 CTEXFIFX.SYS; \SystemRoot\System32\drivers\CTEXFIFX.SYS [X]
S3 CTHWIUT; system32\drivers\CTHWIUT.SYS [X]
S3 CTHWIUT.DLL; \SystemRoot\System32\CTHWIUT.DLL [X]
S3 CTHWIUT.SYS; \SystemRoot\System32\drivers\CTHWIUT.SYS [X]
S3 ctprxy2k; system32\drivers\ctprxy2k.sys [X]
S3 CTSBLFX; system32\drivers\CTSBLFX.SYS [X]
S3 CTSBLFX.DLL; \SystemRoot\System32\CTSBLFX.DLL [X]
S3 CTSBLFX.SYS; \SystemRoot\System32\drivers\CTSBLFX.SYS [X]
S3 emupia; system32\drivers\emupia2k.sys [X]
S3 ha10kx2k; system32\drivers\ha10kx2k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 19:06 - 2015-03-13 19:06 - 00852604 _____ () C:\Users\Arje\Downloads\SecurityCheck.exe
2015-03-13 19:06 - 2015-03-13 19:06 - 00852604 _____ () C:\Users\Arje\Desktop\SecurityCheck.exe
2015-03-13 15:49 - 2015-03-13 15:49 - 02347384 _____ (ESET) C:\Users\Arje\Downloads\esetsmartinstaller_deu.exe
2015-03-13 11:34 - 2015-03-13 11:34 - 00000000 ____D () C:\Users\Arje\Downloads\FRST-OlderVersion
2015-03-13 11:23 - 2015-03-13 11:23 - 00080672 _____ () C:\Users\Arje\Desktop\JRT.txt
2015-03-13 11:20 - 2015-03-13 11:20 - 01388333 _____ (Thisisu) C:\Users\Arje\Downloads\JRT.exe
2015-03-13 11:18 - 2015-03-13 11:18 - 00005357 _____ () C:\Users\Arje\Desktop\AdwCleaner[S0].txt
2015-03-13 11:04 - 2015-03-13 11:13 - 00000000 ____D () C:\AdwCleaner
2015-03-13 11:04 - 2015-03-13 11:04 - 02171392 _____ () C:\Users\Arje\Downloads\AdwCleaner_4.112.exe
2015-03-13 11:00 - 2015-03-13 11:01 - 00015254 _____ () C:\Users\Arje\Desktop\mbar.txt
2015-03-13 09:18 - 2015-03-13 09:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-13 09:01 - 2015-03-13 09:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-13 09:01 - 2015-03-13 09:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-13 09:01 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-13 09:01 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-13 08:58 - 2015-03-13 08:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Arje\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-12 13:01 - 2015-03-12 13:01 - 00026175 _____ () C:\ComboFix.txt
2015-03-12 12:32 - 2015-03-12 13:01 - 00000000 ____D () C:\Qoobox
2015-03-12 12:32 - 2015-03-12 13:01 - 00000000 ____D () C:\ComboFix
2015-03-12 12:32 - 2015-03-12 12:58 - 00000000 ____D () C:\Windows\erdnt
2015-03-12 12:32 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-12 12:32 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-12 12:32 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-12 12:32 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-12 12:29 - 2015-03-12 12:29 - 05613296 ____R (Swearware) C:\Users\Arje\Desktop\ComboFix.exe
2015-03-11 21:26 - 2015-03-13 15:00 - 00055376 _____ () C:\Windows\PFRO.log
2015-03-11 20:59 - 2015-03-11 20:59 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Arje\Desktop\tdsskiller.exe
2015-03-11 20:55 - 2015-03-13 09:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-11 20:54 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-11 20:51 - 2015-03-11 22:01 - 00000000 ____D () C:\Users\Arje\Desktop\mbar
2015-03-11 20:48 - 2015-03-11 20:48 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Arje\Downloads\mbar-1.09.1.1004.exe
2015-03-11 20:43 - 2015-03-11 20:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Arje\Downloads\revosetup95.exe
2015-03-11 20:43 - 2015-03-11 20:43 - 00001264 _____ () C:\Users\Arje\Desktop\Revo Uninstaller.lnk
2015-03-11 20:43 - 2015-03-11 20:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-11 08:55 - 2015-03-11 08:54 - 00380416 _____ () C:\Users\Arje\Desktop\Gmer-19357.exe
2015-03-11 08:54 - 2015-03-11 08:54 - 00380416 _____ () C:\Users\Arje\Downloads\Gmer-19357.exe
2015-03-11 08:52 - 2015-03-13 09:24 - 00000000 ____D () C:\Users\Arje\Documents\Trojanerboard files
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (5)
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (4)
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (3)
2015-03-11 08:51 - 2015-03-11 08:51 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner (2)
2015-03-11 08:50 - 2015-03-11 08:50 - 00000000 ____D () C:\Users\Arje\Documents\Neuer Ordner
2015-03-11 08:47 - 2015-03-13 19:33 - 00023634 _____ () C:\Users\Arje\Downloads\FRST.txt
2015-03-11 08:47 - 2015-03-11 08:48 - 00059849 _____ () C:\Users\Arje\Downloads\Addition.txt
2015-03-11 08:46 - 2015-03-13 19:33 - 00000000 ____D () C:\FRST
2015-03-11 08:44 - 2015-03-13 11:34 - 02095616 _____ (Farbar) C:\Users\Arje\Downloads\FRST64.exe
2015-03-11 08:28 - 2015-03-13 19:28 - 00000840 _____ () C:\Windows\setupact.log
2015-03-11 08:28 - 2015-03-11 08:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-11 08:26 - 2015-03-11 08:26 - 00000580 _____ () C:\Users\Arje\Downloads\defogger_disable.log
2015-03-11 08:26 - 2015-03-11 08:26 - 00000020 _____ () C:\Users\Arje\defogger_reenable
2015-03-11 08:25 - 2015-03-11 08:26 - 00050477 _____ () C:\Users\Arje\Downloads\Defogger.exe
2015-03-11 07:40 - 2015-03-11 07:40 - 00011506 _____ () C:\Users\Arje\Documents\cc_20150311_074027.reg
2015-03-09 23:28 - 2015-03-09 23:28 - 00000000 ____D () C:\Program Files\Focusrite
2015-03-09 23:28 - 2011-10-31 15:22 - 00053080 _____ (Focusrite Audio Engineering Ltd.) C:\Windows\system32\Drivers\ffusbaudio.sys
2015-03-09 23:28 - 2011-10-31 15:22 - 00020824 _____ (Novation DMS Ltd.) C:\Windows\system32\nvnusbaudio_coinst.dll
2015-03-09 23:25 - 2015-03-09 23:26 - 00441487 _____ (Focusrite Audio Engineering Ltd. ) C:\Users\Arje\Downloads\focusrite usb driver-1.10.exe
2015-03-09 22:59 - 2015-03-09 23:00 - 00929768 _____ (Focusrite Audio Engineering Limited. ) C:\Users\Arje\Downloads\focusrite-usb-2-driver-2.5.1 (1).exe
2015-03-09 20:52 - 2015-03-09 21:52 - 30704975 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCApp_L6_2_10_00.exe
2015-03-09 20:43 - 2015-03-09 20:43 - 04958588 _____ () C:\Windows\{00000003-00000000-00000007-00001102-00000008-40041102}.CDF
2015-03-09 20:14 - 2015-03-09 20:14 - 00002950 _____ () C:\Users\Arje\Documents\emu.txt
2015-03-09 19:39 - 2015-03-09 20:13 - 34615739 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00_BETA.exe
2015-03-09 18:15 - 2015-03-09 18:15 - 00000000 ____D () C:\Users\Arje\Desktop\bilder 03.03.2015
2015-03-09 16:01 - 2015-03-09 17:05 - 34934920 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00(2).exe
2015-03-09 15:27 - 2015-03-09 15:38 - 02199632 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00(1).exe
2015-03-09 14:26 - 2015-03-09 15:26 - 21421340 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_US_2_30_00.exe
2015-03-09 13:31 - 2015-03-09 13:31 - 00001564 _____ () C:\Users\Arje\Documents\cc_20150309_133132.reg
2015-03-09 13:27 - 2015-03-09 13:58 - 25611342 _____ (Creative Technology Ltd) C:\Users\Arje\Downloads\EmuPMX_PCDrv_L6_1_82_01.exe
2015-02-22 10:13 - 2015-02-22 10:13 - 00000864 _____ () C:\Users\Arje\Desktop\TalosLauncher.exe - Verknüpfung.lnk
2015-02-21 18:23 - 2015-02-21 18:23 - 00000000 ___SH () C:\Users\Arje\AppData\Local\LumaEmu
2015-02-21 18:23 - 2015-02-21 18:23 - 00000000 ____D () C:\Users\Arje\AppData\Local\LumaEmu_SteamCloud
2015-02-21 17:36 - 2015-02-21 17:36 - 00001607 _____ () C:\Users\Public\Desktop\The Talos Principle.lnk
2015-02-21 17:00 - 2015-02-21 17:00 - 00668672 _____ (FragSoft) C:\Windows\system32\isdone.dll
2015-02-21 16:59 - 2015-02-21 17:00 - 00668672 _____ (FragSoft) C:\Users\Arje\Downloads\isdone.dll
2015-02-21 16:56 - 2015-02-21 16:56 - 05344984 _____ (Dll-Files.com ) C:\Users\Arje\Downloads\dffsetup-isdone.exe
2015-02-21 16:54 - 2015-02-21 16:54 - 00014774 _____ () C:\Users\Arje\Documents\cc_20150221_165436.reg
2015-02-21 15:20 - 2015-02-21 15:20 - 00000000 ____D () C:\Users\Arje\Desktop\fms
2015-02-21 15:20 - 2015-01-11 21:41 - 03274752 _____ (The Dark Mod Team ) C:\Users\Arje\Desktop\tdm_update.exe
2015-02-21 11:56 - 2015-02-21 12:30 - 00000000 ____D () C:\Users\Arje\Downloads\The Talos Principle [FitGirl Repack]
2015-02-21 10:10 - 2015-02-21 10:10 - 00000000 ____D () C:\Users\Arje\AppData\Local\Steam
2015-02-13 20:29 - 2015-02-21 11:53 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2015-02-13 12:11 - 2015-02-13 12:51 - 00000000 ____D () C:\Users\Arje\Downloads\Far Cry 4 - Gold Edition [Update 7] (2014) PC RePack by R.G. Freedom
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 19:32 - 2010-05-24 18:15 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\vlc
2015-03-13 19:30 - 2010-02-26 11:39 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-13 19:30 - 2009-12-02 20:08 - 00000144 _____ () C:\service.log
2015-03-13 19:28 - 2012-05-21 17:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-13 19:28 - 2009-12-02 20:50 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-13 19:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-13 19:27 - 2009-12-02 19:55 - 01112879 _____ () C:\Windows\WindowsUpdate.log
2015-03-13 19:02 - 2014-09-01 13:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-13 18:35 - 2012-05-21 17:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 15:50 - 2009-12-02 20:15 - 01682440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-13 15:50 - 2009-07-14 18:58 - 00726214 _____ () C:\Windows\system32\perfh007.dat
2015-03-13 15:50 - 2009-07-14 18:58 - 00159152 _____ () C:\Windows\system32\perfc007.dat
2015-03-13 15:11 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-13 15:11 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-13 14:54 - 2009-12-08 12:14 - 00000000 ____D () C:\Program Files (x86)\Creative Professional
2015-03-13 11:14 - 2014-12-07 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-13 11:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2015-03-12 13:11 - 2012-04-10 09:07 - 00000000 ____D () C:\AMD
2015-03-12 12:50 - 2009-07-14 03:34 - 00000241 _____ () C:\Windows\system.ini
2015-03-12 12:43 - 2014-08-27 19:19 - 00000000 ____D () C:\Users\Arje\AppData\Local\Adobe
2015-03-11 20:49 - 2009-12-02 20:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-11 20:38 - 2013-07-23 21:01 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-11 20:38 - 2013-07-23 13:44 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-11 20:38 - 2013-07-23 13:44 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-11 08:26 - 2009-12-02 20:02 - 00000000 ____D () C:\Users\Arje
2015-03-11 08:17 - 2010-12-01 18:19 - 00013153 _____ () C:\Users\Arje\Downloads\hijackthis.log
2015-03-11 07:41 - 2011-09-21 18:38 - 00000000 ____D () C:\Soldat
2015-03-11 07:39 - 2009-12-02 21:37 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Winamp
2015-03-10 21:54 - 2014-08-10 08:35 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1407656151
2015-03-10 21:54 - 2014-08-10 08:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-09 23:31 - 2011-07-17 13:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-09 23:09 - 2011-05-26 08:03 - 00000000 ___RD () C:\Users\Arje\Dropbox
2015-03-09 23:09 - 2011-05-26 08:01 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Dropbox
2015-03-09 23:03 - 2009-12-02 20:49 - 00000000 ____D () C:\Program Files\DIFX
2015-03-09 23:02 - 2009-12-08 12:14 - 00000000 ____D () C:\Windows\SysWOW64\Data
2015-03-09 23:02 - 2009-12-08 12:14 - 00000000 ____D () C:\Windows\system32\Data
2015-03-09 23:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-03-09 22:53 - 2009-12-02 20:09 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-03-09 20:40 - 2009-12-08 12:15 - 00431104 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00409600 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00136192 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-03-09 20:40 - 2009-12-08 12:15 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-03-09 12:38 - 2014-01-30 22:03 - 00000000 ____D () C:\Users\Arje\Desktop\ESposthumus
2015-03-09 11:25 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-23 08:44 - 2009-12-07 12:59 - 00000000 ____D () C:\Filme
2015-02-21 18:18 - 2012-09-24 12:28 - 00007609 _____ () C:\Users\Arje\AppData\Local\Resmon.ResmonCfg
2015-02-21 16:38 - 2012-04-17 09:55 - 00000000 ____D () C:\Games
2015-02-21 15:22 - 2009-12-07 13:09 - 00000000 ____D () C:\Spiele
2015-02-21 12:51 - 2012-08-23 17:11 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\uTorrent
2015-02-14 01:23 - 2010-01-24 18:57 - 00000000 ____D () C:\Users\Arje\Documents\My Games
2015-02-13 20:24 - 2009-12-07 13:01 - 00000000 ____D () C:\Ablage
2015-02-12 15:07 - 2011-05-26 08:01 - 00000000 ____D () C:\Users\Arje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-11 21:44 - 2013-07-23 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
==================== Files in the root of some directories =======
2010-06-08 06:11 - 2010-06-08 06:11 - 0003584 _____ () C:\Users\Arje\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-04 15:02 - 2012-04-04 15:02 - 0000092 _____ () C:\Users\Arje\AppData\Local\fusioncache.dat
2015-02-21 18:23 - 2015-02-21 18:23 - 0000000 ___SH () C:\Users\Arje\AppData\Local\LumaEmu
2012-09-24 12:28 - 2015-02-21 18:18 - 0007609 _____ () C:\Users\Arje\AppData\Local\Resmon.ResmonCfg
2010-04-08 21:33 - 2010-04-08 21:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some content of TEMP:
====================
C:\Users\Arje\AppData\Local\Temp\avgnt.exe
C:\Users\Arje\AppData\Local\Temp\Quarantine.exe
C:\Users\Arje\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-09 13:53
==================== End Of Log ============================
--- --- --- --- --- --- |
|
14.03.2015, 10:28
| #13 |
| /// the machine /// TB-Ausbilder | Win7 ständig 70-100% CPU Auslastung erstmal bitte Windows updaten, da fehlen 5 jahre Updates.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.03.2015, 13:11
| #14 |
| | Win7 ständig 70-100% CPU Auslastung Was ???42 Updates? Ich hab im Januar erst alles upgedatet...  Die haben doch niemals in 2 Monaten 42 Updates rausgebracht, oder? Er installiert sie gerade... Ok:
Es ist zum wahnsinnig werden...!!! Warte auf weitere Instruktionen...  |
|
14.03.2015, 17:18
| #15 | |
| /// the machine /// TB-Ausbilder | Win7 ständig 70-100% CPU AuslastungZitat:
 Da fehlt Servicepack 1, das kam 2011 raus und fehlt hier komplett
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
dann auf 
und dann auf 
. 
Linear-Darstellung
