| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus nach Adobe-aktualisierung?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
28.05.2013, 22:16
| #1 | |
 |  Virus nach Adobe-aktualisierung? Hallo, heute tauchte bei mienem PC eine meldung auf, dass mein Adobe-Programm (vermutlich der Flashplayer) aktualisiert werden sollte. Nachdem ich die Meldung bestätigt habe und hat mein Antivirusprogramm (Avira) einen gefundenen Virus gemeldet: Zitat:
Vielen Dank! |
|
28.05.2013, 22:29
| #2 |
| /// the machine /// TB-Ausbilder    | Virus nach Adobe-aktualisierung? Hi,
__________________Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
__________________ |
|
29.05.2013, 10:03
| #3 |
| | Virus nach Adobe-aktualisierung? Danke für die Rückmeldung
__________________OTL.Txt Code:
ATTFilter OTL logfile created on: 29.05.2013 10:42:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\abc\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,28% Memory free 5,98 Gb Paging File | 4,28 Gb Available in Paging File | 71,58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 285,47 Gb Total Space | 165,75 Gb Free Space | 58,06% Space Free | Partition Type: NTFS Drive D: | 1,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: abc-PC | User Name: abc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\abc\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation) PRC - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation) PRC - C:\Windows\OEM04Mon.exe (Creative Technology Ltd.) PRC - C:\Programme\TVG\DasTelefonbuch GelbeSeiten Map & Route\win32\officemanager\OMAlarm.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Programme\TVG\DasTelefonbuch GelbeSeiten Map & Route\win32\officemanager\OMAlarm.exe () ========== Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Te.Service) -- C:\Programme\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation) SRV - (fussvc) -- C:\Programme\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation) SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (ScrybeUpdater) -- C:\Programme\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (VSPerfDrv110) -- C:\Programme\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys (Microsoft Corporation) DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.) DRV - (acsock) -- C:\Windows\System32\drivers\acsock.sys (Cisco Systems, Inc.) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (OEM04Vid) -- C:\Windows\System32\drivers\OEM04Vid.sys (Creative Technology Ltd.) DRV - (OEM04Vfx) -- C:\Windows\System32\drivers\OEM04Vfx.sys (EyePower Games Pte. Ltd.) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 D3 A3 17 3B F7 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.22 09:19:33 | 000,000,000 | ---D | M] [2011.10.17 08:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\abc\AppData\Roaming\mozilla\Extensions [2012.12.27 16:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\abc\AppData\Roaming\mozilla\Firefox\Profiles\ci9dlxw2.default\extensions [2013.05.22 09:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.22 09:19:38 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [OEM04Mon.exe] C:\Windows\OEM04Mon.exe (Creative Technology Ltd.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\abc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42F893E3-E64D-4DC7-9973-E0F30DD02CCC}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42F893E3-E64D-4DC7-9973-E0F30DD02CCC}: NameServer = 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74558793-B7E4-4C2A-A12D-670F0DDE9738}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012.07.27 00:54:54 | 000,000,066 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{24a8450c-f837-11e0-a011-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{24a8450c-f837-11e0-a011-806e6f6e6963}\Shell\AutoRun\command - "" = D:\vs_professional.exe -- [2012.07.27 19:19:11 | 000,994,216 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.29 10:34:38 | 000,000,000 | ---D | C] -- C:\Users\abc\Documents\Visual Studio 2012 [2013.05.29 10:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch [2013.05.29 10:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK - Deutsch [2013.05.29 10:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2013.05.29 10:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier [2013.05.29 10:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit [2013.05.29 10:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits [2013.05.29 10:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft [2013.05.29 10:26:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions [2013.05.29 10:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ASP.NET [2013.05.29 10:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Web Tools [2013.05.29 10:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2013.05.29 10:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\IIS Express [2013.05.29 10:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\NuGet [2013.05.29 10:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WCF Data Services [2013.05.29 10:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\IIS [2013.05.29 10:18:20 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2013.05.29 10:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Kits [2013.05.29 10:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\HTML Help Workshop [2013.05.29 10:10:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033 [2013.05.29 10:10:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\1031 [2013.05.29 10:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs [2013.05.29 10:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules [2013.05.29 10:03:03 | 000,000,000 | ---D | C] -- C:\Windows\symbols [2013.05.29 10:01:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 [2013.05.29 10:01:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 11.0 [2013.05.28 23:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2013.05.28 23:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2013.05.28 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\e-academy Inc [2013.05.28 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\e-academy Inc [2013.05.22 21:40:50 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\TUM-WIN [2013.05.22 09:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.05.20 10:09:33 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\Speicherkarte Bilder 20-5-13 [2013.05.15 23:51:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll [2013.05.15 23:51:36 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.05.15 23:51:25 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.15 23:51:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.05.15 23:51:25 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.05.15 23:51:25 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.15 23:51:20 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2013.05.15 23:51:06 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2013.05.15 23:51:06 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe ========== Files - Modified Within 30 Days ========== [2013.05.29 10:02:00 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.29 10:01:58 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.29 10:00:43 | 000,698,194 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.29 10:00:43 | 000,653,232 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.29 10:00:43 | 000,148,858 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.29 10:00:43 | 000,121,634 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.29 09:56:17 | 000,000,546 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job [2013.05.29 09:53:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.29 09:53:07 | 2408,087,552 | -HS- | M] () -- C:\hiberfil.sys [2013.05.28 23:03:09 | 000,037,612 | ---- | M] () -- C:\Users\abc\Documents\Key Visual Studio 2010 Professiobal.PNG [2013.05.28 22:36:43 | 000,045,223 | ---- | M] () -- C:\Users\abc\Documents\Key Windows8 und Visual Studio Ultimate.PNG [2013.05.28 22:24:36 | 000,003,139 | ---- | M] () -- C:\Users\abc\Desktop\Secure Download Manager.lnk [2013.05.28 22:21:19 | 000,034,685 | ---- | M] () -- C:\Users\abc\Documents\Key Microsoft Visual Studio.PNG [2013.05.28 21:47:05 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.05.28 21:47:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.05.20 00:21:34 | 000,357,138 | ---- | M] () -- C:\Users\abc\Documents\asos bestell 2.PNG [2013.05.16 17:08:41 | 003,854,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.14 18:34:54 | 000,072,819 | ---- | M] () -- C:\Users\abc\Desktop\IMMATRIKULATIONSBESCHEINIGUNG.pdf [2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe ========== Files Created - No Company Name ========== [2013.05.29 10:22:16 | 000,002,059 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk [2013.05.28 23:03:09 | 000,037,612 | ---- | C] () -- C:\Users\abc\Documents\Key Visual Studio 2010 Professiobal.PNG [2013.05.28 22:36:43 | 000,045,223 | ---- | C] () -- C:\Users\abc\Documents\Key Windows8 und Visual Studio Ultimate.PNG [2013.05.28 22:24:36 | 000,003,139 | ---- | C] () -- C:\Users\abc\Desktop\Secure Download Manager.lnk [2013.05.28 22:21:19 | 000,034,685 | ---- | C] () -- C:\Users\abc\Documents\Key Microsoft Visual Studio.PNG [2013.05.20 00:21:34 | 000,357,138 | ---- | C] () -- C:\Users\abc\Documents\asos bestell 2.PNG [2013.05.14 18:34:54 | 000,072,819 | ---- | C] () -- C:\Users\abc\Desktop\IMMATRIKULATIONSBESCHEINIGUNG.pdf [2012.04.01 10:37:33 | 000,000,297 | ---- | C] () -- C:\Users\abc\K_Clusterzentren.mat [2012.03.11 14:46:56 | 000,000,337 | ---- | C] () -- C:\Users\abc\AppData\Local\Perfmon.PerfmonCfg [2012.02.08 23:45:41 | 000,003,728 | ---- | C] () -- C:\Users\abc\.Xauthority [2011.12.19 02:54:55 | 000,003,584 | ---- | C] () -- C:\Users\abc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.11.13 12:41:02 | 000,125,952 | ---- | C] () -- C:\Windows\System32\ZLhp2600.DLL [2011.11.13 12:40:26 | 000,337,920 | ---- | C] () -- C:\Windows\System32\ZSHP2600.EXE [2011.11.06 20:39:00 | 000,212,992 | ---- | C] () -- C:\Windows\System32\WMIMPLEX.dll [2011.11.06 20:39:00 | 000,031,744 | ---- | C] () -- C:\Windows\System32\maplec.dll [2011.11.06 20:39:00 | 000,020,480 | ---- | C] () -- C:\Windows\System32\maplecompat.dll [2011.10.18 15:10:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.10.17 14:32:32 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2011.10.17 09:03:19 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Extras.Txt Code:
ATTFilter OTL Extras logfile created on: 29.05.2013 10:42:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\abc\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 45,28% Memory free
5,98 Gb Paging File | 4,28 Gb Available in Paging File | 71,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,47 Gb Total Space | 165,75 Gb Free Space | 58,06% Space Free | Partition Type: NTFS
Drive D: | 1,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: abc-PC | User Name: abc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0670BFC8-E329-4575-ACF4-8A106B473EBF}" = rport=137 | protocol=17 | dir=out | app=system |
"{1C00987B-D0C8-4D80-966E-93B7AEE3E81A}" = rport=445 | protocol=6 | dir=out | app=system |
"{219EC414-108D-4AEE-A36E-A1B9CF45EF30}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22FA8EE2-E6AD-473F-9D82-E716F4DE4851}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D58E453-F32A-486B-A504-724ABABCD248}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{398945FF-607B-4AB0-B185-62BB1D4000D4}" = rport=138 | protocol=17 | dir=out | app=system |
"{4702CFAE-9947-44A5-8F3B-1E41FB122025}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4C6AD1F6-6F49-4925-B8E0-F45324CB1E56}" = lport=3702 | protocol=17 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{63E85681-1346-4050-AFCA-AE71CED77A2F}" = rport=139 | protocol=6 | dir=out | app=system |
"{81677B64-C732-4D26-84A2-6E1BC6889614}" = lport=137 | protocol=17 | dir=in | app=system |
"{A03B5B71-1A13-468A-9C46-8757EFF3A595}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B07EBCE6-5275-4C20-81CA-47F8A73411BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B7BBA457-2B4B-40D9-928D-EAE19FE53CAB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D52CCBD5-C859-41C1-BC73-42F520C0641C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ED7702F0-E5F6-4803-9E2E-0ADD31F02D5E}" = lport=445 | protocol=6 | dir=in | app=system |
"{F5AED12D-193A-452C-B188-6E3E48CFB08A}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C9A587-2BB3-4330-90C9-030506B7C011}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{040D999E-C07B-4060-8FA6-39AD54331750}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{116953CC-48BB-4768-BA13-9C77E5B8928B}" = protocol=17 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"{20EDCEDB-487F-44A6-8A29-2E62502C069D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{253A0745-BA39-43C8-8C47-2BD45F5F79E3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3C73740A-3898-4B4B-969A-6D5F713F4EBF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{505A88E9-C33C-4CF3-BECF-010B591D265D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{61278E0D-2BA6-4D6C-A83A-62D26D14813C}" = protocol=6 | dir=in | app=c:\users\abc\appdata\roaming\dropbox\bin\dropbox.exe |
"{6773560A-9DF6-4791-BD0D-FF8D04459940}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{68576115-3B22-4BAA-93A0-783CA603FE49}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6AEED965-009D-4381-A43E-BD2D09D53795}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6B650CC9-B5C2-4487-8C47-2FDC61EE2471}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{6BD1C00B-9D80-4901-A23A-40FC5512D152}" = protocol=17 | dir=in | app=c:\users\abc\appdata\roaming\dropbox\bin\dropbox.exe |
"{70995E8C-99E4-4EB9-820A-2C6E202F55F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{798E5472-1C99-4D25-B6EB-963FDC644FEC}" = protocol=6 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"{85EBC0DC-2FB1-4BF3-9D81-0C6CCAFBDBA7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8886D9A7-5550-4290-8DEF-7489CAC0ACB0}" = protocol=17 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"{8F877195-E571-4466-B6A3-225403D75E88}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{95876E26-1CC1-4B8C-8BB0-6F8EF7A3AD8D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A90285E4-E02F-4E67-A09D-B62F223A9A1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AF8945A8-8598-41E9-94E6-13CE71B9B06D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C9A24375-4E43-4EF8-BD09-E69C04548A7B}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E39825D2-4837-4406-8FE6-18B35F6CCF21}" = protocol=6 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"{F11DFAA6-191E-453E-998E-4E00F65AB740}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{60AB7808-FC2F-4EDA-A8DD-BA5DFEBAE3F5}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{6BBC8E17-2737-4571-AF0C-E4C495ABE1A3}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{74638EEA-4C6E-4179-B5F9-1C07AA1E2803}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"TCP Query User{8EB12B1B-82F8-41E6-A8A1-E4AC8CF66220}C:\program files\nx client for windows\bin\nxssh.exe" = protocol=6 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"TCP Query User{99D8FA21-41EA-487D-9082-7B00C840E263}C:\program files\maple 14\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
"TCP Query User{CC37514B-29C4-4ED6-80F5-B10D11D5FE40}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F25D2FB3-AB11-4B15-9D71-456AC6B95884}C:\program files\maple 14\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
"TCP Query User{F3DC652E-01F0-4C80-9BE9-0BD8893675A1}C:\program files\nx client for windows\nxclient.exe" = protocol=6 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"UDP Query User{161B8598-5433-428A-839A-0531930AB570}C:\program files\nx client for windows\bin\nxssh.exe" = protocol=17 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"UDP Query User{1E611272-2B6A-42CA-A5D2-93E38E05F715}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{44033CB0-A245-4FD8-976F-BEC669E77374}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5E65C8BC-9551-4089-B38C-8D1292EE7B00}C:\program files\nx client for windows\nxclient.exe" = protocol=17 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"UDP Query User{7F9CE1F0-74CE-453E-B53C-794C48E58048}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8D9E9534-AFA0-442E-A97C-F88A95244019}C:\program files\maple 14\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
"UDP Query User{C5297E67-8BCB-488B-8312-EDA510AC288F}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"UDP Query User{FB849A29-7232-443D-9440-EA0C69530F4D}C:\program files\maple 14\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}" = Microsoft NuGet - Visual Studio 2012
"{07AC2D83-E795-4AD5-970D-B9BD14A1E411}" = Microsoft ASP.NET MVC 3 - DEU
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{093C9565-E907-4ED8-8201-4C1DD25D34DF}" = Devenv-Ressourcen für Microsoft Visual Studio 2012
"{094D6E27-97CC-447E-8660-56F75CFC1E00}" = Entity Framework Designer für Visual Studio 2012 - DEU
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BCC836F-0B28-4090-B58A-64883BAA3B2F}" = WCF Data Services 5.0 (for OData v3) Primary Components
"{0EEB6DAC-32D5-4D1A-B795-7023D6AB9F13}" = Blend for Visual Studio 2012 DEU resources
"{13BD574A-7F41-420A-B486-7A2D4CEB7F3B}" = Tools for .Net 3.5 - DEU Lang Pack
"{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}" = Synaptics Gesture Suite featuring SYNAPTICS | Scrybe
"{148878BD-A2A5-4CF1-A103-2BA632F41953}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}" = Microsoft Report Viewer Add-On for Visual Studio 2012
"{1E385309-0E29-3F4F-AE79-7EC7625CA478}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU
"{1F4DF099-EA5C-482D-9901-C0A8B539B417}" = Microsoft Web Platform Installer 4.0
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{28C7A4BB-3966-4373-8376-C11F38290630}" = Microsoft SQL Server 2012 T-SQL Language Service
"{2A01368B-231F-3FF9-9CCB-03A99223E1CC}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{2A3CC014-FA33-4027-AECD-9A4845223209}" = Microsoft SQL Server 2012 Native Client
"{2B231D3B-39B5-301A-9891-0847433885BC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools DEU Language Pack
"{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}" = PreEmptive Analytics Visual Studio Components
"{2CB523DF-A3C2-4A7C-8848-53898F6D6F87}" = PreEmptive Analytics Client German Language Pack
"{2ED1FE3E-B0C5-3990-A966-3B3999F63B38}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{2F6CE32A-018D-4656-895B-9E5E20D7740A}" = Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{30640168-E261-4261-B8FF-7FA5E0F6A2F1}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{3226C9CF-31C7-4FF4-8F41-D5A65795EE80}" = Microsoft ASP.NET MVC 4 Runtime - DEU
"{32AA0D69-0E45-4331-A435-74716E4EA0AC}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU
"{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}" = Microsoft Visual Studio 2012 Devenv
"{372D17F6-A54E-4A01-B264-1314890FFE61}" = Dotfuscator and Analytics Community Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3E24A4D9-7CA0-378E-A9EB-74A20A496F6E}" = Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU
"{3FB583E8-0964-4421-847C-5FA285611C69}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}" = Microsoft-System-CLR-Typen für SQL Server 2012
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{57D782D7-49FD-48DE-AB47-A690A1519A2D}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{59D87F40-6C4B-4F80-A42B-FAA0E6EAFAB6}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools
"{5CBB00A9-CAA2-406A-B149-65343CD6A86E}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{60B8C5F3-7B6B-48F8-ADA0-FB75DB4F4E19}" = Microsoft Visual Studio 2012-Leistungserfassungstools
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{66efbe1c-fcf5-4623-93f6-1ae2445aff93}" = Microsoft Visual Studio Professional 2012
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B5FEDC9-AC82-4F3F-AA55-F21881802F56}" = WCF Data Services 5.0 (for OData v3) DEU Language Pack
"{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}" = Microsoft SQL Server 2012 Management Objects
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6F066545-40A2-4C38-A8F7-78581CC5C442}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
"{70D065C3-77E5-45E9-A75C-EEB2E84EA869}" = Erforderliche Komponenten für SSDT
"{731C183B-86A0-3442-BE55-68A7C92581E9}" = Microsoft Visual C++ 2012 Extended Libraries
"{7437A4B9-314F-3B8F-827B-22909146E471}" = Microsoft LightSwitch for Visual Studio 2012 Core
"{7CC4FADE-70AC-4560-9418-639D71A4767C}" = Microsoft SQL Server Compact 4.0 SP1 DEU
"{7D5CE450-30A2-35F6-A5B4-53847D2E3175}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{80054F6B-11DA-40F6-8306-F9AB2F9074EB}" = Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86756584-C41A-4CA3-B42D-4768C7720F56}" = Microsoft Web Deploy dbSqlPackage Provider - DEU
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A79E320-5BCA-4A0F-A83B-D2D9783C7D53}" = Microsoft Visual C++ 2012 Compilers - DEU Resources
"{8BAB88C4-5024-3236-84B5-115054CD32B3}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU
"{8BF20A72-0286-4E87-B071-E33D4B43DA97}" = Microsoft Report Viewer Add-On für Visual Studio 2012
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E7D7400-4F4F-409D-8F8A-43BF1DAC575A}" = TouchChip USB Driver 2.6
"{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}" = Microsoft Silverlight 4 SDK - Deutsch
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90849941-4C23-3054-B575-3833700DF788}" = Microsoft Help Viewer 2.0 Language Pack - DEU
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{93489CA8-6656-33A0-A5AC-E0EDEDB17C3E}" = Microsoft Visual Studio Professional 2012
"{938526B1-772C-45E3-813A-2E15048DE74E}" = Dotfuscator and Analytics Community Edition Language Pack
"{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}" = Microsoft ASP.NET Web Pages - DEU
"{942CC691-5B98-42A3-8BC5-A246BA69D983}" = Microsoft ASP.NET MVC 4 Runtime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9611BFC7-0C25-48D9-927B-DB5D0D5562CB}" = Microsoft SQL Server 2012 Express LocalDB
"{965EC534-B751-46E2-BB44-4653A33DD5CC}" = Microsoft Web Developer Tools - Visual Studio 2012 - DEU
"{98B45D1C-6EB1-460D-A87D-2B60678DC105}" = Microsoft .NET Framework 4.5 SDK - DEU Lang Pack
"{9921BC23-7252-3B3B-B3D5-7D120788ACAC}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{9CE13D8B-6288-4A2C-99D2-414D77B9A830}" = WCF Data Services Tools for Visual Studio 11 DEU Language Pack
"{9D7EF9D6-212E-3C87-AB96-ED9F2A6C3218}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A38310A9-0AAF-4815-856D-63DAE3D7DFF1}" = Microsoft SQL Server 2012 Command Line Utilities
"{A3A6D5EA-B6B5-3C05-BDA8-EAB99C09CDDC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools
"{A41EB7B5-8883-4795-A587-AAD8A84A010D}" = Cisco AnyConnect Secure Mobility Client
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAC80D3B-9F42-4E52-8357-7CB4A3EC7B80}" = Microsoft ASP.NET Web Pages 2 Runtime - DEU
"{AB639FD7-CC4E-E5BB-8951-D852ABB56D8E}" = LocalESPCui for de-de
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AD17194D-3829-E59E-99A4-EC47097722CA}" = Windows App Certification Kit Native Components
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1AC00A6-43D2-4F06-92F3-9B01529E5AD5}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU
"{B33EA6ED-6F46-3BE1-98D2-F43D2A82EE39}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources
"{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}" = IIS 8.0 Express
"{B96FCD4F-6EDD-4258-8A6D-0FCEA8445E3E}" = Microsoft Web Developer Tools - Visual Studio 2012
"{BD87E147-2948-4E49-9FD9-890A4AE4300A}" = Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen
"{BDBE5D2A-AAB7-77BD-7A0E-5006665CE7C6}" = LocalESPC
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C1ECF949-72E2-4084-82B2-FBD276DBC3B5}" = Microsoft Visual Studio 2012-Leistungserfassungstools - DEU
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4CAD994-6EA2-3121-8352-DA593150B322}" = Microsoft Portable Library Multi-Targeting Pack
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6379B13-1DFD-4364-9FDD-4632AA90C99D}" = O&O SafeErase Professional
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEE1F4AA-FAAE-6574-8AE6-93727FD6C246}" = Windows App Certification Kit x86
"{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}" = Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D3F1C46B-4DAD-439D-B940-E8144DD9B69A}" = Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU
"{D434E072-F482-4F52-AB97-7B19DD5DAEB5}" = Microsoft SQL Server System CLR Types
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{DDC1078D-00E9-CB9D-EA5B-EE695A38D346}" = Windows Runtime Intellisense Content - de-de
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E43AC95E-66B0-4CEC-AADD-C9BFEF5A4C0A}" = Microsoft Web Deploy 3.0
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8AC67A8-BC7D-4541-A13E-88F6DD2AB3DB}" = Microsoft Visual Studio 2012-Vorbereitung
"{EA33215B-1391-314B-8752-C4C448304AC5}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - deu
"{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}" = Microsoft Silverlight 5 SDK - DEU
"{F56A0341-F545-3EFB-A7B4-25CD67D04022}" = Microsoft Visual Studio Professional 2012 - DEU
"{F63B2C40-A153-38EC-880C-0A53EF24779A}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}" = Microsoft SQL Server Data Tools - DEU (11.1.20627.00)
"{F803564F-1E23-313A-9162-18880B9D4FDF}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FBBC8076-BB21-4E06-9FA0-309AEF6E35EE}" = Microsoft ASP.NET Web Pages 2 Runtime
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Creative OEM004" = Laptop Integrated Webcam Driver (1.03.01.1011)
"DasTelefonbuch GelbeSeiten Map & Route" = DasTelefonbuch GelbeSeiten Map & Route
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HEROLD Telefonbuch DVD network" = HEROLD Telefonbuch DVD network
"HP Color LaserJet 2600 series" = HP Color LaserJet 2600 series
"Maple 14" = Maple 14
"Matlab R2011b" = MATLAB R2011b
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.0 Language Pack - DEU" = Microsoft Help Viewer 2.0 Language Pack - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nxclient_is1" = NX Client for Windows 3.5.0-7
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"JDownloader Packages" = JDownloader Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.07.2012 14:21:40 | Computer Name = abc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_265.exe,
Version: 11.3.300.265, Zeitstempel: 0x4febd5ac Name des fehlerhaften Moduls: NPSWF32_11_3_300_265.dll,
Version: 11.3.300.265, Zeitstempel: 0x4febd798 Ausnahmecode: 0xc0000005 Fehleroffset:
0x0049195e ID des fehlerhaften Prozesses: 0xb94 Startzeit der fehlerhaften Anwendung:
0x01cd6b5268abf830 Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
Berichtskennung:
be2c64e2-d74e-11e1-9aaf-002269c03207
Error - 31.07.2012 19:16:23 | Computer Name = abc-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d18 Startzeit:
01cd6f66f4cf3abe Endzeit: 60 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID:
bb2f28ff-db65-11e1-8ced-002269c03207
Error - 03.08.2012 10:23:26 | Computer Name = abc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_265.exe,
Version: 11.3.300.265, Zeitstempel: 0x4febd5ac Name des fehlerhaften Moduls: NPSWF32_11_3_300_265.dll,
Version: 11.3.300.265, Zeitstempel: 0x4febd798 Ausnahmecode: 0xc0000005 Fehleroffset:
0x004923d1 ID des fehlerhaften Prozesses: 0xfac Startzeit der fehlerhaften Anwendung:
0x01cd7164e27dfc8f Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
Berichtskennung:
c9aae6b0-dd76-11e1-9a57-002269c03207
Error - 03.08.2012 14:31:35 | Computer Name = abc-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e3c Startzeit:
01cd7164d1a91da7 Endzeit: 117 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID:
6c8ba627-dd99-11e1-9a57-002269c03207
Error - 17.08.2012 08:18:37 | Computer Name = abc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.6.0.110, Zeitstempel:
0x4e969fc2 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
0x4ec49b60 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000c380b ID des fehlerhaften Prozesses:
0xf14 Startzeit der fehlerhaften Anwendung: 0x01cd7c7100eb51eb Pfad der fehlerhaften
Anwendung: C:\Program Files\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: abc7a1b6-e865-11e1-85e5-002269c03207
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
70 Invoked Function: CapiCertUtils Return Code: -32767981 (0xFE0C0013) Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiStore File: .\Certificates\CollectiveCertStore.cpp
Line:
922 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32767981 (0xFE0C0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::searchProcessesForUserToken File:
.\IPC\WinsecAPI.cpp Line: 1391 Invoked Function: Process32Next Return Code: 18 (0x00000012)
Description:
Es sind keine weiteren Dateien vorhanden.
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108865
Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp
Line:
101 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
.\IPC\WinsecAPI.cpp Line: 81 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
Return
Code: -32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
Line:
92 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
Code: -32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
70 Invoked Function: CapiCertUtils Return Code: -32767981 (0xFE0C0013) Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
Line:
40 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32767981 (0xFE0C0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 29.05.2013 03:53:43 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
Line:
959 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
-32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 29.05.2013 03:54:05 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
[ OSession Events ]
Error - 02.04.2012 20:28:07 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 3586 seconds with 600 seconds of active time. This session ended with a
crash.
Error - 03.04.2012 22:45:20 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 37 seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.04.2012 22:45:48 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 18 seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.04.2012 06:06:42 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 3817 seconds with 1260 seconds of active time. This session ended with a
crash.
Error - 07.04.2012 06:48:44 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 256 seconds with 120 seconds of active time. This session ended with a crash.
Error - 23.04.2012 13:44:11 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 20 seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 28.05.2013 16:58:45 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 28.05.2013 16:58:53 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 28.05.2013 17:00:05 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 28.05.2013 17:00:12 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 28.05.2013 17:00:22 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 28.05.2013 17:00:30 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 28.05.2013 17:00:37 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 28.05.2013 17:00:45 | Computer Name = abc-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 29.05.2013 03:53:25 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IP-Hilfsdienst" ist von folgendem Dienst abhängig: winmgmt.
Dieser Dienst ist eventuell nicht installiert.
Error - 29.05.2013 03:56:49 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Sicherheitscenter" ist von folgendem Dienst abhängig:
winmgmt. Dieser Dienst ist eventuell nicht installiert.
< End of report >
|
|
29.05.2013, 11:01
| #4 |
| /// the machine /// TB-Ausbilder | Virus nach Adobe-aktualisierung? Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.06.2013, 17:13
| #5 |
| | Virus nach Adobe-aktualisierung? Sorry, dass ich mir so extrem viel Zeit gelassen habe. Hatte sehr viel um die Ohren, sodass ich auf die Benutzung meines Laptops weitestegehend verzichtet habe. In der Zwischenzeit hat mein Laptop aber immer mehr Macken (speziell beim Hochfahren). Ich möchte dir nochmal für deine Hilfe danken! Hier das nächste Logfile: Code:
ATTFilter 18:04:36.0359 4068 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:04:37.0531 4068 ============================================================
18:04:37.0531 4068 Current date / time: 2013/06/20 18:04:37.0531
18:04:37.0531 4068 SystemInfo:
18:04:37.0531 4068
18:04:37.0531 4068 OS Version: 6.1.7601 ServicePack: 1.0
18:04:37.0531 4068 Product type: Workstation
18:04:37.0531 4068 ComputerName: abc-PC
18:04:37.0531 4068 UserName: abc
18:04:37.0531 4068 Windows directory: C:\Windows
18:04:37.0531 4068 System windows directory: C:\Windows
18:04:37.0531 4068 Processor architecture: Intel x86
18:04:37.0531 4068 Number of processors: 2
18:04:37.0531 4068 Page size: 0x1000
18:04:37.0531 4068 Boot type: Normal boot
18:04:37.0531 4068 ============================================================
18:04:38.0995 4068 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:04:38.0995 4068 ============================================================
18:04:38.0995 4068 \Device\Harddisk0\DR0:
18:04:38.0995 4068 MBR partitions:
18:04:38.0995 4068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x143F000, BlocksNum 0x23AEEFF8
18:04:39.0025 4068 ============================================================
18:04:39.0085 4068 C: <-> \Device\Harddisk0\DR0\Partition1
18:04:39.0085 4068 ============================================================
18:04:39.0085 4068 Initialize success
18:04:39.0085 4068 ============================================================
18:05:16.0711 1248 ============================================================
18:05:16.0711 1248 Scan started
18:05:16.0711 1248 Mode: Manual; SigCheck; TDLFS;
18:05:16.0711 1248 ============================================================
18:05:18.0631 1248 ================ Scan system memory ========================
18:05:18.0631 1248 System memory - ok
18:05:18.0631 1248 ================ Scan services =============================
18:05:18.0971 1248 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:05:19.0111 1248 1394ohci - ok
18:05:19.0141 1248 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:05:19.0161 1248 ACPI - ok
18:05:19.0191 1248 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:05:19.0271 1248 AcpiPmi - ok
18:05:19.0341 1248 [ 45D8E2A2D8B9F33C32A7ADB6900C6E04 ] acsock C:\Windows\system32\DRIVERS\acsock.sys
18:05:19.0361 1248 acsock - ok
18:05:19.0491 1248 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:05:19.0511 1248 AdobeARMservice - ok
18:05:19.0571 1248 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:05:19.0601 1248 adp94xx - ok
18:05:19.0621 1248 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:05:19.0651 1248 adpahci - ok
18:05:19.0661 1248 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:05:19.0681 1248 adpu320 - ok
18:05:19.0721 1248 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:05:19.0801 1248 AeLookupSvc - ok
18:05:19.0861 1248 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:05:19.0961 1248 AFD - ok
18:05:19.0991 1248 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:05:20.0011 1248 agp440 - ok
18:05:20.0041 1248 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:05:20.0061 1248 aic78xx - ok
18:05:20.0111 1248 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:05:20.0191 1248 ALG - ok
18:05:20.0231 1248 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:05:20.0251 1248 aliide - ok
18:05:20.0271 1248 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:05:20.0291 1248 amdagp - ok
18:05:20.0311 1248 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:05:20.0331 1248 amdide - ok
18:05:20.0351 1248 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:05:20.0421 1248 AmdK8 - ok
18:05:20.0431 1248 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:05:20.0471 1248 AmdPPM - ok
18:05:20.0541 1248 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:05:20.0561 1248 amdsata - ok
18:05:20.0581 1248 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:05:20.0611 1248 amdsbs - ok
18:05:20.0621 1248 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:05:20.0641 1248 amdxata - ok
18:05:20.0701 1248 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:05:20.0731 1248 AntiVirSchedulerService - ok
18:05:20.0741 1248 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:05:20.0751 1248 AntiVirService - ok
18:05:20.0791 1248 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:05:20.0931 1248 AppID - ok
18:05:20.0971 1248 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:05:21.0043 1248 AppIDSvc - ok
18:05:21.0073 1248 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
18:05:21.0113 1248 Appinfo - ok
18:05:21.0153 1248 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:05:21.0233 1248 AppMgmt - ok
18:05:21.0263 1248 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:05:21.0283 1248 arc - ok
18:05:21.0303 1248 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:05:21.0333 1248 arcsas - ok
18:05:21.0463 1248 [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:05:21.0503 1248 aspnet_state - ok
18:05:21.0533 1248 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:05:21.0680 1248 AsyncMac - ok
18:05:21.0715 1248 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:05:21.0725 1248 atapi - ok
18:05:21.0785 1248 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:05:21.0845 1248 AudioEndpointBuilder - ok
18:05:21.0855 1248 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:05:21.0895 1248 Audiosrv - ok
18:05:21.0937 1248 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:05:21.0967 1248 avgntflt - ok
18:05:21.0997 1248 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:05:22.0027 1248 avipbb - ok
18:05:22.0047 1248 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:05:22.0067 1248 avkmgr - ok
18:05:22.0117 1248 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:05:22.0197 1248 AxInstSV - ok
18:05:22.0237 1248 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:05:22.0327 1248 b06bdrv - ok
18:05:22.0347 1248 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:05:22.0407 1248 b57nd60x - ok
18:05:22.0467 1248 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:05:22.0527 1248 BDESVC - ok
18:05:22.0547 1248 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:05:22.0607 1248 Beep - ok
18:05:22.0687 1248 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:05:22.0757 1248 BFE - ok
18:05:22.0817 1248 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:05:22.0887 1248 BITS - ok
18:05:22.0929 1248 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:05:22.0969 1248 blbdrive - ok
18:05:23.0029 1248 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:05:23.0119 1248 bowser - ok
18:05:23.0161 1248 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:05:23.0241 1248 BrFiltLo - ok
18:05:23.0261 1248 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:05:23.0323 1248 BrFiltUp - ok
18:05:23.0395 1248 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:05:23.0465 1248 Browser - ok
18:05:23.0495 1248 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:05:23.0535 1248 Brserid - ok
18:05:23.0555 1248 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:05:23.0605 1248 BrSerWdm - ok
18:05:23.0635 1248 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:05:23.0675 1248 BrUsbMdm - ok
18:05:23.0705 1248 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:05:23.0765 1248 BrUsbSer - ok
18:05:23.0825 1248 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:05:23.0955 1248 BthEnum - ok
18:05:23.0965 1248 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:05:24.0005 1248 BTHMODEM - ok
18:05:24.0045 1248 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:05:24.0075 1248 BthPan - ok
18:05:24.0145 1248 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:05:24.0205 1248 BTHPORT - ok
18:05:24.0255 1248 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:05:24.0325 1248 bthserv - ok
18:05:24.0355 1248 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:05:24.0385 1248 BTHUSB - ok
18:05:24.0415 1248 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:05:24.0485 1248 cdfs - ok
18:05:24.0545 1248 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:05:24.0595 1248 cdrom - ok
18:05:24.0655 1248 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:05:24.0695 1248 CertPropSvc - ok
18:05:24.0735 1248 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:05:24.0795 1248 circlass - ok
18:05:24.0825 1248 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:05:24.0845 1248 CLFS - ok
18:05:24.0895 1248 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:05:24.0915 1248 clr_optimization_v2.0.50727_32 - ok
18:05:24.0965 1248 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:05:24.0995 1248 clr_optimization_v4.0.30319_32 - ok
18:05:25.0025 1248 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:05:25.0085 1248 CmBatt - ok
18:05:25.0105 1248 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:05:25.0125 1248 cmdide - ok
18:05:25.0165 1248 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:05:25.0235 1248 CNG - ok
18:05:25.0275 1248 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:05:25.0295 1248 Compbatt - ok
18:05:25.0345 1248 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:05:25.0395 1248 CompositeBus - ok
18:05:25.0415 1248 COMSysApp - ok
18:05:25.0445 1248 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:05:25.0465 1248 crcdisk - ok
18:05:25.0525 1248 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:05:25.0575 1248 CryptSvc - ok
18:05:25.0625 1248 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:05:25.0705 1248 CSC - ok
18:05:25.0745 1248 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:05:25.0765 1248 CscService - ok
18:05:25.0795 1248 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:05:25.0825 1248 DcomLaunch - ok
18:05:25.0865 1248 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:05:25.0915 1248 defragsvc - ok
18:05:25.0965 1248 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:05:26.0005 1248 DfsC - ok
18:05:26.0055 1248 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:05:26.0095 1248 Dhcp - ok
18:05:26.0115 1248 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:05:26.0185 1248 discache - ok
18:05:26.0235 1248 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:05:26.0255 1248 Disk - ok
18:05:26.0295 1248 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:05:26.0355 1248 Dnscache - ok
18:05:26.0395 1248 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:05:26.0465 1248 dot3svc - ok
18:05:26.0515 1248 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:05:26.0575 1248 DPS - ok
18:05:26.0615 1248 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:05:26.0655 1248 drmkaud - ok
18:05:26.0725 1248 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:05:26.0775 1248 DXGKrnl - ok
18:05:26.0815 1248 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:05:26.0885 1248 EapHost - ok
18:05:27.0005 1248 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:05:27.0175 1248 ebdrv - ok
18:05:27.0215 1248 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:05:27.0295 1248 EFS - ok
18:05:27.0375 1248 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:05:27.0481 1248 ehRecvr - ok
18:05:27.0507 1248 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:05:27.0547 1248 ehSched - ok
18:05:27.0629 1248 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:05:27.0669 1248 elxstor - ok
18:05:27.0699 1248 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:05:27.0749 1248 ErrDev - ok
18:05:27.0809 1248 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:05:27.0869 1248 EventSystem - ok
18:05:27.0889 1248 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:05:27.0959 1248 exfat - ok
18:05:27.0979 1248 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:05:28.0059 1248 fastfat - ok
18:05:28.0139 1248 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:05:28.0179 1248 Fax - ok
18:05:28.0199 1248 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:05:28.0239 1248 fdc - ok
18:05:28.0279 1248 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:05:28.0349 1248 fdPHost - ok
18:05:28.0379 1248 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:05:28.0429 1248 FDResPub - ok
18:05:28.0449 1248 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:05:28.0469 1248 FileInfo - ok
18:05:28.0499 1248 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:05:28.0549 1248 Filetrace - ok
18:05:28.0579 1248 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:05:28.0619 1248 flpydisk - ok
18:05:28.0659 1248 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:05:28.0679 1248 FltMgr - ok
18:05:28.0759 1248 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
18:05:28.0859 1248 FontCache - ok
18:05:28.0899 1248 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:05:28.0919 1248 FontCache3.0.0.0 - ok
18:05:28.0929 1248 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:05:28.0969 1248 FsDepends - ok
18:05:29.0019 1248 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:05:29.0099 1248 Fs_Rec - ok
18:05:29.0149 1248 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:05:29.0179 1248 fvevol - ok
18:05:29.0209 1248 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:05:29.0229 1248 gagp30kx - ok
18:05:29.0279 1248 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:05:29.0329 1248 gpsvc - ok
18:05:29.0349 1248 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:05:29.0409 1248 hcw85cir - ok
18:05:29.0459 1248 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:05:29.0509 1248 HdAudAddService - ok
18:05:29.0539 1248 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:05:29.0579 1248 HDAudBus - ok
18:05:29.0619 1248 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:05:29.0659 1248 HidBatt - ok
18:05:29.0689 1248 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:05:29.0739 1248 HidBth - ok
18:05:29.0769 1248 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:05:29.0819 1248 HidIr - ok
18:05:29.0849 1248 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:05:29.0909 1248 hidserv - ok
18:05:29.0979 1248 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:05:30.0029 1248 HidUsb - ok
18:05:30.0069 1248 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:05:30.0149 1248 hkmsvc - ok
18:05:30.0209 1248 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:05:30.0289 1248 HomeGroupListener - ok
18:05:30.0329 1248 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:05:30.0359 1248 HomeGroupProvider - ok
18:05:30.0399 1248 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:05:30.0429 1248 HpSAMD - ok
18:05:30.0489 1248 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:05:30.0569 1248 HTTP - ok
18:05:30.0609 1248 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:05:30.0629 1248 hwpolicy - ok
18:05:30.0689 1248 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:05:30.0729 1248 i8042prt - ok
18:05:30.0789 1248 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:05:30.0819 1248 iaStorV - ok
18:05:30.0909 1248 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:05:30.0949 1248 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:05:30.0949 1248 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:05:31.0099 1248 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:05:31.0169 1248 idsvc - ok
18:05:31.0309 1248 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:05:31.0599 1248 igfx - ok
18:05:31.0639 1248 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:05:31.0659 1248 iirsp - ok
18:05:31.0699 1248 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:05:31.0769 1248 IKEEXT - ok
18:05:31.0819 1248 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:05:31.0839 1248 intelide - ok
18:05:31.0869 1248 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:05:31.0909 1248 intelppm - ok
18:05:31.0949 1248 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:05:32.0019 1248 IPBusEnum - ok
18:05:32.0049 1248 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:05:32.0079 1248 IpFilterDriver - ok
18:05:32.0129 1248 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:05:32.0179 1248 iphlpsvc - ok
18:05:32.0209 1248 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:05:32.0259 1248 IPMIDRV - ok
18:05:32.0289 1248 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:05:32.0359 1248 IPNAT - ok
18:05:32.0399 1248 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:05:32.0479 1248 IRENUM - ok
18:05:32.0489 1248 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:05:32.0509 1248 isapnp - ok
18:05:32.0549 1248 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:05:32.0579 1248 iScsiPrt - ok
18:05:32.0609 1248 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:05:32.0639 1248 kbdclass - ok
18:05:32.0659 1248 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:05:32.0709 1248 kbdhid - ok
18:05:32.0739 1248 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:05:32.0759 1248 KeyIso - ok
18:05:32.0799 1248 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:05:32.0819 1248 KSecDD - ok
18:05:32.0849 1248 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:05:32.0879 1248 KSecPkg - ok
18:05:32.0919 1248 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:05:32.0989 1248 KtmRm - ok
18:05:33.0039 1248 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:05:33.0089 1248 LanmanServer - ok
18:05:33.0109 1248 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:05:33.0149 1248 LanmanWorkstation - ok
18:05:33.0209 1248 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:05:33.0249 1248 lltdio - ok
18:05:33.0299 1248 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:05:33.0359 1248 lltdsvc - ok
18:05:33.0389 1248 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:05:33.0439 1248 lmhosts - ok
18:05:33.0479 1248 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:05:33.0499 1248 LSI_FC - ok
18:05:33.0509 1248 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:05:33.0539 1248 LSI_SAS - ok
18:05:33.0549 1248 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:05:33.0569 1248 LSI_SAS2 - ok
18:05:33.0589 1248 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:05:33.0609 1248 LSI_SCSI - ok
18:05:33.0629 1248 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:05:33.0689 1248 luafv - ok
18:05:33.0729 1248 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:05:33.0749 1248 Mcx2Svc - ok
18:05:33.0769 1248 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:05:33.0789 1248 megasas - ok
18:05:33.0809 1248 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:05:33.0839 1248 MegaSR - ok
18:05:33.0929 1248 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:05:33.0959 1248 Microsoft Office Groove Audit Service - ok
18:05:33.0979 1248 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:05:34.0039 1248 MMCSS - ok
18:05:34.0059 1248 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:05:34.0109 1248 Modem - ok
18:05:34.0169 1248 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:05:34.0219 1248 monitor - ok
18:05:34.0239 1248 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:05:34.0259 1248 mouclass - ok
18:05:34.0269 1248 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:05:34.0279 1248 mouhid - ok
18:05:34.0319 1248 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:05:34.0339 1248 mountmgr - ok
18:05:34.0429 1248 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:05:34.0449 1248 MozillaMaintenance - ok
18:05:34.0499 1248 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:05:34.0529 1248 mpio - ok
18:05:34.0559 1248 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:05:34.0619 1248 mpsdrv - ok
18:05:34.0689 1248 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:05:34.0749 1248 MpsSvc - ok
18:05:34.0809 1248 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:05:34.0869 1248 MRxDAV - ok
18:05:34.0949 1248 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:05:35.0019 1248 mrxsmb - ok
18:05:35.0049 1248 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:05:35.0109 1248 mrxsmb10 - ok
18:05:35.0129 1248 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:05:35.0149 1248 mrxsmb20 - ok
18:05:35.0189 1248 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:05:35.0209 1248 msahci - ok
18:05:35.0229 1248 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:05:35.0259 1248 msdsm - ok
18:05:35.0269 1248 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:05:35.0319 1248 MSDTC - ok
18:05:35.0379 1248 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:05:35.0449 1248 Msfs - ok
18:05:35.0469 1248 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:05:35.0499 1248 mshidkmdf - ok
18:05:35.0539 1248 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:05:35.0559 1248 msisadrv - ok
18:05:35.0599 1248 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:05:35.0659 1248 MSiSCSI - ok
18:05:35.0669 1248 msiserver - ok
18:05:35.0709 1248 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:05:35.0769 1248 MSKSSRV - ok
18:05:35.0789 1248 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:05:35.0839 1248 MSPCLOCK - ok
18:05:35.0859 1248 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:05:35.0909 1248 MSPQM - ok
18:05:35.0949 1248 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:05:35.0969 1248 MsRPC - ok
18:05:35.0999 1248 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:05:36.0019 1248 mssmbios - ok
18:05:36.0059 1248 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:05:36.0089 1248 MSTEE - ok
18:05:36.0109 1248 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:05:36.0129 1248 MTConfig - ok
18:05:36.0149 1248 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:05:36.0169 1248 Mup - ok
18:05:36.0199 1248 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:05:36.0269 1248 napagent - ok
18:05:36.0329 1248 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:05:36.0389 1248 NativeWifiP - ok
18:05:36.0459 1248 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:05:36.0529 1248 NDIS - ok
18:05:36.0559 1248 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:05:36.0619 1248 NdisCap - ok
18:05:36.0639 1248 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:05:36.0689 1248 NdisTapi - ok
18:05:36.0739 1248 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:05:36.0789 1248 Ndisuio - ok
18:05:36.0829 1248 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:05:36.0889 1248 NdisWan - ok
18:05:36.0929 1248 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:05:36.0979 1248 NDProxy - ok
18:05:37.0029 1248 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:05:37.0089 1248 NetBIOS - ok
18:05:37.0109 1248 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:05:37.0189 1248 NetBT - ok
18:05:37.0219 1248 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:05:37.0229 1248 Netlogon - ok
18:05:37.0279 1248 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:05:37.0339 1248 Netman - ok
18:05:37.0419 1248 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:05:37.0439 1248 NetMsmqActivator - ok
18:05:37.0439 1248 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:05:37.0459 1248 NetPipeActivator - ok
18:05:37.0489 1248 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:05:37.0549 1248 netprofm - ok
18:05:37.0559 1248 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:05:37.0579 1248 NetTcpActivator - ok
18:05:37.0579 1248 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:05:37.0599 1248 NetTcpPortSharing - ok
18:05:37.0739 1248 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
18:05:37.0949 1248 netw5v32 - ok
18:05:38.0009 1248 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:05:38.0029 1248 nfrd960 - ok
18:05:38.0069 1248 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:05:38.0089 1248 NlaSvc - ok
18:05:38.0129 1248 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
18:05:38.0199 1248 nmwcd - ok
18:05:38.0239 1248 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
18:05:38.0339 1248 nmwcdc - ok
18:05:38.0381 1248 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:05:38.0451 1248 Npfs - ok
18:05:38.0493 1248 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:05:38.0543 1248 nsi - ok
18:05:38.0553 1248 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:05:38.0603 1248 nsiproxy - ok
18:05:38.0683 1248 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:05:38.0743 1248 Ntfs - ok
18:05:38.0773 1248 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:05:38.0843 1248 Null - ok
18:05:38.0905 1248 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:05:38.0935 1248 nvraid - ok
18:05:38.0945 1248 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:05:38.0965 1248 nvstor - ok
18:05:38.0985 1248 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:05:39.0015 1248 nv_agp - ok
18:05:39.0095 1248 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:05:39.0135 1248 odserv - ok
18:05:39.0175 1248 [ 86326062A90494BDD79CE383511D7D69 ] OEM04Vfx C:\Windows\system32\DRIVERS\OEM04Vfx.sys
18:05:39.0235 1248 OEM04Vfx - ok
18:05:39.0275 1248 [ 40E9BFD9F64DFB32C1EAFBAA0576C55D ] OEM04Vid C:\Windows\system32\DRIVERS\OEM04Vid.sys
18:05:39.0305 1248 OEM04Vid - ok
18:05:39.0345 1248 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:05:39.0395 1248 ohci1394 - ok
18:05:39.0465 1248 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:05:39.0485 1248 ose - ok
18:05:39.0525 1248 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:05:39.0565 1248 p2pimsvc - ok
18:05:39.0595 1248 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:05:39.0625 1248 p2psvc - ok
18:05:39.0655 1248 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:05:39.0695 1248 Parport - ok
18:05:39.0735 1248 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:05:39.0765 1248 partmgr - ok
18:05:39.0785 1248 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:05:39.0835 1248 Parvdm - ok
18:05:39.0865 1248 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:05:39.0925 1248 PcaSvc - ok
18:05:40.0015 1248 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
18:05:40.0075 1248 pccsmcfd - ok
18:05:40.0085 1248 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:05:40.0105 1248 pci - ok
18:05:40.0115 1248 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:05:40.0135 1248 pciide - ok
18:05:40.0175 1248 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:05:40.0205 1248 pcmcia - ok
18:05:40.0215 1248 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:05:40.0245 1248 pcw - ok
18:05:40.0265 1248 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:05:40.0345 1248 PEAUTH - ok
18:05:40.0395 1248 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:05:40.0475 1248 PeerDistSvc - ok
18:05:40.0545 1248 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:05:40.0625 1248 pla - ok
18:05:40.0695 1248 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:05:40.0775 1248 PlugPlay - ok
18:05:40.0795 1248 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:05:40.0845 1248 PNRPAutoReg - ok
18:05:40.0875 1248 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:05:40.0895 1248 PNRPsvc - ok
18:05:40.0945 1248 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:05:41.0005 1248 PolicyAgent - ok
18:05:41.0055 1248 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:05:41.0105 1248 Power - ok
18:05:41.0155 1248 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:05:41.0205 1248 PptpMiniport - ok
18:05:41.0215 1248 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:05:41.0265 1248 Processor - ok
18:05:41.0327 1248 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:05:41.0377 1248 ProfSvc - ok
18:05:41.0407 1248 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:05:41.0427 1248 ProtectedStorage - ok
18:05:41.0479 1248 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:05:41.0529 1248 Psched - ok
18:05:41.0569 1248 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:05:41.0629 1248 ql2300 - ok
18:05:41.0662 1248 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:05:41.0682 1248 ql40xx - ok
18:05:41.0722 1248 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:05:41.0782 1248 QWAVE - ok
18:05:41.0819 1248 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:05:41.0854 1248 QWAVEdrv - ok
18:05:41.0884 1248 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:05:41.0944 1248 RasAcd - ok
18:05:41.0984 1248 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:05:42.0044 1248 RasAgileVpn - ok
18:05:42.0084 1248 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:05:42.0154 1248 RasAuto - ok
18:05:42.0194 1248 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:05:42.0224 1248 Rasl2tp - ok
18:05:42.0284 1248 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:05:42.0334 1248 RasMan - ok
18:05:42.0364 1248 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:05:42.0434 1248 RasPppoe - ok
18:05:42.0454 1248 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:05:42.0494 1248 RasSstp - ok
18:05:42.0514 1248 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:05:42.0574 1248 rdbss - ok
18:05:42.0604 1248 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:05:42.0654 1248 rdpbus - ok
18:05:42.0694 1248 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:05:42.0724 1248 RDPCDD - ok
18:05:42.0774 1248 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:05:42.0814 1248 RDPDR - ok
18:05:42.0844 1248 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:05:42.0874 1248 RDPENCDD - ok
18:05:42.0894 1248 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:05:42.0944 1248 RDPREFMP - ok
18:05:42.0964 1248 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:05:43.0004 1248 RDPWD - ok
18:05:43.0054 1248 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:05:43.0084 1248 rdyboost - ok
18:05:43.0104 1248 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:05:43.0154 1248 RemoteAccess - ok
18:05:43.0194 1248 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:05:43.0244 1248 RemoteRegistry - ok
18:05:43.0284 1248 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:05:43.0324 1248 RFCOMM - ok
18:05:43.0404 1248 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
18:05:43.0454 1248 rismxdp - ok
18:05:43.0484 1248 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:05:43.0554 1248 RpcEptMapper - ok
18:05:43.0586 1248 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:05:43.0626 1248 RpcLocator - ok
18:05:43.0677 1248 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:05:43.0708 1248 RpcSs - ok
18:05:43.0798 1248 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:05:43.0858 1248 rspndr - ok
18:05:43.0910 1248 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:05:44.0120 1248 s3cap - ok
18:05:44.0150 1248 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:05:44.0170 1248 SamSs - ok
18:05:44.0240 1248 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:05:44.0330 1248 sbp2port - ok
18:05:44.0470 1248 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:05:44.0600 1248 SCardSvr - ok
18:05:44.0640 1248 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:05:44.0730 1248 scfilter - ok
18:05:44.0880 1248 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:05:44.0920 1248 Schedule - ok
18:05:44.0950 1248 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:05:44.0980 1248 SCPolicySvc - ok
18:05:45.0125 1248 [ B60E9769655DDEE8368E3ABB6668E076 ] ScrybeUpdater C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
18:05:45.0172 1248 ScrybeUpdater - ok
18:05:45.0203 1248 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
18:05:45.0266 1248 sdbus - ok
18:05:45.0312 1248 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:05:45.0344 1248 SDRSVC - ok
18:05:45.0359 1248 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:05:45.0406 1248 secdrv - ok
18:05:45.0422 1248 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:05:45.0484 1248 seclogon - ok
18:05:45.0515 1248 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:05:45.0578 1248 SENS - ok
18:05:45.0624 1248 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:05:45.0702 1248 SensrSvc - ok
18:05:45.0718 1248 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:05:45.0765 1248 Serenum - ok
18:05:45.0780 1248 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:05:45.0843 1248 Serial - ok
18:05:45.0874 1248 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:05:45.0905 1248 sermouse - ok
18:05:46.0030 1248 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
18:05:46.0061 1248 ServiceLayer - ok
18:05:46.0108 1248 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:05:46.0170 1248 SessionEnv - ok
18:05:46.0217 1248 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:05:46.0233 1248 sffdisk - ok
18:05:46.0248 1248 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:05:46.0264 1248 sffp_mmc - ok
18:05:46.0295 1248 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:05:46.0326 1248 sffp_sd - ok
18:05:46.0373 1248 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:05:46.0420 1248 sfloppy - ok
18:05:46.0451 1248 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:05:46.0498 1248 SharedAccess - ok
18:05:46.0529 1248 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:05:46.0560 1248 ShellHWDetection - ok
18:05:46.0607 1248 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:05:46.0623 1248 sisagp - ok
18:05:46.0670 1248 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:05:46.0685 1248 SiSRaid2 - ok
18:05:46.0701 1248 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:05:46.0716 1248 SiSRaid4 - ok
18:05:46.0732 1248 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:05:46.0810 1248 Smb - ok
18:05:46.0857 1248 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:05:46.0904 1248 SNMPTRAP - ok
18:05:46.0935 1248 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:05:46.0950 1248 spldr - ok
18:05:47.0013 1248 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:05:47.0060 1248 Spooler - ok
18:05:47.0169 1248 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:05:47.0325 1248 sppsvc - ok
18:05:47.0372 1248 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:05:47.0403 1248 sppuinotify - ok
18:05:47.0450 1248 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:05:47.0528 1248 srv - ok
18:05:47.0559 1248 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:05:47.0606 1248 srv2 - ok
18:05:47.0637 1248 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:05:47.0668 1248 srvnet - ok
18:05:47.0715 1248 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:05:47.0746 1248 SSDPSRV - ok
18:05:47.0793 1248 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
18:05:47.0808 1248 ssmdrv - ok
18:05:47.0808 1248 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:05:47.0855 1248 SstpSvc - ok
18:05:47.0871 1248 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:05:47.0886 1248 stexstor - ok
18:05:47.0933 1248 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:05:47.0964 1248 StiSvc - ok
18:05:47.0980 1248 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:05:47.0996 1248 storflt - ok
18:05:48.0027 1248 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:05:48.0089 1248 StorSvc - ok
18:05:48.0120 1248 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:05:48.0136 1248 storvsc - ok
18:05:48.0152 1248 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:05:48.0183 1248 swenum - ok
18:05:48.0198 1248 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:05:48.0276 1248 swprv - ok
18:05:48.0354 1248 [ 2185CC5BE9922562108CF87F42E4BBAF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:05:48.0417 1248 SynTP - ok
18:05:48.0464 1248 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:05:48.0510 1248 SysMain - ok
18:05:48.0542 1248 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:05:48.0604 1248 TabletInputService - ok
18:05:48.0651 1248 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:05:48.0729 1248 TapiSrv - ok
18:05:48.0760 1248 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:05:48.0807 1248 TBS - ok
18:05:48.0854 1248 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:05:48.0916 1248 Tcpip - ok
18:05:48.0963 1248 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:05:48.0994 1248 TCPIP6 - ok
18:05:49.0025 1248 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:05:49.0056 1248 tcpipreg - ok
18:05:49.0088 1248 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:05:49.0119 1248 TDPIPE - ok
18:05:49.0150 1248 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:05:49.0181 1248 TDTCP - ok
18:05:49.0212 1248 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:05:49.0244 1248 tdx - ok
18:05:49.0275 1248 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:05:49.0290 1248 TermDD - ok
18:05:49.0353 1248 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:05:49.0415 1248 TermService - ok
18:05:49.0431 1248 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:05:49.0478 1248 Themes - ok
18:05:49.0509 1248 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:05:49.0540 1248 THREADORDER - ok
18:05:49.0556 1248 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:05:49.0587 1248 TrkWks - ok
18:05:49.0634 1248 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:05:49.0696 1248 TrustedInstaller - ok
18:05:49.0727 1248 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:05:49.0790 1248 tssecsrv - ok
18:05:49.0836 1248 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:05:49.0914 1248 TsUsbFlt - ok
18:05:49.0961 1248 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:05:50.0008 1248 tunnel - ok
18:05:50.0024 1248 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:05:50.0039 1248 uagp35 - ok
18:05:50.0070 1248 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:05:50.0117 1248 udfs - ok
18:05:50.0148 1248 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:05:50.0195 1248 UI0Detect - ok
18:05:50.0226 1248 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:05:50.0258 1248 uliagpkx - ok
18:05:50.0304 1248 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
18:05:50.0351 1248 umbus - ok
18:05:50.0398 1248 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:05:50.0429 1248 UmPass - ok
18:05:50.0476 1248 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:05:50.0523 1248 UmRdpService - ok
18:05:50.0554 1248 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:05:50.0616 1248 upnphost - ok
18:05:50.0679 1248 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
18:05:50.0726 1248 upperdev - ok
18:05:50.0772 1248 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:05:50.0788 1248 usbccgp - ok
18:05:50.0850 1248 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:05:50.0897 1248 usbcir - ok
18:05:50.0928 1248 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:05:50.0944 1248 usbehci - ok
18:05:50.0975 1248 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:05:50.0991 1248 usbhub - ok
18:05:51.0006 1248 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:05:51.0022 1248 usbohci - ok
18:05:51.0053 1248 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:05:51.0084 1248 usbprint - ok
18:05:51.0131 1248 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
18:05:51.0162 1248 usbser - ok
18:05:51.0194 1248 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
18:05:51.0225 1248 UsbserFilt - ok
18:05:51.0240 1248 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:05:51.0272 1248 USBSTOR - ok
18:05:51.0318 1248 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:05:51.0350 1248 usbuhci - ok
18:05:51.0381 1248 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:05:51.0428 1248 usbvideo - ok
18:05:51.0459 1248 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:05:51.0490 1248 UxSms - ok
18:05:51.0521 1248 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:05:51.0521 1248 VaultSvc - ok
18:05:51.0552 1248 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:05:51.0568 1248 vdrvroot - ok
18:05:51.0615 1248 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:05:51.0693 1248 vds - ok
18:05:51.0724 1248 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:05:51.0771 1248 vga - ok
18:05:51.0802 1248 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:05:51.0833 1248 VgaSave - ok
18:05:51.0864 1248 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:05:51.0896 1248 vhdmp - ok
18:05:51.0927 1248 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:05:51.0942 1248 viaagp - ok
18:05:51.0958 1248 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:05:51.0989 1248 ViaC7 - ok
18:05:52.0005 1248 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:05:52.0036 1248 viaide - ok
18:05:52.0052 1248 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:05:52.0083 1248 vmbus - ok
18:05:52.0083 1248 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:05:52.0114 1248 VMBusHID - ok
18:05:52.0130 1248 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:05:52.0145 1248 volmgr - ok
18:05:52.0176 1248 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:05:52.0208 1248 volmgrx - ok
18:05:52.0239 1248 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:05:52.0254 1248 volsnap - ok
18:05:52.0348 1248 [ 18507BDC6C15BD464DE9AB18B6AF1C23 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:05:52.0364 1248 vpnagent - ok
18:05:52.0410 1248 [ FDDAFA1C89B0B07494AF5879F7ECE857 ] vpnva C:\Windows\system32\DRIVERS\vpnva.sys
18:05:52.0426 1248 vpnva - ok
18:05:52.0457 1248 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:05:52.0488 1248 vsmraid - ok
18:05:52.0676 1248 [ 5A2DDC5411A092BEDB1A07755E087784 ] VSPerfDrv100 C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
18:05:52.0691 1248 VSPerfDrv100 ( UnsignedFile.Multi.Generic ) - warning
18:05:52.0691 1248 VSPerfDrv100 - detected UnsignedFile.Multi.Generic (1)
18:05:52.0769 1248 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:05:52.0847 1248 VSS - ok
18:05:52.0878 1248 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:05:52.0894 1248 vwifibus - ok
18:05:52.0925 1248 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:05:52.0988 1248 W32Time - ok
18:05:53.0034 1248 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:05:53.0066 1248 WacomPen - ok
18:05:53.0097 1248 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:05:53.0144 1248 WANARP - ok
18:05:53.0144 1248 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:05:53.0175 1248 Wanarpv6 - ok
18:05:53.0284 1248 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:05:53.0346 1248 WatAdminSvc - ok
18:05:53.0424 1248 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:05:53.0534 1248 wbengine - ok
18:05:53.0565 1248 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:05:53.0596 1248 WbioSrvc - ok
18:05:53.0627 1248 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:05:53.0674 1248 wcncsvc - ok
18:05:53.0705 1248 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:05:53.0768 1248 WcsPlugInService - ok
18:05:53.0783 1248 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:05:53.0814 1248 Wd - ok
18:05:53.0861 1248 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:05:53.0892 1248 Wdf01000 - ok
18:05:53.0924 1248 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:05:54.0002 1248 WdiServiceHost - ok
18:05:54.0017 1248 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:05:54.0033 1248 WdiSystemHost - ok
18:05:54.0064 1248 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:05:54.0126 1248 WebClient - ok
18:05:54.0158 1248 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:05:54.0204 1248 Wecsvc - ok
18:05:54.0236 1248 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:05:54.0298 1248 wercplsupport - ok
18:05:54.0345 1248 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:05:54.0392 1248 WerSvc - ok
18:05:54.0438 1248 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:05:54.0501 1248 WfpLwf - ok
18:05:54.0516 1248 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:05:54.0548 1248 WIMMount - ok
18:05:54.0657 1248 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:05:54.0766 1248 WinDefend - ok
18:05:54.0766 1248 WinHttpAutoProxySvc - ok
18:05:54.0891 1248 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:05:54.0938 1248 WinRM - ok
18:05:54.0984 1248 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:05:55.0031 1248 WinUsb - ok
18:05:55.0094 1248 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:05:55.0125 1248 Wlansvc - ok
18:05:55.0234 1248 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:05:55.0281 1248 wlidsvc - ok
18:05:55.0343 1248 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:05:55.0374 1248 WmiAcpi - ok
18:05:55.0452 1248 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:05:55.0499 1248 wmiApSrv - ok
18:05:55.0577 1248 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:05:55.0624 1248 WMPNetworkSvc - ok
18:05:55.0655 1248 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:05:55.0671 1248 WPCSvc - ok
18:05:55.0718 1248 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:05:55.0780 1248 WPDBusEnum - ok
18:05:55.0811 1248 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:05:55.0858 1248 ws2ifsl - ok
18:05:55.0874 1248 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:05:55.0920 1248 wscsvc - ok
18:05:55.0920 1248 WSearch - ok
18:05:56.0014 1248 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:05:56.0076 1248 wuauserv - ok
18:05:56.0123 1248 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:05:56.0170 1248 WudfPf - ok
18:05:56.0201 1248 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:05:56.0217 1248 WUDFRd - ok
18:05:56.0248 1248 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:05:56.0264 1248 wudfsvc - ok
18:05:56.0295 1248 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:05:56.0373 1248 WwanSvc - ok
18:05:56.0404 1248 ================ Scan global ===============================
18:05:56.0435 1248 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:05:56.0482 1248 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:05:56.0482 1248 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:05:56.0513 1248 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:05:56.0544 1248 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:05:56.0544 1248 [Global] - ok
18:05:56.0544 1248 ================ Scan MBR ==================================
18:05:56.0560 1248 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:05:56.0997 1248 \Device\Harddisk0\DR0 - ok
18:05:56.0997 1248 ================ Scan VBR ==================================
18:05:56.0997 1248 [ 8954F1E4698B9E65DA647C8EC6B59E65 ] \Device\Harddisk0\DR0\Partition1
18:05:56.0997 1248 \Device\Harddisk0\DR0\Partition1 - ok
18:05:57.0012 1248 ============================================================
18:05:57.0012 1248 Scan finished
18:05:57.0012 1248 ============================================================
18:05:57.0012 2332 Detected object count: 2
18:05:57.0012 2332 Actual detected object count: 2
18:06:11.0754 2332 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:06:11.0754 2332 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:06:11.0754 2332 VSPerfDrv100 ( UnsignedFile.Multi.Generic ) - skipped by user
18:06:11.0754 2332 VSPerfDrv100 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.06.2013, 18:15
| #6 | |
| /// the machine /// TB-Ausbilder | Virus nach Adobe-aktualisierung?Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Virus nach Adobe-aktualisierung? |
|
20.06.2013, 19:20
| #7 |
| | Virus nach Adobe-aktualisierung?Code:
ATTFilter ComboFix 13-06-20.01 - abc 20.06.2013 19:56:34.1.2 - x86
ausgeführt von:: c:\users\abc\Desktop\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\abc\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-20 bis 2013-06-20 ))))))))))))))))))))))))))))))
.
.
2013-06-20 18:06 . 2013-06-20 18:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-20 17:10 . 2013-06-20 17:10 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6C866FE9-50EC-4523-99FA-BF21E207251B}\offreg.dll
2013-06-19 09:45 . 2013-06-19 09:45 -------- d-----w- C:\b2643e4de09278eb733fb9
2013-06-18 06:25 . 2013-06-12 04:18 7068072 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6C866FE9-50EC-4523-99FA-BF21E207251B}\mpengine.dll
2013-06-12 09:24 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-06-12 09:24 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-12 09:24 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-06-05 19:27 . 2013-06-20 18:05 -------- d-----w- c:\users\abc\AppData\Local\assembly
2013-05-30 18:14 . 2013-05-30 18:14 -------- d-----w- c:\users\abc\AppData\Roaming\Microsoft Corporation
2013-05-30 17:55 . 2013-05-30 17:55 -------- d-----w- c:\program files\Microsoft Sync Framework
2013-05-30 17:55 . 2013-05-30 17:55 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-05-30 17:55 . 2013-05-30 17:55 596304 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU\install.exe
2013-05-30 17:55 . 2013-05-30 17:55 53088 ----a-w- c:\program files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU\install.res.1031.dll
2013-05-30 17:53 . 2013-05-30 17:53 -------- d-----w- c:\programdata\PreEmptive Solutions
2013-05-30 17:45 . 2013-05-30 17:45 -------- d-----w- c:\program files\IIS
2013-05-30 17:44 . 2013-05-30 18:03 2490752 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1031\ResourceCache.dll
2013-05-30 17:31 . 2013-05-30 17:31 -------- d-----w- c:\windows\symbols
2013-05-30 17:29 . 2013-05-30 17:36 -------- d-----w- c:\program files\Microsoft F#
2013-05-30 17:29 . 2013-05-30 17:36 -------- d-----w- c:\program files\Common Files\Merge Modules
2013-05-30 17:29 . 2013-05-30 17:33 -------- d-----w- c:\program files\HTML Help Workshop
2013-05-30 17:29 . 2013-05-30 17:29 -------- d-----w- c:\program files\Microsoft Help Viewer
2013-05-30 17:22 . 2013-05-30 17:22 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2013-05-29 08:37 . 2013-05-29 08:37 2517120 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1031\ResourceCache.dll
2013-05-29 08:29 . 2013-05-30 17:55 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-05-29 08:23 . 2013-05-30 17:45 -------- d-----w- c:\program files\Microsoft ASP.NET
2013-05-29 08:18 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2013-05-29 08:17 . 2013-05-29 08:17 -------- d-----w- c:\program files\Windows Kits
2013-05-29 08:10 . 2013-05-30 17:31 -------- d-----w- c:\windows\system32\1031
2013-05-29 08:10 . 2013-05-29 08:10 -------- d-----w- c:\windows\system32\1033
2013-05-29 08:03 . 2013-05-30 17:56 -------- d-----w- c:\program files\Microsoft SDKs
2013-05-29 08:01 . 2013-05-30 17:15 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0
2013-05-28 21:21 . 2013-05-30 12:56 -------- d-----w- c:\programdata\Package Cache
2013-05-28 20:24 . 2013-05-28 20:24 -------- d-----w- c:\users\abc\AppData\Roaming\e-academy Inc
2013-05-28 20:24 . 2013-05-28 20:24 -------- d-----w- c:\users\abc\AppData\Local\e-academy Inc
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-28 19:47 . 2012-07-19 07:59 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-28 19:47 . 2011-10-20 10:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 21:42 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2011-10-17 06:45 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-19 22:40 . 2013-04-19 22:40 113440 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1031\ResourceCache.dll
2013-04-13 04:45 . 2013-05-15 21:51 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 21:51 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-23 17:36 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 05:18 . 2013-05-15 21:51 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 05:18 . 2013-05-15 21:51 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 03:14 . 2013-05-15 21:51 2347520 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\abc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\abc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\abc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\abc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-31 348664]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-03-31 2221352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"OEM04Mon.exe"="c:\windows\OEM04Mon.exe" [2007-06-10 36864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
OfficeManager Terminerinnerung.lnk - c:\program files\TVG\DasTelefonbuch GelbeSeiten Map & Route\win32\officemanager\OMAlarm.exe [2011-10-27 201728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Scrybe.lnk
backup=c:\windows\pss\Scrybe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^abc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2012-06-07 15:35 522744 ----a-w- c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DELL Webcam Manager]
2007-07-27 14:43 118784 ------w- c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2011-05-13 14:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock.sys [2012-06-07 87976]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-15 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 ScrybeUpdater;Scrybe-Updateprogramm;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-06-07 478712]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 OEM04Vfx;Creative Camera OEM004 Video VFX Driver;c:\windows\system32\DRIVERS\OEM04Vfx.sys [2007-03-05 7424]
S3 OEM04Vid;Creative Camera OEM004 Driver;c:\windows\system32\DRIVERS\OEM04Vid.sys [2007-10-10 234720]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-20 c:\windows\Tasks\MATLAB R2011b Startup Accelerator.job
- c:\program files\MATLAB\R2011b\bin\win32\MATLABStartupAccelerator.exe [2011-10-29 14:36]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Free YouTube to MP3 Converter - c:\users\abc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{42F893E3-E64D-4DC7-9973-E0F30DD02CCC}: NameServer = 8.8.8.8
TCP: Interfaces\{42F893E3-E64D-4DC7-9973-E0F30DD02CCC}\453C6B27E627F63716: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-NokiaSuite - c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1400)
c:\users\abc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-20 20:17:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-06-20 18:17
.
Vor Suchlauf: 10 Verzeichnis(se), 175.233.634.304 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 176.605.433.856 Bytes frei
.
- - End Of File - - 62C8E99CDEAE9FB5D3CF72591455E1CF
A36C5E4F47E84449FF07ED3517B43A31
|
|
21.06.2013, 07:38
| #8 |
| /// the machine /// TB-Ausbilder | Virus nach Adobe-aktualisierung? Supi, Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST LOg bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.06.2013, 12:22
| #9 |
| | Virus nach Adobe-aktualisierung? Danke. Was ist ein FRST-log??? adwcleaner log: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 22/06/2013 um 11:28:45 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : abc - abc-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\abc\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : BrowserDefendert
Gestoppt & Gelöscht : WebCake Desktop Updater
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\abc\Desktop\Optimizer Pro.lnk
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\Delta
Ordner Gelöscht : C:\Program Files\Optimizer Pro
Ordner Gelöscht : C:\Program Files\WebCake
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\extensions\ffxtlbr@delta.com
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\extensions\plugin@getwebcake.com
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\Optimizer Pro
Ordner Gelöscht : C:\Users\abc\AppData\Roaming\WebCake
Ordner Gelöscht : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\f08a8bb63db948
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\DomaIQ
Schlüssel Gelöscht : HKLM\SOFTWARE\f08a8bb63db948
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=D6DB002269C03207&affID=120521&tsp=4921 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=D6DB002269C03207&affID=120521&tsp=4921 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=D6DB002269C03207&affID=120521&tsp=4921 --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\prefs.js
C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\ci9dlxw2.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=D6DB002269C03207&a[...]
Gelöscht : user_pref("browser.search.selectedEngine", "Delta Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=D6DB002269C0[...]
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "d6db21e9000000000000002269c03207");
Gelöscht : user_pref("extensions.delta.instlDay", "15878");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.511:19:33");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=120521&tsp=4921");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
*************************
AdwCleaner[S1].txt - [24357 octets] - [22/06/2013 11:28:45]
########## EOF - C:\AdwCleaner[S1].txt - [24418 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by abc on 22.06.2013 at 11:38:01,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{011E8D9C-57FC-410F-BC05-26E4A48E0BE5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{01E6F98D-028A-4477-B210-9E30F844B50D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{01F9E484-79CA-4B1C-BF7C-768A212FF5E5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0285914F-018B-4FFD-A648-EBF5A320ACE6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{03AC4439-20BA-4A4B-A874-DB043BA560CB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{03DE5B0B-A503-4127-8A4C-F624096108F5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{05160AEF-DD3D-470D-974C-6E5D5B03E030}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{059836DB-FA17-4F95-A121-15F0C762ACCC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{06C37CB9-A4D9-4B2F-95C3-A3AEA34744E9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{07267946-B2B8-4FB7-A17E-0116A9E563EE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0750A9B0-1170-4EF7-85E0-38EF56196AC0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{07A394EB-4220-4601-A743-4EA63187B1C5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{07F647D2-5C17-4071-9EDA-92D25442089E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{08520308-A555-4167-9672-C51F944B1150}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{087CF1AE-8BEC-4B34-B40F-9BFB85A5AF1C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{08AD181D-61A4-40BF-99C8-D052D15907D4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{095747F5-248E-4F88-9F75-988E9B4C2999}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{09817309-F7BC-472A-9CCC-9C248C78B2D7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0A6CEC60-9E2C-4A05-AB16-764D83829A28}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0A7744D0-46FD-4C2B-91E4-FB70D35B93DA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0A78ABA0-BB5B-4751-B677-087D1A59AC4B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0A79EF04-D61A-4017-AFDF-6FC024743115}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0B08DB21-0BE5-4C9E-AC7E-FCE9A5A4F312}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0BAC6526-6EEA-4789-982C-9658CE9498EE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0D09121E-558F-4CA9-A026-4A029183F42F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0D2F5522-9B33-4D67-88E1-B214A65B9E8F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0DE30602-E975-481B-9057-54E161327B58}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0E375251-21EA-4F73-8283-B46CE0A63EBA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0EF4F655-BC38-4708-95A2-F6680817C6DB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0F1238B9-2410-4104-B427-9F8F51544489}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0F47ED1A-FC24-460A-8C0A-0791C6861C70}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0F9A810E-CA3B-4006-AB07-BC68F027C99B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0FC97510-4D96-437B-BD52-B878319C50E7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{0FE48D49-6698-4BCC-AA80-59D95D330CB2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{112D3D97-A35F-43AD-AE00-7373C6DCD66B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{11C38DE7-5C40-44F1-876D-F821A588E861}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{12F0D0C7-9233-4E7B-B12A-F0BAC38A2B37}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{13A4A886-D696-494D-A299-5BBC61D6ACA9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{14AF46BD-5BB6-4650-B5A6-E52396A6F980}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{15804E20-F7B8-4CD6-A9E8-EF70DB9145F2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{15D56480-6448-48C1-86D7-FFB9F4FB79B9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{15E261AE-7EB1-42E6-B011-4A9EAF3C6631}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1646CD07-09A6-4462-8A8C-F3477FFC9C1E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1697C777-AE16-42F2-B294-3E5DB7CB1667}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1806EBDF-F799-4F3E-9C97-28639431E74F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1834BB6F-6A2A-46F0-95D5-51C704BE7171}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{18899D94-8B66-4902-9AA0-260089FD8E3A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{18CE9006-81E1-4C75-B36B-0F292AEF2F12}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{18E58DE3-B785-4489-A7E2-E08FD70B203E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{199525B4-C03F-4FD7-A2E6-7A2A7E9D171A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{19C6A1C6-3ECC-423A-B3BD-5F41478D6C63}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1A731CB6-8817-4802-8972-048BFCB663E0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1A8126D1-A40F-45B6-8B92-4402F066A502}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1AE06EBD-9F4A-4C77-AB5E-E0B7D75590D7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1B408F64-AF95-424C-BDCF-5B33930FF067}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1CF43ED2-45A8-4A23-B913-81A2999302E2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1D4EC122-9F57-4996-AB9C-D4327CAD524B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{1E2AC7EF-033F-49A3-BA4B-DC0025EBECDF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{20C423DA-0BCD-4C5E-926D-4809558C8EB5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{21077837-B9BE-438A-B6A1-2FFEF47119C0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2146DA7D-234C-4831-915B-7C90E3630C91}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{226D653E-3D09-45FC-AAD8-2D16A6DD8BFE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{229C933C-9ACA-4628-9A3F-0F3CE337F51E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{23690501-11E5-45C3-BF61-B31718F49604}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{242DC489-AEC3-49D5-8C70-9D75EC17A56B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2472E39F-F5F9-40EE-864A-1271CBCAC269}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{255CF78E-B680-4D00-B5F1-D7190B117A6B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{25E09484-A7EB-4F92-A2E5-AC3D72B75E95}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{264F207F-76FD-4ECE-8AA8-A985CD19DE22}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{26518EA6-C40B-441F-9D4F-BFE11520FA48}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{26F6BA59-DC6B-4398-AAA6-5C45CD408DED}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{270308B5-008A-4E4A-8B97-D2077E1B3368}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{27B238CA-13A3-4BE9-83C3-C7D47DEECDEE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{27B2AF97-A994-459F-AEB2-24F6D89E5464}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{27C1AC5A-0B30-4D25-8ED4-FD2213113BB7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2931B059-888C-45E2-8B21-BA818E0080FC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{29DFF18B-1935-4207-872C-D07DAE577441}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{29EFC40E-0E41-41C1-944D-DB4A6E2AAA15}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2A59BCE5-FE28-4D7D-A79F-0688F16E9FA1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2A98EBA4-5F21-4D5B-BB06-E088E2D2C1E6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2ADB9F8C-DED6-4D3A-9913-56760145DE18}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2AF3E47C-483E-4C5F-ACE6-AA597708CE6D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2B18A40B-8D8E-4D46-97ED-44238EE73249}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2B68575A-52BD-49D7-A22E-802BB1A6570A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2BD5F43E-DDE0-42B7-B33F-BB237DD7DCDB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2C5CE817-B4E1-4948-B584-C75A19F93FEB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2C5FD015-C821-4228-9B1E-5486224D9095}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2C66F625-CEDF-4FBC-B043-9CF72463F246}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2D8245E0-170E-4E1B-B870-F37439632415}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2DAB1721-7C7A-4D0B-8692-B013A5953C45}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2E6B71C6-E8AB-469E-ABC6-038F9CEFEE1B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2EB663CF-8037-4111-807E-9AA02B79DA92}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2F04AB33-BF37-4B1C-98C7-8E133A8F46B5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2FA26A99-AE2E-4130-9A70-A8E74C37313B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2FCCAEA1-9331-478C-BB1F-BDD558E6C254}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{2FDF1DE6-124E-4CEA-8CCF-CAB84B80832B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{30210B29-39C6-4362-9DA3-330677A3E1B0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{307B349E-6EB9-46FE-A127-8BB156140FCD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{316456FB-5DD2-44B6-BA2C-363485F7FCB7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3164DFA8-8518-4B73-98BA-26017A5F2273}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{318E4006-79D3-4225-970C-B0319C53A3D7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{31AED108-FBC2-4CB5-A691-DF78C0DFD5E3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{31B34E5F-4219-47C1-8ECB-DE23B369600A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{32E1A11A-1A77-4FE4-A818-F4CD63D1C19F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3370B10A-92FE-4954-9ACD-1D29A7028F9A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{33D23E3E-B918-4803-9CC4-D969C976FE2D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{346ED7E4-4B94-4458-8890-21EFA225F716}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{34C42054-D854-4E71-8313-4C584F2F39E6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{355F848C-CD7B-4C72-AE89-9D286632A340}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{357B0B07-A2C2-4C47-B1C2-2252A93B5800}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{35C21BB4-BF61-433C-A584-DC385CCF84A0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{35EE6393-9194-4B65-9819-421B5FF0694C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{360A91C3-E1FA-413B-8BCE-BE2447C3A2C1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{360EFE9C-71E7-44DE-8FD8-7A75F2ACC9A6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{36E10294-8754-46BA-BCE3-E8548FBCA71C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{37AD8292-43D8-4281-8EB2-D0660FEA0D92}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{37CBEEA4-68AF-4347-8640-E6F171C5BFC3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{37DE9E73-8381-49E3-8629-DE61C7658652}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{37E24520-EB7F-43ED-B2E5-1CC5A8BC8C8A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{38A1CDEC-2890-4163-989B-A9397394A461}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{38DA65ED-F942-4ACD-8C95-041B404C2867}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{38E6F142-0F89-4E45-86B7-30AD27173983}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{397157CE-D489-4DC0-981B-D1FBDB00AC2E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{39E86CED-54E0-48FF-BB84-1AC8D3F70743}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3A0246FE-D0C3-4D67-9DC0-CDAA26C1810E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3A1C562F-3314-4325-8AB2-C8476F6718B7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3AC4E153-97AC-4504-B67C-C34B0ED63A14}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3ADC5E22-E1FB-40C7-9A9D-D18E8D42D4B9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3B3D7127-2712-4B21-82C4-F43147883B83}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3BA47EAE-CC6E-415F-A209-60B02C44043F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3CA054F4-7D6D-4F9E-A521-834AF2DD7C08}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3CA2F54E-851D-4C8F-89B3-70A2EF13F5C4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3CB72245-CA34-496F-A0E7-0303CDE843F6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3E1475A3-4C7C-4AB7-8328-22C42BA0EBC9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3E2ACF6D-FEF6-496A-99D9-05E15086F37C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3EB4F1C3-8B06-4D76-946A-8FF756F7DAE2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3F030775-AB47-4E86-9501-7C01CC3B696A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3F2C88DF-4758-48F9-9132-116F9C908635}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{3FBB3207-E134-40B0-B8BE-3F68BF81866C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{40A1B90A-BFEF-4B66-B7BD-BB6880E82991}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{40EC23E5-6A76-40A9-9031-B2518B007804}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{41AF199C-DAE7-43C7-B108-114895104035}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{42597335-C2D6-459C-AF36-60CEF477FC48}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{42B49575-DF1E-43B1-A6C5-3B780EDEDB60}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{42B56A79-3B9E-4F1D-B193-553A4E97789B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{42CA45AE-A13A-40B6-819C-43AF73766444}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{42D43B2C-A8A1-4C0E-AF0F-CB1C1B6BB519}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{43198F6B-360A-4D5D-9BC1-13FECB9C757E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{43F0E312-3393-495C-A63E-8C4BFF1D4E34}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{452FEC5C-B1C7-4AC0-842F-B5910AD96546}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4591CF69-DF4A-49C3-8B59-BB17E8DC7991}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{463C0E7B-558A-48F2-A407-E223A2AD63AD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{46C364C2-5269-49F1-B5C3-34E9DAF2FEC1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{471B4545-9318-4526-AD66-1060D09E51A1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{474710FC-D7F7-4837-B47E-923FB19CC99A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{479AF3F2-7ADC-449E-988E-DB8762CD6D92}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{48169F71-B86A-4726-BE29-8F2F1CF9B86C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4857810D-D9F5-4D27-867D-DB870EB82830}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{496C5197-6C6C-4501-9D22-59A5AB6E5598}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{49AA7E25-0FBE-4ED8-A371-AD977EFEFC18}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{49BB05D9-7A57-4D7C-8675-118752AD3058}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{49C6E97D-F964-4884-A983-7197057C18CC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4A3DEF50-7FFB-4FE6-B996-D83871F2E082}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4AB7C322-FB37-41EB-B3B7-CD16853315FF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4C811671-53D0-4F01-AAE9-1A09FC9603CE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4D532107-E53B-43FA-96A9-E7D78B5FF535}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4DACFF90-622E-4B07-B6E3-D2F118F55ACD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4DDBA0FD-26C8-4A04-9FD2-38A2CC49FA52}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4DEE6DBA-1733-447D-94DF-46C3B0192BE1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4E0CC062-C141-4145-B53D-E77B62DD5201}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4E244A35-54EE-44AF-886E-067E666E96DD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4ECACD75-629F-4D07-B62A-23D9312243EA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4EE0E10A-BA2F-452A-BF5C-AF7C1BB47739}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{4EFB9C05-7F9A-4C68-AEA3-22A345E7B37E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5001FB01-E71F-4CA0-ABDC-0B99F2C2EFA1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{501C2391-1B21-47CE-94DB-4935AA7A9DB1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{502860B5-F7B3-40B3-BC09-FE81BB8C66CC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5030E35A-4F02-45F3-B844-8332FC2F3FB3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{508C90C3-3805-46B0-8C22-FFD62F4B708D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{508E48B3-94D6-465B-A09D-7086C01F04AB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{51013A00-D3A1-47EE-9D97-DD1443E74E49}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{51AACB20-61E8-471C-B799-2AB8EAD3EBEC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{51DC884F-928C-4A95-9C00-12E997D6759C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{521E57A9-3BF6-47FD-95A3-A12C748D770A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{538E89F4-DA3E-4CCB-A4A2-B450D9DFECD3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{54340059-DB74-4DD2-B786-E74D057E61A4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{54A6B13D-D17B-41B1-AE2C-4035A9CC5CAB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{54AAF2D6-9054-47C2-ACDB-9AA6515F4BF2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5549DC85-7E3E-4509-9781-9A0C24EE5B34}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{55BDF816-2BB7-4C61-86AB-6D69E0FF50AD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{564AEA03-D92A-48F8-A81D-825F7B2EC2B9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{56F8208A-B1AD-4795-8923-038B22AAC0E6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{570F66D0-11F9-43F5-8A67-86A729566BB3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5768BF20-A939-481E-8902-ACE934485234}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{580114E8-1860-4CE4-90A2-87D5BE6A5205}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{58266B3E-C057-4CBC-9C2D-46A71CD57C4E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{583D2511-B9EE-4911-8A4A-6B9D3467ED58}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{58B10AED-6EB9-4CB4-96E8-2B5F85F3242F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{58F5ED66-2D67-42B8-9DAD-582278A71856}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{59AF66F3-17ED-4066-A877-AAFB3649B4AF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5AEE282D-153B-41A1-A2AC-68242558F156}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5C9AFEFE-4A7D-4562-ADF3-898A999CA4AD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5CB91B0B-C5BA-432B-B6FA-A4885DFCB804}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5D29677F-5896-4360-A5B8-B4CD6BDCE00F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5DED24E1-5234-43D4-BFD6-3047942C463A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5E45F4BF-AA33-4B75-8741-60CEA2E6FA69}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5EDF5BCA-9DCC-4372-A512-1913713339DB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5EFB5D32-EB98-4A5B-B476-54F10FCB5B00}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5F7E6FA8-6C73-46B1-B4B2-0A749975C18B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{5F8E0A4C-C0F0-4A52-BCB7-1CCED801322C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{606B233A-DC05-40C7-84DB-7493D2B463C2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{607D7F61-3C4E-4ACA-AC22-B09F80A606D5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{61824D73-67C5-4089-9CA9-8FE6D80B96FC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{61D0B90A-D308-45CD-B54B-F89C3F9B9B3B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{61D190AE-73FE-4715-A7D7-63DE3D41FC49}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{61E44BE9-9962-46EB-A752-EBD5D0EF94CB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{62B23C7E-C8F7-445B-A3B4-8942B72B3AED}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{637AE655-1554-45BB-BF17-13BE44274E21}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{63B2CD32-F0AC-4110-AC3D-239E513DB27F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{64138B38-D994-49B0-A97D-506CAA84E276}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6438455D-0A02-463B-A49D-65713B1D8DC7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{64EAF5F5-A177-49C1-A211-1372F78FBFE9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{651B30EC-1226-4201-89B4-F4DED223AAF0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{65D24082-C189-4862-A516-F56F7BECD2C0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{65D62C0C-1427-4A0F-AA81-28DD75F0F674}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{661B5A33-6C7B-4102-9D1C-21E4FFA6D67D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6687508E-8668-447E-A63A-88C8C39485FA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{668B6D52-016E-42D8-AF2D-FF5E2D841CBA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{66981E8F-4235-4890-A339-0DFC86B2777B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{679BCE58-CF74-4482-953D-4724363257C3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{697392D1-A4DE-45A0-9D82-632A9EEB7155}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6A942D5D-8A91-47F4-9E1F-436825307EA6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6BD28C38-98A1-4670-A2F0-39E168B2002A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6D57AD4D-820E-4458-BB0A-F0C50C58F606}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6DE4124E-5A66-4BA2-BD95-0C44CB8DF8B2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6DE9E22C-435D-4F12-B1BB-88779F574901}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6EE4B7CE-34C9-41A8-A08C-3A29E8C70CE6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6F79DE35-1BD5-4839-9FEC-3DD5A0F73553}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{6FCFED5A-28F9-431D-B398-C8156D237AAE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{71AFCF83-D28C-49BB-96B7-486C68235778}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{720E5E29-42FA-40DC-8AAD-D0BD092A0D8C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{73DB5387-17D2-4100-A746-876E54ED8F62}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{73ED436C-0542-4FAC-B639-E9BFB615DD5A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{74285863-3E1F-4AB8-A90F-211A8DFC37D3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{746C0C8C-B6F2-40AE-8A7D-17F302122B8C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{747082AE-812A-446E-A6E3-C2BFC7967651}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{74994A2C-B060-4FD4-801A-63AF7D1DCE16}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{74C99D96-A353-4847-91D9-DE62BCDFC375}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7534B748-CAC6-4161-8F50-DC5D8109DA93}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{75CA1E88-EB74-4B38-889C-54085D5FBE79}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{75D0C5F5-0295-4F5A-B2B8-3292FC8E903B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{77429D7C-4433-4DBA-A29A-BECE73A80F82}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7768B220-09C1-4B0D-9C4C-BEB650149A8E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{778B4B59-0586-49C3-B9FA-BE6ADCA43834}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{77BB2E5E-1441-47AC-BE4F-28977DDD5EB6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7808CE48-29C1-4EFE-8A4E-91723E2FC9C8}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{78D772B0-F88E-4273-8CD8-9BDC9D4DB65C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7935E654-5B84-480E-B040-A1D4C49C7942}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7AF987F3-D46E-4F2A-BF5B-74F0CE8F6A88}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7C91AB0D-1FBA-4F27-8AA4-BF0C1363602A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7CEF0F97-7BB7-4208-836A-CEAC8CACEFBE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7CF9530B-E998-4549-8C41-25766AF62B48}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7D12E0FD-D5DC-4C80-B82C-6B63F5DBEB74}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7DE886A8-135E-4EF7-8652-4AB8F51168A8}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7E397A6A-FCE7-41F8-B192-04F37FD009B8}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7EF89BA3-666A-49C5-B046-2CC625FE749C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7F31B20D-DA79-44D8-989B-CE8D16D11A6D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7F60BFF1-EA10-46F2-A66F-66976565B976}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{7FD0BD1A-9B16-4859-916D-31E300629A51}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{80358D77-FD49-4519-AEF3-89C41B109537}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{803A6DE4-14EB-4B49-A20F-E18535F0BA45}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8117EA34-47DA-41CE-9569-77BE20768402}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{81220736-EFE0-4650-B906-8F8FBCFD8BB7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{81D2980B-A1EA-4265-B68E-E68CA7E15CD5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{81F41151-7638-4D4B-ADF5-C1F628947E11}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{820F53A5-9CB9-42E0-B44A-AEECAE333512}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{821EA48C-98DD-4D24-BE9F-BFF84D92E139}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8236C2E9-961C-42E1-B32A-ED89781814F9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{82892107-4215-4393-8495-99695A31C532}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{82E95F9C-9EC7-4C81-B074-2893268B5EC4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{82FB1D7E-6213-4472-8CBE-5508D3E7F91F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8457FD1D-EBC2-4A4C-932C-6A130F69C0F1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{84727479-BF62-4855-AD05-91894F7C9137}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{84F50815-CBE3-4C8D-A2AC-8EF43AEDFB7A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8507705A-B4B5-460F-9267-40411690F5A1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8604634B-F739-49A4-91FE-33F432066B09}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{86E7798D-D7EA-44D2-A628-E007E74A84DF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{87626DBC-6C8A-48A5-87F1-91EC97A61BAE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8775E64A-437A-4760-9F63-C8D0838C212C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{88157BF6-C495-411B-BEEA-34940ED57B8F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{88F6C71D-7923-4A25-BAC2-AB4A93AA42B6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{88FB58B6-46FC-4D8D-8A05-843FC123056A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{89FE53BC-2A6C-45A6-888B-28A3BDEB459C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8A8B365F-4B89-44F4-81E1-B11B470071F5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8B25715E-4623-4E97-A075-984BC80AA060}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8BE12461-52E5-4521-8FDD-B87A5B1FF1D5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8E029183-FAB0-43A3-9C33-FE24A960BC2C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8E370CB6-E225-4CEE-9B91-6AEC8AD74484}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8E4C40E0-8014-4444-982D-6519BA4B4DEB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8FADA6BE-97EB-4332-98E8-691EF99585B6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{8FB76776-ABD1-467B-B04E-8C5287548DDB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9007645D-57EC-4C71-B90D-456DFBDBC8B3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{901350F0-4638-4CDE-8544-563EE0B3F835}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{902C08FF-BFD1-4E30-B3C1-5690086441B1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9045720D-12CD-4EBE-889D-AC57C6C6A2F0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{907A98D7-B0C7-4236-A7F4-0335BDF862E9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{90DE4106-C7B1-468E-AEAD-3D308F8A586F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{91694591-B35A-4DBC-8CB2-BD4DFED78785}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{926BE3DB-83C2-42B5-9B17-390A7CAF2CB1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{92946D6A-42E3-4AE5-B50C-C3EF72A3363D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{92D32EF0-99F6-4D7B-AF52-5A2E832A59B0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{949D9FFA-3D7D-416E-845E-3003F5C2E1C5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{94B2EC91-5347-479B-824A-8C0EB153FBF9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{979426A3-459C-468E-9D3E-89C4C26D27E1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{97D651DE-3C95-4892-A1A2-26CDF134C7B1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{98906BB4-3C83-459D-8FA9-A6EDF806C6DD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{98A14AF8-7DA1-4E3B-A144-B18F149A382A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{98FF3FBF-1B80-43A7-ABED-00E59489BECC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{99744107-9A7E-4E2A-A286-83EA61F66AF7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{999FAC8D-7039-420E-9068-E37075861036}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{99E08A93-CBE6-4D28-A908-FE2D111161A2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9AB18BE7-3C9C-428D-9306-3B5F3810549F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9AD053A6-E1A0-4CA8-A270-4BCE7D75B438}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9B159606-43F1-4C59-9FA7-B53F92F284F9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9BAC1074-1FD4-4B15-9418-B6520B79D06E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9C6BFD36-381E-4EE4-B4B5-C38BEC419E83}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9C7C9F93-E550-4D7B-9122-291007AE39B9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9D0AE9C5-B393-4FB2-A8A9-34F13A4C012A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9D205582-D89B-4F01-919E-C6AD9EB67DC1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9D3D9463-EDEF-4EA9-B3EE-AD99F3FF80D3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9D64B792-9A27-4095-8702-EF6410FA65F2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9D82AE2E-78B1-4DD2-9F6F-FE58E1D15F39}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9DAD47FC-178F-45D9-82DA-D880CA06DD5C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9DD8B334-5426-4F2C-8F25-B631050649B3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9E07EDDF-F0B3-4000-AB52-AE3EDC4FFD50}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9E68227E-1367-413C-8712-4D481776AE92}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9F4FE8F2-B4EF-489E-A95F-420E52E9729C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{9FA81FB8-0384-4F35-8C82-E07FD951C4EF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A0086C59-7977-468C-8295-2E982A7ACEF6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A052C011-C535-4AF9-9024-D6F16CE3CCC1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A146E829-48A7-40B2-B726-64287FE04DB4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A14EE9EE-EAC2-4DBC-BBD1-941094EAAA21}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A19B8BBF-4EDF-46B2-A4E6-85B4E7D64439}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A234CB73-5877-44A2-9A6D-ABFCD4F3F184}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A275E7E2-8CD3-41FC-8FDE-BC1A181BB3AB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A2FEBAFD-BA5B-44AE-8700-5C281F27435E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A48B7F4A-C515-4A73-9C7B-C854ADFC2212}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A511AF80-8746-4B69-A996-BF85F9F90D6A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A539EA4A-D11A-4979-A000-A51EDED8C3D8}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A5D2CE1A-BC98-44A8-8A87-13D4F64D77A9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A60BA41A-6242-4B14-BD3F-96FAFAB2EADF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A690A507-072B-493D-BDA5-9CE610BF552D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A699977A-ACA5-4FA1-9FCB-E54491BBFB2C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A6D56D7C-B15D-4282-A880-26E96C8300A7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A7D33641-A842-4279-AD44-A9A1FB223D14}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A825BF6D-2B08-4F48-ADDC-98AB9103DE1B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A83E8790-A4A0-43B7-A420-353140CC2A56}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A845A88D-F5CD-4E76-A6F9-D482DB2A25A3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A86101E7-8A01-4011-8A8B-92941E9C8816}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A8638DFB-8C8E-48C2-9238-782E07D2F25E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A87019AF-3297-4D8A-884F-82AE08E61727}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A8AA4C05-7D55-486E-94C8-DA38838004CD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{A949B8F0-D2E4-4A55-BAA3-7E42D7703F6E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AA1F844F-27F4-45C2-B834-77D9C8CE7516}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AA44FA83-04DE-456A-A7D2-2429A66A2CC8}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{ABB03860-9910-4E02-A26B-76BBF8563177}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{ABD1102C-3CE3-4647-89EF-4025BFE8122D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{ABF00DD2-906A-4836-AF69-CC733AECB4B5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AC0C4D85-FCEC-4744-BE4F-CC31D4FE923F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{ACAE1921-9958-4A2E-A822-777BEF140976}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AD6B6D95-3103-4E54-A9F8-8C0EFF34B94A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AE3E67F6-B926-4050-B27D-3D59652114CB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AE93FAE2-1516-45B7-8A93-A1C12C5BAA3F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AE998EF0-A40A-4694-AE6C-59F655BB0964}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{AF022919-D9EE-47D5-96CE-5E32A7A50662}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B1B19D2E-FAD0-419B-BFF8-376637E58EAE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B1E4B66A-A3B5-4502-9CC9-D4E64EC91E7F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B2A7833D-CCD4-4794-B20E-6525AC494D94}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B329A130-AF52-4968-B069-2E7156C2547E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B3FAE182-9855-4CA3-A9C1-751C24C286F1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B476F9E5-6D5A-43C4-8E36-ADE3A74833CD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B486387B-07EF-4772-8214-C4955B9E514C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B54BAD6D-523C-4373-A844-61F8149EE086}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B57125AF-95DC-4617-9FE6-FCDF8C8C60FD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B5B2B5D9-521C-4C70-8998-AE405A5E6420}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B61911EA-3F5E-4CF8-8195-C742F45F0DF8}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B7094E12-2A24-4B97-A591-752BFE846C4D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B7B9374A-BF53-4AE2-8C6E-89072361FA0E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B7EE301E-0F98-44AC-A8DE-C8BEFD0A3C74}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B7F77378-686A-4960-8FCA-56846B0871C6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B88400EF-D906-4422-8453-5EBD91A04E59}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B88BACC9-76DE-4AF4-9A61-3999CC4385FB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B8B8A7BF-92DE-4AA4-86F2-931BA18ABBEE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{B99461C5-20F3-42C5-9D9F-C2483F2564B3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BABE909E-6C34-482E-B0E1-DE35BA22991C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BBB3FB50-DAC6-4BD6-ACB3-2C6319887649}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BBE4B212-636F-40B7-AF51-8D0BBD68FDBD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BC94B246-4123-4C36-B787-4902164E2CEC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BC9C15F9-7CD7-464D-BDB3-F07BF1045A02}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BD310E92-2EF3-4323-BE9F-89595E02B825}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BDB81B1E-859C-46C2-B876-4F42F49A6F43}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BE2D9449-11AC-4F55-AB5D-9D283646AD0D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BEA2F082-344B-4CCF-93A5-2C73692BD428}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BEAA22BA-603F-45C4-A057-2BDE42FF93F4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BF18F824-6A66-44C1-AA49-AA496E2ED0F4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{BF5F46C9-39A2-472A-8677-D91ABB063626}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C068F0B0-E27E-4376-AEBC-DA3F1D466C8C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C0AC5CD3-EAE7-400A-AFD9-194E2C4D5CFD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C123FAE9-FC28-43F3-A001-C6783E08243F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C1570A26-3E47-436C-A975-AB02DFCEE149}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C18B382A-9250-4E6F-80F3-68181F9B9AFA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C3586DC4-90FE-4CB0-9321-A1A6D8906EFE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C377AFE9-C5D9-49E4-98CF-A96F7C16CD89}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C3DB4313-1DE4-4221-9407-DB67156FE410}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C3FF94B8-9F8D-4F4D-92CD-4AFAC24ED23D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C4621DBB-D638-4802-8C10-247AF2E3E077}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C4E01B74-ADE9-407F-9730-008308C270C5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C4F5BDB7-978F-4B23-B858-2610B1F8C69A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C5030743-39D1-4788-9464-23468E15443A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C5B30790-40E6-491C-93C4-C879FD8EE370}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C642702E-DC6E-46AF-A400-96C4C303915A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C706BCDF-0274-43E3-B0CF-9D9CAB5444C4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C7218606-A135-4344-8989-5F93611F2767}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C72B28AB-7E8E-409C-A3BB-B4F85BB9D513}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C7A8DE70-1328-4E83-84AC-F27C7A742A15}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C86360D8-7921-4636-B729-797F9DD8F63B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C8848CEB-9DDB-4E09-8644-7FDD78178BB0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C957E2D1-6530-40E9-A242-30492F2580E5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C9B79FA1-AECE-46A2-948C-2FA73CE66436}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{C9DB99E8-6435-4663-B012-371AD71949E8}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CA334503-1577-4D03-913F-31A4C2625F2A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CCCFBC1C-904A-46BD-8645-B82E53EEEFD7}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CCD10367-67C7-4FDB-8AEF-F445E033CAF2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CCE4D274-BA33-4752-AC5C-E0C8D8DA0E9C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CD1310D5-D4F5-46CB-8DFA-05A9218033F0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CD93B284-3406-4FD9-8CD4-5A382557DBC9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CDFEBC4B-FAD7-4E63-AEE1-FD58FC97418D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CE5739BB-FF73-4706-8A8C-90BAC001F73E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CEC8348B-2B24-4929-88C2-AE5940352F2B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CFBA82A4-6E1F-448F-9523-E078BB7CF335}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CFE712A1-650F-4FA0-A62E-1BBDDC109AFA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{CFF830A1-931E-4A49-8F5D-B0C87F7F65D2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D0010EB2-7DDC-401F-BB67-E14CAE256043}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D00DC412-223F-45A1-B0A9-FBFD86BBE49F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D016297C-44C4-4ED8-BD9F-882C9C6B4178}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D15A050A-4E5D-49C1-91F3-3C29CBB003C3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D299308A-4DBE-45F1-AB2E-F2CCABDD31AC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D2FC0470-258E-45D9-A3E1-7941D6FFF9FA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D3F41685-8E28-468B-A738-279E8CCCD554}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D4244D21-6E9F-4102-AE8C-1AA3D62D91F6}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D44BD541-3CCC-441C-BFB8-466D3DE3A0EA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D46D6B2F-2A8A-435E-A6ED-A846D1F7E9FE}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D4767991-C89B-4F0F-8AD4-020A96EE7B89}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D48D8E67-DADC-48D0-9D10-7FB441AFFB3A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D4C5ED29-612A-4CCC-AE47-41386226054A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D608991E-CDE6-43BE-A54E-7E97DCF7078D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D628A32A-3B37-400E-8C2C-06A94CD59419}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D6685016-2571-48AD-ABD3-812608AC4CF9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D68B4888-AD40-4CBA-9C89-99DBF6CBF73D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D6EA458A-B40E-4B9B-9604-CD917ED640A5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D7DE4F67-A5DC-4F1A-82D6-94A9A3FE4A95}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D8231D18-A8DD-47DD-9066-FEB33F202562}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D86B9C55-C120-41A4-9D7B-D43D1121D388}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D8D22666-D63E-4D79-919C-7EB9C2A71CA2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{D8DFE323-5269-4BCB-8124-41878E7DBA01}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DB5C3EE1-2250-4A0C-A979-BF954D931CC5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DC212964-D972-4EF4-8B12-10CEDB929009}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DC3AD3F1-8E19-4D22-8D86-136D1A7FDD99}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DC467DA8-DEEE-49E8-B597-1AEA290665AC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DD395C3A-8183-41AC-AFED-6306CF3D9493}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DE02834C-0748-4C04-A4DD-EA2A552897ED}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DE053574-20C5-41AF-B292-49D7E9554A3F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DE15CCC5-E0B9-4E36-9682-EE97F087DAE1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DEECD121-132F-4F5F-9476-2972C9CDC9EF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{DF72D8C5-C449-42D5-8654-BA6534266C34}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E0CE0143-F1BB-46CE-A5EA-9160E3A637E4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E11287E8-2511-4EB7-97CD-B37FF1B33E6F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E1415419-BC71-4490-AAFE-61628378CAC3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E1692A96-067C-471D-B6B7-2AE90BB0FB17}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E1CB9349-A1AC-432F-94BD-4004EC6ABC2B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E2A3E829-A868-49B8-8148-751FF2714A70}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E2EF0832-D5F9-47DE-BA2A-2B15705EECF0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E418D972-3F52-404B-B612-90659E3D8D60}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E4CC5EC9-DD84-4AB4-9036-22AB98171EDB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E4D55B37-23C5-4511-931A-C6BB5CF09EC2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E6503506-EC7D-4209-83FC-7CA9BDD6BD5C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E671686F-8395-4D2F-B113-83D8EEA9952A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E67820E6-398A-4F4D-B95B-875DAAE49798}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E7014CB9-EBD4-4F06-BFA2-A23E834F6052}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E7A54A24-A397-4B12-ABF0-6F1AF3618191}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E7EFDFB0-B78E-461E-B6FD-DA872F7C37B5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E8015559-7124-423C-AA4C-1A7DDB179974}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E85A718A-0825-4C30-8D1C-B3F65B4CA480}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E8852436-5DB8-456B-8327-BFBC99D6D191}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E9297B3E-DE4C-4476-A809-6DE32DF15C6B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E96F1C7A-9893-452A-A6C7-5EF60A8782F3}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E999F7FB-6B9D-4BE3-8E1C-BA13A6086DAF}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{E9BD37A5-FEF8-431A-934D-8E9B8DBD5540}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EA99095D-6807-4B0D-A9BE-3E23E1186D90}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EAC84954-020C-4D73-B237-754D31DEFC50}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EBBA2485-DC11-4632-893F-A1EF524EBC61}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EBFF3A70-3520-4239-AD76-2BA54571143D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EC7A89A4-279E-4843-A570-CB1C785DAD0D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EC96E079-9B49-4D4E-94FF-CA80F5D77079}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{ED122916-6769-4151-B69E-10F1D54E2BDC}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{ED610C74-CAA0-41CD-9AE8-37CF68B5A09F}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EDCA7165-E991-4DD0-A07B-E15EA570839C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EE468D3E-119A-4D34-AB6B-B4F0AA42FB41}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EE55C4F2-8725-4BEF-B840-C24A4B978D94}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EEB5A605-6457-4880-84DC-C7D111A302DD}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EF30E247-E136-4FDF-963E-5DC34AAE0A58}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EFB8FDFE-CB5E-41D5-96C2-CC15B1BE8A41}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{EFCEE74F-58DF-4B3A-91E9-030BEC77327B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F0452CBE-293C-41A5-93CE-FF045737335A}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F048A953-3819-4D02-8F7E-BBD079698295}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F052AF53-51E0-49B3-84AA-DF3B26D94150}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F2A3F7C8-70AF-49E3-A2A2-8F4C028F7ED1}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F4645C0C-48DE-493F-9731-3932EF47AD6E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F4AD8341-AF33-4510-AE4D-DE6EB233BE68}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F4D7418B-533E-4C39-8A61-4D741AF29106}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F6490A87-68B4-45FA-9D87-6AD3A6B315C9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F6A00618-F2BB-4F02-A341-6ABC9212FF8D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F6C5A1E6-4445-4D8A-8D21-D89BC3819565}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F75EEAC1-4462-4381-9D6C-E470D34370A2}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F789FCC9-27FA-42A4-8B08-124E0717D01E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F7DDA1C5-525C-4BB9-A47E-E05071F8050D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F8442D54-18CB-4264-A2DE-5B7BE80DA4A4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F89D7EA5-8333-409E-9627-75771F6A4853}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F9025549-99BD-4AF9-86BC-2B7DCCBCB9D4}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{F91F346B-559D-4669-8F3E-EBF5BED47827}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FAE9F7C5-7244-4ADA-8DA3-C648E341564E}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FB4AE09B-F08F-4174-8D27-A2B3544BC173}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FBDB2F70-5967-432F-A3A5-9956EBA2E3BB}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FC6797E4-1CC4-4A7E-B911-FB63C10B62A0}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FC872CFC-7B9C-4E76-894E-A00CF2CE3DA9}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FCE8CEE2-0473-495C-8141-C852F72A57B5}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FD5C46DC-9C3A-4D89-BF04-9FDE7CB10055}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FD7D07EF-2865-4CE5-861F-BAD4A58B8A05}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FD7E2546-CA72-4699-A35A-C5D102285F72}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FDB8DB46-DA3F-4CBB-88C6-C4806DDF0DBA}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FE45C420-18B9-43BF-81EE-2D2324DF709D}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FE469C32-72ED-4B62-B7DA-9BB6B2EDD60B}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FEEE131C-C14B-4ED4-BDA9-B0ADB6F6136C}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FF18636E-2C2C-4ED9-9A1E-C39EA820A805}
Successfully deleted: [Empty Folder] C:\Users\abc\appdata\local\{FF6591F9-8CF2-4EFA-BFB0-7EDE81DA5FFC}
~~~ FireFox
Emptied folder: C:\Users\abc\AppData\Roaming\mozilla\firefox\profiles\ci9dlxw2.default\minidumps [196 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.06.2013 at 11:40:06,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
22.06.2013, 13:23
| #10 |
| /// the machine /// TB-Ausbilder | Virus nach Adobe-aktualisierung? Ich meinte OTL, sorry  . Aber lass das erstmal.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
jetzt bitte ein frisches OTL log. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2013, 18:16
| #11 |
| | Virus nach Adobe-aktualisierung? ESET log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b612a645083f7c459a5796485a0f0e47
# engine=14286
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-06 12:36:16
# local_time=2013-07-06 02:36:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 100 16367 238494266 9143 0
# compatibility_mode=5893 16776573 100 94 60865 124702167 0 0
# scanned=268800
# found=3
# cleaned=0
# scan_time=14582
sh=67D181F0D9FEC6690C0AE4C606DEA14A5C0E6CDD ft=1 fh=3b21a895403b5dee vn="multiple threats" ac=I fn="C:\Users\abc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\909DP3XR\WebCakesetup[1].exe"
sh=C67F6FE42E785BBBC2D88DBE179C536A72A6B201 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="C:\Users\abc\AppData\Local\Mozilla\Firefox\Profiles\ci9dlxw2.default\Cache\9\F6\B2625d01"
sh=ADB0754D6A634043EBE0228D318686C3AFF7018F ft=1 fh=74fb63aaf4af7151 vn="a variant of Win32/SpeedingUpMyPC.B application" ac=I fn="C:\Users\abc\AppData\Local\Temp\DM\BygnNqs37vPIh87\software\OptimizerPro.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b612a645083f7c459a5796485a0f0e47
# engine=14289
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-06 02:54:10
# local_time=2013-07-06 04:54:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 100 67841 238545740 60617 0
# compatibility_mode=5893 16776573 100 94 112339 124753641 0 0
# scanned=356356
# found=2
# cleaned=0
# scan_time=17457
sh=67D181F0D9FEC6690C0AE4C606DEA14A5C0E6CDD ft=1 fh=3b21a895403b5dee vn="multiple threats" ac=I fn="C:\Users\abc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\909DP3XR\WebCakesetup[1].exe"
sh=ADB0754D6A634043EBE0228D318686C3AFF7018F ft=1 fh=74fb63aaf4af7151 vn="a variant of Win32/SpeedingUpMyPC.B application" ac=I fn="C:\Users\abc\AppData\Local\Temp\DM\BygnNqs37vPIh87\software\OptimizerPro.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.68
Windows 7 Service Pack 1 x86 (UAC is enabled)
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 7 Update 10
Java version out of Date!
Adobe Flash Player 11.7.700.202
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (22.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
TVG DasTelefonbuch GelbeSeiten Map & Route win32 officemanager\OMAlarm.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter OTL logfile created on: 06.07.2013 18:03:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\abc\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 41,49% Memory free
5,98 Gb Paging File | 4,21 Gb Available in Paging File | 70,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,47 Gb Total Space | 159,09 Gb Free Space | 55,73% Space Free | Partition Type: NTFS
Computer Name: abc-PC | User Name: abc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Users\abc\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
PRC - C:\Windows\OEM04Mon.exe (Creative Technology Ltd.)
PRC - C:\Programme\TVG\DasTelefonbuch GelbeSeiten Map & Route\win32\officemanager\OMAlarm.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Users\abc\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_weblink.DEU ()
MOD - C:\Users\abc\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU ()
MOD - C:\Users\abc\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU ()
MOD - C:\Users\abc\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu ()
MOD - C:\Programme\Adobe\Reader 10.0\Reader\sqlite.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxslt.dll ()
MOD - C:\Programme\TVG\DasTelefonbuch GelbeSeiten Map & Route\win32\officemanager\OMAlarm.exe ()
========== Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (ScrybeUpdater) -- C:\Programme\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (catchme) -- C:\Users\abc\AppData\Local\Temp\catchme.sys File not found
DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (acsock) -- C:\Windows\System32\drivers\acsock.sys (Cisco Systems, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (VSPerfDrv100) -- C:\Programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (OEM04Vid) -- C:\Windows\System32\drivers\OEM04Vid.sys (Creative Technology Ltd.)
DRV - (OEM04Vfx) -- C:\Windows\System32\drivers\OEM04Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 D3 A3 17 3B F7 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.03 09:59:03 | 000,000,000 | ---D | M]
[2011.10.17 08:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\abc\AppData\Roaming\mozilla\Extensions
[2013.06.22 11:28:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\abc\AppData\Roaming\mozilla\Firefox\Profiles\ci9dlxw2.default\extensions
[2013.07.03 09:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\Extensions
[2013.07.03 09:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.07.03 09:59:08 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Programme\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [OEM04Mon.exe] C:\Windows\OEM04Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\abc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42F893E3-E64D-4DC7-9973-E0F30DD02CCC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42F893E3-E64D-4DC7-9973-E0F30DD02CCC}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74558793-B7E4-4C2A-A12D-670F0DDE9738}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2013.07.06 18:01:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\abc\Desktop\OTL(1).exe
[2013.07.03 09:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.06.29 00:18:18 | 000,000,000 | ---D | C] -- C:\Users\abc\Documents\7-PDF Split & Merge
[2013.06.29 00:18:08 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\7-PDFSplitMerge
[2013.06.29 00:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
[2013.06.29 00:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\7-PDF
[2013.06.26 19:13:42 | 000,000,000 | ---D | C] -- C:\Users\abc\.pdfsam
[2013.06.25 22:38:55 | 000,000,000 | ---D | C] -- C:\Users\abc\Documents\BMW Stellenangebote
[2013.06.24 19:52:17 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\Elektr. Straßenfahrzeuge
[2013.06.22 11:37:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.22 11:37:45 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.22 11:37:08 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\abc\Desktop\JRT.exe
[2013.06.22 11:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2013.06.22 11:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.06.20 20:17:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.20 19:54:54 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.06.20 19:54:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.06.20 19:54:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.06.20 19:54:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.06.20 19:54:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.20 19:54:02 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.06.20 19:52:15 | 005,081,444 | R--- | C] (Swearware) -- C:\Users\abc\Desktop\ComboFix.exe
[2013.06.20 18:01:46 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\abc\Desktop\tdsskiller.exe
[2013.06.19 11:45:04 | 000,000,000 | ---D | C] -- C:\b2643e4de09278eb733fb9
[2013.06.16 13:57:27 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\EM Felder Biomedizin
[2013.06.12 18:21:54 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\3.Semester (Master)
[2013.06.12 11:24:07 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013.06.12 11:24:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013.06.12 11:23:56 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.06.12 11:23:55 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.06.12 11:23:46 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.06.12 11:23:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.06.12 11:23:45 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.06.12 11:23:45 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.06.12 11:23:44 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.06.12 11:23:42 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.06.12 11:23:42 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.06.10 19:04:40 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\Gassensorik
[2013.06.05 21:27:04 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\assembly
[2013.05.30 21:13:10 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\ElectricalMachinesSoftware
[2013.05.30 20:14:04 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Microsoft Corporation
[2013.05.30 19:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
[2013.05.30 19:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2013.05.30 19:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2013.05.30 19:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2013.05.30 19:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK - Deutsch
[2013.05.30 19:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.05.30 19:45:23 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2013.05.30 19:44:04 | 000,000,000 | ---D | C] -- C:\Users\abc\Documents\Visual Studio 2008
[2013.05.30 19:31:01 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2013.05.30 19:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
[2013.05.30 19:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2013.05.30 19:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft F#
[2013.05.30 19:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2013.05.30 19:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\HTML Help Workshop
[2013.05.30 19:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2013.05.29 10:34:38 | 000,000,000 | ---D | C] -- C:\Users\abc\Documents\Visual Studio 2012
[2013.05.29 10:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013.05.29 10:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ASP.NET
[2013.05.29 10:18:20 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2013.05.29 10:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Kits
[2013.05.29 10:10:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033
[2013.05.29 10:10:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\1031
[2013.05.29 10:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2013.05.29 10:01:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 11.0
[2013.05.28 23:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.05.28 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\e-academy Inc
[2013.05.28 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\e-academy Inc
[2013.05.22 21:40:50 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\TUM-WIN
[2013.05.20 10:09:33 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\Speicherkarte Bilder 20-5-13
[2013.05.15 23:51:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.15 23:51:36 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.15 23:51:20 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.15 23:51:06 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.15 23:51:06 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
========== Files - Modified Within 60 Days ==========
[2013.07.06 18:02:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\abc\Desktop\OTL(1).exe
[2013.07.06 17:33:51 | 000,013,624 | ---- | M] () -- C:\Users\abc\Desktop\security check log (wieder löschen).odt
[2013.07.06 17:33:50 | 000,000,098 | -H-- | M] () -- C:\Users\abc\Desktop\.~lock.security check log (wieder löschen).odt#
[2013.07.06 17:00:31 | 000,021,987 | ---- | M] () -- C:\Users\abc\Desktop\ESET log.odt
[2013.07.06 17:00:29 | 000,000,098 | -H-- | M] () -- C:\Users\abc\Desktop\.~lock.ESET log.odt#
[2013.07.06 13:01:40 | 000,000,546 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013.07.06 11:39:01 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 11:39:01 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 11:30:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.06 11:30:36 | 2408,087,552 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.05 22:32:26 | 000,699,666 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.05 22:32:26 | 000,654,464 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.05 22:32:26 | 000,149,774 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.05 22:32:26 | 000,122,336 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.07.02 20:06:21 | 000,022,384 | ---- | M] () -- C:\Users\abc\Desktop\Namensänderung.odt
[2013.07.01 10:14:30 | 000,094,084 | ---- | M] () -- C:\Users\abc\Documents\Felder_Biomedizin_Klausur_WS11_12.pdf
[2013.06.29 00:18:09 | 000,001,202 | ---- | M] () -- C:\Users\Public\Desktop\7-PDF Split & Merge.lnk
[2013.06.23 14:42:16 | 000,001,017 | ---- | M] () -- C:\Users\abc\Desktop\Dropbox.lnk
[2013.06.22 11:37:16 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\abc\Desktop\JRT.exe
[2013.06.22 11:25:41 | 000,648,201 | ---- | M] () -- C:\Users\abc\Desktop\adwcleaner.exe
[2013.06.20 19:52:24 | 005,081,444 | R--- | M] (Swearware) -- C:\Users\abc\Desktop\ComboFix.exe
[2013.06.20 18:16:12 | 343,254,034 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.06.20 18:02:15 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\abc\Desktop\tdsskiller.exe
[2013.06.11 17:57:46 | 000,005,120 | ---- | M] () -- C:\Users\abc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 19:00:41 | 000,128,172 | ---- | M] () -- C:\Users\abc\Documents\Prüfanmeldung Energieversorgung lib Markt.PNG
[2013.06.09 18:20:27 | 000,234,202 | ---- | M] () -- C:\Users\abc\Desktop\Stdplan 3.Semester.pdf
[2013.06.08 15:14:17 | 001,199,463 | ---- | M] () -- C:\Users\abc\Desktop\TUM Create.pdf
[2013.05.30 13:20:11 | 000,037,496 | ---- | M] () -- C:\Users\abc\Documents\Key Visual Studio 2010 Ultimate.PNG
[2013.05.29 11:18:58 | 003,863,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.28 23:03:09 | 000,037,612 | ---- | M] () -- C:\Users\abc\Documents\Key Visual Studio 2010 Professiobal.PNG
[2013.05.28 22:36:43 | 000,045,223 | ---- | M] () -- C:\Users\abc\Documents\Key Windows8 und Visual Studio Ultimate.PNG
[2013.05.28 22:24:36 | 000,003,139 | ---- | M] () -- C:\Users\abc\Desktop\Secure Download Manager.lnk
[2013.05.28 22:21:19 | 000,034,685 | ---- | M] () -- C:\Users\abc\Documents\Key Microsoft Visual Studio.PNG
[2013.05.28 21:47:05 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.28 21:47:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.20 00:21:34 | 000,357,138 | ---- | M] () -- C:\Users\abc\Documents\asos bestell 2.PNG
[2013.05.16 20:21:34 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.16 20:18:22 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.16 20:17:32 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.16 20:17:14 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.16 18:44:21 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.13 05:08:10 | 000,903,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.05.13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.05.10 05:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
========== Files Created - No Company Name ==========
[2013.07.06 17:33:50 | 000,000,098 | -H-- | C] () -- C:\Users\abc\Desktop\.~lock.security check log (wieder löschen).odt#
[2013.07.06 17:33:49 | 000,013,624 | ---- | C] () -- C:\Users\abc\Desktop\security check log (wieder löschen).odt
[2013.07.06 17:00:29 | 000,000,098 | -H-- | C] () -- C:\Users\abc\Desktop\.~lock.ESET log.odt#
[2013.07.06 17:00:27 | 000,021,987 | ---- | C] () -- C:\Users\abc\Desktop\ESET log.odt
[2013.07.02 18:27:57 | 000,022,384 | ---- | C] () -- C:\Users\abc\Desktop\Namensänderung.odt
[2013.07.01 10:14:53 | 000,094,084 | ---- | C] () -- C:\Users\abc\Documents\Felder_Biomedizin_Klausur_WS11_12.pdf
[2013.06.29 00:18:09 | 000,001,202 | ---- | C] () -- C:\Users\Public\Desktop\7-PDF Split & Merge.lnk
[2013.06.22 11:25:34 | 000,648,201 | ---- | C] () -- C:\Users\abc\Desktop\adwcleaner.exe
[2013.06.20 19:54:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.06.20 19:54:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.06.20 19:54:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.06.20 19:54:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.06.20 19:54:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.06.10 19:00:41 | 000,128,172 | ---- | C] () -- C:\Users\abc\Documents\Prüfanmeldung Energieversorgung lib Markt.PNG
[2013.06.09 18:20:27 | 000,234,202 | ---- | C] () -- C:\Users\abc\Desktop\Stdplan 3.Semester.pdf
[2013.06.08 15:14:16 | 001,199,463 | ---- | C] () -- C:\Users\abc\Desktop\TUM Create.pdf
[2013.05.30 13:20:11 | 000,037,496 | ---- | C] () -- C:\Users\abc\Documents\Key Visual Studio 2010 Ultimate.PNG
[2013.05.28 23:03:09 | 000,037,612 | ---- | C] () -- C:\Users\abc\Documents\Key Visual Studio 2010 Professiobal.PNG
[2013.05.28 22:36:43 | 000,045,223 | ---- | C] () -- C:\Users\abc\Documents\Key Windows8 und Visual Studio Ultimate.PNG
[2013.05.28 22:24:36 | 000,003,139 | ---- | C] () -- C:\Users\abc\Desktop\Secure Download Manager.lnk
[2013.05.28 22:21:19 | 000,034,685 | ---- | C] () -- C:\Users\abc\Documents\Key Microsoft Visual Studio.PNG
[2013.05.20 00:21:34 | 000,357,138 | ---- | C] () -- C:\Users\abc\Documents\asos bestell 2.PNG
[2012.04.01 10:37:33 | 000,000,297 | ---- | C] () -- C:\Users\abc\K_Clusterzentren.mat
[2012.03.11 14:46:56 | 000,000,337 | ---- | C] () -- C:\Users\abc\AppData\Local\Perfmon.PerfmonCfg
[2012.02.08 23:45:41 | 000,003,728 | ---- | C] () -- C:\Users\abc\.Xauthority
[2011.12.19 02:54:55 | 000,005,120 | ---- | C] () -- C:\Users\abc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.13 12:41:02 | 000,125,952 | ---- | C] () -- C:\Windows\System32\ZLhp2600.DLL
[2011.11.13 12:40:26 | 000,337,920 | ---- | C] () -- C:\Windows\System32\ZSHP2600.EXE
[2011.11.06 20:39:00 | 000,212,992 | ---- | C] () -- C:\Windows\System32\WMIMPLEX.dll
[2011.11.06 20:39:00 | 000,031,744 | ---- | C] () -- C:\Windows\System32\maplec.dll
[2011.11.06 20:39:00 | 000,020,480 | ---- | C] () -- C:\Windows\System32\maplecompat.dll
[2011.10.18 15:10:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.10.17 14:32:32 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011.10.17 09:03:19 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 06.07.2013 18:03:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\abc\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 41,49% Memory free
5,98 Gb Paging File | 4,21 Gb Available in Paging File | 70,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,47 Gb Total Space | 159,09 Gb Free Space | 55,73% Space Free | Partition Type: NTFS
Computer Name: abc-PC | User Name: abc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1 -- [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2011.12.05 01:05:29 | 000,000,000 | ---D | M]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0670BFC8-E329-4575-ACF4-8A106B473EBF}" = rport=137 | protocol=17 | dir=out | app=system |
"{1C00987B-D0C8-4D80-966E-93B7AEE3E81A}" = rport=445 | protocol=6 | dir=out | app=system |
"{219EC414-108D-4AEE-A36E-A1B9CF45EF30}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22FA8EE2-E6AD-473F-9D82-E716F4DE4851}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D58E453-F32A-486B-A504-724ABABCD248}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{398945FF-607B-4AB0-B185-62BB1D4000D4}" = rport=138 | protocol=17 | dir=out | app=system |
"{4702CFAE-9947-44A5-8F3B-1E41FB122025}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{63E85681-1346-4050-AFCA-AE71CED77A2F}" = rport=139 | protocol=6 | dir=out | app=system |
"{81677B64-C732-4D26-84A2-6E1BC6889614}" = lport=137 | protocol=17 | dir=in | app=system |
"{A03B5B71-1A13-468A-9C46-8757EFF3A595}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B07EBCE6-5275-4C20-81CA-47F8A73411BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B7BBA457-2B4B-40D9-928D-EAE19FE53CAB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D52CCBD5-C859-41C1-BC73-42F520C0641C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ED7702F0-E5F6-4803-9E2E-0ADD31F02D5E}" = lport=445 | protocol=6 | dir=in | app=system |
"{F5AED12D-193A-452C-B188-6E3E48CFB08A}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C9A587-2BB3-4330-90C9-030506B7C011}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{040D999E-C07B-4060-8FA6-39AD54331750}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{116953CC-48BB-4768-BA13-9C77E5B8928B}" = protocol=17 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"{20EDCEDB-487F-44A6-8A29-2E62502C069D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{253A0745-BA39-43C8-8C47-2BD45F5F79E3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3C73740A-3898-4B4B-969A-6D5F713F4EBF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{505A88E9-C33C-4CF3-BECF-010B591D265D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{61278E0D-2BA6-4D6C-A83A-62D26D14813C}" = protocol=6 | dir=in | app=c:\users\abc\appdata\roaming\dropbox\bin\dropbox.exe |
"{6773560A-9DF6-4791-BD0D-FF8D04459940}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{68576115-3B22-4BAA-93A0-783CA603FE49}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6AEED965-009D-4381-A43E-BD2D09D53795}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6B650CC9-B5C2-4487-8C47-2FDC61EE2471}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{6BD1C00B-9D80-4901-A23A-40FC5512D152}" = protocol=17 | dir=in | app=c:\users\abc\appdata\roaming\dropbox\bin\dropbox.exe |
"{70995E8C-99E4-4EB9-820A-2C6E202F55F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{798E5472-1C99-4D25-B6EB-963FDC644FEC}" = protocol=6 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"{85EBC0DC-2FB1-4BF3-9D81-0C6CCAFBDBA7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8886D9A7-5550-4290-8DEF-7489CAC0ACB0}" = protocol=17 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"{8F877195-E571-4466-B6A3-225403D75E88}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{95876E26-1CC1-4B8C-8BB0-6F8EF7A3AD8D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A90285E4-E02F-4E67-A09D-B62F223A9A1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AF8945A8-8598-41E9-94E6-13CE71B9B06D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C9A24375-4E43-4EF8-BD09-E69C04548A7B}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E39825D2-4837-4406-8FE6-18B35F6CCF21}" = protocol=6 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"{F11DFAA6-191E-453E-998E-4E00F65AB740}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{60AB7808-FC2F-4EDA-A8DD-BA5DFEBAE3F5}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{6BBC8E17-2737-4571-AF0C-E4C495ABE1A3}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{74638EEA-4C6E-4179-B5F9-1C07AA1E2803}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"TCP Query User{8EB12B1B-82F8-41E6-A8A1-E4AC8CF66220}C:\program files\nx client for windows\bin\nxssh.exe" = protocol=6 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"TCP Query User{99D8FA21-41EA-487D-9082-7B00C840E263}C:\program files\maple 14\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
"TCP Query User{CC37514B-29C4-4ED6-80F5-B10D11D5FE40}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F25D2FB3-AB11-4B15-9D71-456AC6B95884}C:\program files\maple 14\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
"TCP Query User{F3DC652E-01F0-4C80-9BE9-0BD8893675A1}C:\program files\nx client for windows\nxclient.exe" = protocol=6 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"UDP Query User{161B8598-5433-428A-839A-0531930AB570}C:\program files\nx client for windows\bin\nxssh.exe" = protocol=17 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe |
"UDP Query User{1E611272-2B6A-42CA-A5D2-93E38E05F715}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{44033CB0-A245-4FD8-976F-BEC669E77374}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5E65C8BC-9551-4089-B38C-8D1292EE7B00}C:\program files\nx client for windows\nxclient.exe" = protocol=17 | dir=in | app=c:\program files\nx client for windows\nxclient.exe |
"UDP Query User{7F9CE1F0-74CE-453E-B53C-794C48E58048}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8D9E9534-AFA0-442E-A97C-F88A95244019}C:\program files\maple 14\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
"UDP Query User{C5297E67-8BCB-488B-8312-EDA510AC288F}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"UDP Query User{FB849A29-7232-443D-9440-EA0C69530F4D}C:\program files\maple 14\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 14\jre\bin\maple.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}" = Synaptics Gesture Suite featuring SYNAPTICS | Scrybe
"{1570DE88-A78A-37FD-8A05-92620D160CCA}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{28C7A4BB-3966-4373-8376-C11F38290630}" = Microsoft SQL Server 2012 T-SQL Language Service
"{2A3CC014-FA33-4027-AECD-9A4845223209}" = Microsoft SQL Server 2012 Native Client
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4135C790-0387-36D7-9C2A-1B09A5900460}" = Microsoft Visual Studio 2010 Ultimate - DEU
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}" = Microsoft-System-CLR-Typen für SQL Server 2012
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E7D7400-4F4F-409D-8F8A-43BF1DAC575A}" = TouchChip USB Driver 2.6
"{8EAA9D70-C912-3708-92DD-0CCC26F386E1}" = Microsoft Visual Studio 2010 Performance Collection Tools - DEU
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{929F5BFC-60F0-34EC-A50B-2001AAC03D56}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{9D7EF9D6-212E-3C87-AB96-ED9F2A6C3218}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A41EB7B5-8883-4795-A587-AAD8A84A010D}" = Cisco AnyConnect Secure Mobility Client
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6379B13-1DFD-4364-9FDD-4632AA90C99D}" = O&O SafeErase Professional
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) de
"{DBE8431C-CF9A-38C3-B42D-28B6FCE1EA3B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}" = Microsoft Sync Framework Services v1.0 SP1 (x86) de
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"7-PDF Split & Merge_is1" = 7-PDF Split & Merge Version 2.1.0 (Build 128)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Creative OEM004" = Laptop Integrated Webcam Driver (1.03.01.1011)
"DasTelefonbuch GelbeSeiten Map & Route" = DasTelefonbuch GelbeSeiten Map & Route
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HEROLD Telefonbuch DVD network" = HEROLD Telefonbuch DVD network
"HP Color LaserJet 2600 series" = HP Color LaserJet 2600 series
"Maple 14" = Maple 14
"Matlab R2011b" = MATLAB R2011b
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Microsoft Visual Studio 2010 Ultimate - DEU" = Microsoft Visual Studio 2010 Ultimate - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nxclient_is1" = NX Client for Windows 3.5.0-7
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"JDownloader Packages" = JDownloader Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.06.2013 06:09:15 | Computer Name = abc-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\OO
Software\SafeErase\oosecmd.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.06.2013 06:11:30 | Computer Name = abc-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\MATLAB\R2011b\bin\win32\VCRT_check.exe".
Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 23.06.2013 01:57:13 | Computer Name = abc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879,
Zeitstempel: 0x518ec3cc Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879,
Zeitstempel: 0x518ec306 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001c9789 ID des fehlerhaften
Prozesses: 0xf18 Startzeit der fehlerhaften Anwendung: 0x01ce6fd653d42cc3 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften
Moduls: C:\Program Files\Mozilla Firefox\xul.dll Berichtskennung: bf7cfded-dbc9-11e2-8426-002269c03207
Error - 23.06.2013 04:08:51 | Computer Name = abc-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\MATLAB\R2011b\bin\win32\vcrt_check.exe".
Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 26.06.2013 03:37:17 | Computer Name = abc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TEXCNTR.EXE, Version: 1.0.0.0, Zeitstempel:
0x493c1915 Name des fehlerhaften Moduls: CrysEditEx.dll, Version: 0.7.0.0, Zeitstempel:
0x493c1494 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000e336 ID des fehlerhaften Prozesses:
0x159c Startzeit der fehlerhaften Anwendung: 0x01ce723ffa20a87f Pfad der fehlerhaften
Anwendung: C:\Program Files\TeXnicCenter\TEXCNTR.EXE Pfad des fehlerhaften Moduls:
C:\Program Files\TeXnicCenter\CrysEditEx.dll Berichtskennung: 39ae8673-de33-11e2-901d-002269c03207
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
70 Invoked Function: CapiCertUtils Return Code: -32767981 (0xFE0C0013) Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiStore File: .\Certificates\CollectiveCertStore.cpp
Line:
922 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32767981 (0xFE0C0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::searchProcessesForUserToken File:
.\IPC\WinsecAPI.cpp Line: 1391 Invoked Function: Process32Next Return Code: 18 (0x00000012)
Description:
Es sind keine weiteren Dateien vorhanden.
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108865
Description = Function: CWinsecApiImpersonateUser::acquireTokens File: .\IPC\WinsecAPI.cpp
Line:
101 CWinsecApiImpersonateUser::getUserImpersonationToken returned NULL
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser File:
.\IPC\WinsecAPI.cpp Line: 81 Invoked Function: CWinsecApiImpersonateUser::acquireTokens
Return
Code: -32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertUtils::CCapiCertUtils File: .\Certificates\CapiCertUtils.cpp
Line:
92 Invoked Function: CWinsecApiImpersonateUser::CWinsecApiImpersonateUser Return
Code: -32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertStore::CCapiCertStore File: .\Certificates\CapiCertStore.cpp
Line:
70 Invoked Function: CapiCertUtils Return Code: -32767981 (0xFE0C0013) Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore File: .\Certificates\CapiCertSmartcardStore.cpp
Line:
40 Invoked Function: CCapiCertStore::CCapiCertStore Return Code: -32767981 (0xFE0C0013)
Description:
WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 06.07.2013 05:31:01 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CCollectiveCertStore::addCapiSmartcardStore File: .\Certificates\CollectiveCertStore.cpp
Line:
959 Invoked Function: CCapiCertSmartcardStore::CCapiCertSmartcardStore Return Code:
-32767981 (0xFE0C0013) Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED
Error - 06.07.2013 05:33:09 | Computer Name = abc-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
[ OSession Events ]
Error - 02.04.2012 20:28:07 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 3586 seconds with 600 seconds of active time. This session ended with a
crash.
Error - 03.04.2012 22:45:20 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 37 seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.04.2012 22:45:48 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 18 seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.04.2012 06:06:42 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 3817 seconds with 1260 seconds of active time. This session ended with a
crash.
Error - 07.04.2012 06:48:44 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 256 seconds with 120 seconds of active time. This session ended with a crash.
Error - 23.04.2012 13:44:11 | Computer Name = abc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 20 seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 04.07.2013 15:11:53 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 04.07.2013 15:15:13 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 05.07.2013 04:40:00 | Computer Name = abc-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?07.?2013 um 10:34:26 unerwartet heruntergefahren.
Error - 05.07.2013 04:41:50 | Computer Name = abc-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 05.07.2013 05:19:33 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 05.07.2013 08:51:52 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 05.07.2013 11:46:48 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 05.07.2013 14:23:00 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 05.07.2013 15:46:20 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 05.07.2013 16:03:16 | Computer Name = abc-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
< End of report >
Vielen Dank  |
|
07.07.2013, 06:07
| #12 |
| /// the machine /// TB-Ausbilder | Virus nach Adobe-aktualisierung? Java und adobe updaten. Fixen mit OTL
Code:
ATTFilter :Files
C:\Users\abc\AppData\Local\Temp\DM\BygnNqs37vPIh87\software\OptimizerPro.exe
:Commands
[emptytemp]
Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.07.2013, 12:39
| #13 |
| | Virus nach Adobe-aktualisierung?Code:
ATTFilter All processes killed
========== FILES ==========
C:\Users\abc\AppData\Local\Temp\DM\BygnNqs37vPIh87\software\OptimizerPro.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: 2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 58264 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: abc
->Temp folder emptied: 35360548 bytes
->Temporary Internet Files folder emptied: 10063803 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 130296151 bytes
->Flash cache emptied: 60347 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 61162 bytes
RecycleBin emptied: 28432627 bytes
Total Files Cleaned = 195,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07072013_132747
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
07.07.2013, 12:54
| #14 |
| /// the machine /// TB-Ausbilder | Virus nach Adobe-aktualisierung? Meine Frage beantworten
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 12:27
| #15 |
| | Virus nach Adobe-aktualisierung? Nein, ich hab keine Probleme mehr. |
|
| Themen zu Virus nach Adobe-aktualisierung? |
| aktion, aktualisiert, antivirusprogramm, appdata, avira, befindet, datei, entferne, entfernen, firefox, flashplayer, gefundene, gefundenen, gemeldet, js/blacoleref.cz.20, local, meldung, unerwünschtes programm, users, vermutlich, verweigern, virus, zugriff |
Textbox. 
Hybrid-Darstellung
