Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.04.2014, 21:43   #1
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Hallo liebes Forum,

Habe heute versucht TeamSpeak 3 seit einiger zeit mal wieder aufzuspielen. Dabei geht die Installation (64 bit) ohne Probleme. Wenn ich Versuche das Programm zustarten kommt direkt der Fehler das der angegebene Dienst kein installierter Dienst ist. Mehrfacher neustart und neu Installation brachte nichts.

Hier die logs die bei einem neuen Thema gern von euch gesehen werden.

Vielen Dank schon mal


bei dem Programm "gmer" trat folgener Fehler auf: "Die Anweisung in 0x004011aa verweist auf Speicher 0x20303341. Der Vorgang read konnte nicht im Speicher durchgeführt werden.

Klicken Sie auf "OK" um das Programm zu beenden."

Danach ist das Programm beendet.



Log`s sind zu lang, deswegen angehangen.
Angehängte Dateien
Dateityp: txt FRST.txt (55,6 KB, 142x aufgerufen)
Dateityp: txt Addition.txt (79,7 KB, 145x aufgerufen)
Dateityp: txt Ereignisse.txt (704 Bytes, 116x aufgerufen)

Geändert von rudak (05.04.2014 um 22:16 Uhr)

Alt 06.04.2014, 07:34   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 06.04.2014, 11:50   #3
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Code:
ATTFilter
Exportierte Ereignisse:

05.04.2014 21:40 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Administrator\AppData\Local\Temp\is1590112554\3087237_stp\uninstaller.
      exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben
         


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Administrator (administrator) on FIFU-PC on 05-04-2014 22:31:13
Running from C:\Users\Administrator\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\psxss.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Soluto) c:\program files\soluto\soluto.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Octoshape ApS) C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190472 2009-09-17] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [LogiScrollApp] - C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [5889816 2011-12-07] (Logitech Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [DS3 Tool] - C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-03-25] (AMD)
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [Octoshape Streaming Services] - C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [70936 2009-01-08] (Octoshape ApS)
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Administrator\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe -silent

==================== Internet (Whitelisted) ====================

ProxyServer: 219.83.62.50:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x09F8B1D0F9F7CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a9397-135&apn_uid=4364009910184243&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {CF85CA8F-C78E-44AB-AF1D-0405A97DB86D} URL = 
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a9397-135&apn_uid=4364009910184243&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {CF85CA8F-C78E-44AB-AF1D-0405A97DB86D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN67462371713930216&UM=2
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=100&systemid=473&v=a9397-135&apn_uid=4364009910184243&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {CF85CA8F-C78E-44AB-AF1D-0405A97DB86D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN67462371713930216&UM=2
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default
FF DefaultSearchEngine: Freemium DE Customized Web Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Freemium DE Customized Web Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3311336&octid=CT3311336&SearchSource=61&CUI=UN72286315531286267&UM=2&UP=SP71C9EC9F-E26C-4D53-B6C0-0DCEA6D0D9AA&sspv=TB_TNI
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&SearchSource=2&CUI=UN72286315531286267&UM=2&sspv=TB_TNI&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @powerchallenge.com/PowerLoader - C:\Users\ADMINI~1\AppData\LocalLow\PowerChallenge\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\Administrator\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Administrator\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Administrator\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\searchplugins\searchplugins-backup
FF Extension: Разпознаване на устройство Logitech - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\DeviceDetection@logitech.com [2010-09-23]
FF Extension: FIFA Online Web Launcher - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\eafo3fflauncher@ea.com [2010-08-28]
FF Extension: TVU Web Player - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\firefox@tvunetworks.com [2010-06-26]
FF Extension: Simple Dyyno Launcher - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\NPDyyno@dyyno.com [2010-05-04]
FF Extension: StumbleUpon - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\toolbar@stumbleupon.com [2012-07-10]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-04]
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-08-19]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2011-07-21]
FF Extension: Freemium DE  - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{e66f4171-0f28-4599-a595-58b840522f7e} [2013-11-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-05-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi [2013-08-27]
FF HKCU\...\Firefox\Extensions: [{E0CC257A-4D42-4ED7-AFAF-0AE6422F60D0}] - C:\Program Files (x86)\Copernic Desktop Search - Home\Firefox36Connector
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-16]

Chrome: 
=======
CHR HomePage: hxxp://search.babylon.com/?affID=109958&tt=010712_7&babsrc=HP_ss&mntrId=4e8b3082000000000000485b391de0c0
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-18]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-18]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-18]
CHR Extension: (Google-Suche) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-18]
CHR Extension: (The Godfather: Five Families) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl [2011-10-30]
CHR Extension: (Logitech Flow Scroll) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi [2013-12-18]
CHR Extension: (Freemium DE) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jopemfhojpebdeollanchfjhpbkcijoi [2013-12-18]
CHR Extension: (Browser Guard) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfepagcelbegkpkcjgfeecmlnmkedjin [2013-12-18]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-12-18]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Docs Viewer für PDF/PowerPoint (von Google)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2012-10-14]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-12-18]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-01-06]
CHR Extension: (Google Mail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-18]
CHR HKCU\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Administrator\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-11-21]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Administrator\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-02]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\ADMINI~1\AppData\Local\Temp\tbch.crx [2012-11-02]
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2012-04-16]
CHR HKLM-x32\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Administrator\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [kfepagcelbegkpkcjgfeecmlnmkedjin] - C:\Program Files (x86)\Browser Guard\browserguard.crx [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
S3 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
S3 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-03-08] (Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
S3 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-10-14] ()
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-07] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2009-07-14] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2009-07-14] (Microsoft Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182840 2012-11-21] (Soluto)
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2007-03-29] (Syntek America Inc.)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
S3 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1621800 2012-08-11] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-14] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\ADMINI~1\AppData\Local\Temp\7zS663B\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2012-03-10] ()
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S1 Beep; No ImagePath
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
S3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [18328 2010-04-09] (Initio Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [14336 2010-06-03] (secr9tos)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-24] (Duplex Secure Ltd.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1352832 2007-05-10] (Syntek)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz132; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 mvvideodemo; system32\DRIVERS\mvvideodemo.sys [X]
U4 RemoteRegistry; 
S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X]
U4 W32Time; %SystemRoot%\system32\svchost.exe -k LocalService
U4 WerSvc; 
U2 WinDefend; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-05 22:31 - 2014-04-05 22:31 - 00031491 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-05 22:31 - 2014-04-05 22:31 - 00000000 ____D () C:\FRST
2014-04-05 22:25 - 2014-04-05 22:25 - 00003418 _____ () C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2014-04-05 22:21 - 2014-04-05 22:21 - 00000668 _____ () C:\Users\Administrator\Downloads\defogger_disable.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00000188 _____ () C:\Users\Administrator\defogger_reenable
2014-04-05 22:20 - 2014-04-05 22:20 - 02157056 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00380416 _____ () C:\Users\Administrator\Downloads\Gmer-19357.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00050477 _____ () C:\Users\Administrator\Downloads\Defogger.exe
2014-04-05 22:19 - 2014-04-05 22:19 - 00000704 _____ () C:\Users\Administrator\Desktop\Ereignisse.txt
2014-04-05 21:30 - 2014-04-05 21:30 - 00000000 ____D () C:\Users\Administrator\Documents\PC Speed Maximizer
2014-04-05 21:29 - 2014-04-05 22:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-05 21:29 - 2014-04-05 21:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 21:27 - 2014-04-05 22:00 - 00000000 ____D () C:\Users\Administrator\Desktop\mbar
2014-04-05 21:27 - 2014-04-05 21:27 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 21:26 - 2014-04-05 21:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009.exe
2014-04-05 21:25 - 2014-04-05 22:26 - 00000330 _____ () C:\Windows\Tasks\Digital Sites.job
2014-04-05 21:25 - 2014-04-05 21:25 - 00003284 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-04-05 21:25 - 2014-04-05 21:25 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalSites
2014-04-05 21:24 - 2014-04-05 21:24 - 00686048 _____ () C:\Users\Administrator\Downloads\ZipExtractorSetup.exe
2014-04-05 21:02 - 2014-04-05 22:29 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-05 21:02 - 2014-04-05 21:02 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (2).exe
2014-04-05 15:35 - 2014-04-05 21:01 - 00000000 ____D () C:\Users\Administrator\Desktop\TS3
2014-04-05 14:55 - 2014-04-05 14:55 - 00000954 _____ () C:\Users\Administrator\Desktop\Teamspeak 2 RC2.lnk
2014-04-05 14:55 - 2014-04-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Teamspeak2_RC2
2014-04-05 14:54 - 2014-04-05 14:54 - 05862994 _____ () C:\Users\Administrator\Downloads\ts2_client_rc2_2032.exe
2014-04-05 14:51 - 2014-04-05 15:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\TeamSpeak 3 Client
2014-04-05 14:46 - 2014-04-05 22:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Overwolf
2014-04-05 14:43 - 2014-04-05 14:44 - 00041670 _____ () C:\Windows\iis7.log
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SUA
2014-04-05 14:42 - 2014-04-05 14:42 - 00000862 _____ () C:\Windows\system32\termcap
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\inetpub
2014-04-05 14:33 - 2014-04-05 14:33 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (1).exe
2014-04-05 14:31 - 2014-04-05 21:33 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-05 14:28 - 2014-04-05 14:28 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14.exe
2014-04-05 14:26 - 2014-04-05 14:26 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-03 21:40 - 2014-04-03 21:42 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part3.rar
2014-04-03 21:40 - 2014-04-03 21:42 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part2.rar
2014-04-03 21:40 - 2014-04-03 21:42 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part1.rar
2014-04-03 21:40 - 2014-04-03 21:40 - 41368249 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part4.rar
2014-04-03 21:38 - 2014-04-03 21:38 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part5.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part4.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part3.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part2.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part1.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 09590883 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part6.rar
2014-04-03 21:35 - 2014-04-03 21:35 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11
2014-04-03 21:33 - 2014-04-03 21:34 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part4.rar
2014-04-03 21:33 - 2014-04-03 21:34 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part3.rar
2014-04-03 21:33 - 2014-04-03 21:34 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part2.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 94680553 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part5.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part1.rar
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\homeland.s03e04
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\home.s03e05
2014-04-02 18:00 - 2014-04-02 18:03 - 209715200 _____ () C:\Users\Administrator\Downloads\home.s03e05.part1.rar
2014-04-02 18:00 - 2014-04-02 18:02 - 209715200 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part1.rar
2014-04-02 18:00 - 2014-04-02 18:02 - 156306278 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part2.rar
2014-04-02 18:00 - 2014-04-02 18:02 - 147203437 _____ () C:\Users\Administrator\Downloads\home.s03e05.part2.rar
2014-04-01 20:15 - 2014-04-01 20:15 - 00000643 _____ () C:\Windows\KB942288-v3.log
2014-04-01 19:38 - 2014-04-01 19:38 - 62404320 _____ (Ubisoft) C:\Users\Administrator\Downloads\UplayInstaller.exe
2014-03-27 14:33 - 2014-03-27 14:33 - 00001471 _____ () C:\Users\Public\Desktop\SimCity.lnk
2014-03-27 14:10 - 2014-03-27 14:15 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part1.rar
2014-03-27 14:10 - 2014-03-27 14:14 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part3.rar
2014-03-27 14:10 - 2014-03-27 14:14 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part2.rar
2014-03-27 14:10 - 2014-03-27 14:13 - 382235835 _____ () C:\Users\Administrator\Downloads\SICISPED.part4.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part3.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part2.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part1.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 237455713 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part4.rar
2014-03-19 19:10 - 2014-03-19 19:10 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu (1).exe
2014-03-19 19:10 - 2014-03-19 19:10 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-03-19 19:07 - 2014-03-19 19:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu.exe
2014-03-19 18:51 - 2014-03-19 18:52 - 00000000 ____D () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU
2014-03-19 18:48 - 2014-03-19 18:50 - 1261963178 _____ () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU.zip
2014-03-19 02:59 - 2014-03-19 02:59 - 04994480 _____ (Adobe Systems Inc.) C:\Users\Administrator\Downloads\Shockwave_Installer_Slim.exe
2014-03-18 18:15 - 2014-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-15 20:59 - 2014-04-05 22:28 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder
2014-03-14 11:55 - 2014-03-14 11:56 - 171651993 _____ () C:\Users\Administrator\Downloads\15166_bounhlg.rar

==================== One Month Modified Files and Folders =======

2014-04-05 22:31 - 2014-04-05 22:31 - 00031491 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-05 22:31 - 2014-04-05 22:31 - 00000000 ____D () C:\FRST
2014-04-05 22:31 - 2013-12-18 13:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-05 22:30 - 2010-05-03 13:02 - 01099342 _____ () C:\Windows\WindowsUpdate.log
2014-04-05 22:30 - 2009-07-14 19:58 - 00742506 _____ () C:\Windows\system32\perfh007.dat
2014-04-05 22:30 - 2009-07-14 19:58 - 00161042 _____ () C:\Windows\system32\perfc007.dat
2014-04-05 22:30 - 2009-07-14 07:13 - 01714942 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 22:29 - 2014-04-05 21:02 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-05 22:29 - 2013-11-25 15:13 - 00000000 ____D () C:\Program Files\SoftwareUpdater
2014-04-05 22:28 - 2014-03-15 20:59 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder
2014-04-05 22:28 - 2013-11-25 15:13 - 00004196 _____ () C:\Windows\System32\Tasks\Software Updater
2014-04-05 22:28 - 2013-11-25 15:13 - 00004190 _____ () C:\Windows\System32\Tasks\Software Updater Ui
2014-04-05 22:26 - 2014-04-05 21:25 - 00000330 _____ () C:\Windows\Tasks\Digital Sites.job
2014-04-05 22:26 - 2014-04-05 14:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Overwolf
2014-04-05 22:25 - 2014-04-05 22:25 - 00003418 _____ () C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2014-04-05 22:24 - 2013-12-18 13:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-05 22:24 - 2013-05-22 14:52 - 00083085 _____ () C:\Windows\setupact.log
2014-04-05 22:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 22:23 - 2013-05-22 19:25 - 00406092 _____ () C:\Windows\PFRO.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00000668 _____ () C:\Users\Administrator\Downloads\defogger_disable.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00000188 _____ () C:\Users\Administrator\defogger_reenable
2014-04-05 22:21 - 2010-05-03 13:06 - 00000000 ____D () C:\Users\Administrator
2014-04-05 22:20 - 2014-04-05 22:20 - 02157056 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00380416 _____ () C:\Users\Administrator\Downloads\Gmer-19357.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00050477 _____ () C:\Users\Administrator\Downloads\Defogger.exe
2014-04-05 22:19 - 2014-04-05 22:19 - 00000704 _____ () C:\Users\Administrator\Desktop\Ereignisse.txt
2014-04-05 22:04 - 2012-06-25 05:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-05 22:00 - 2014-04-05 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-05 22:00 - 2014-04-05 21:27 - 00000000 ____D () C:\Users\Administrator\Desktop\mbar
2014-04-05 21:33 - 2014-04-05 14:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-05 21:30 - 2014-04-05 21:30 - 00000000 ____D () C:\Users\Administrator\Documents\PC Speed Maximizer
2014-04-05 21:29 - 2014-04-05 21:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 21:27 - 2014-04-05 21:27 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 21:26 - 2014-04-05 21:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009.exe
2014-04-05 21:25 - 2014-04-05 21:25 - 00003284 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-04-05 21:25 - 2014-04-05 21:25 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalSites
2014-04-05 21:24 - 2014-04-05 21:24 - 00686048 _____ () C:\Users\Administrator\Downloads\ZipExtractorSetup.exe
2014-04-05 21:02 - 2014-04-05 21:02 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (2).exe
2014-04-05 21:01 - 2014-04-05 15:35 - 00000000 ____D () C:\Users\Administrator\Desktop\TS3
2014-04-05 20:43 - 2009-07-14 06:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 20:43 - 2009-07-14 06:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 20:42 - 2011-07-10 16:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Htc
2014-04-05 15:52 - 2013-11-25 15:11 - 00000000 ____D () C:\Program Files (x86)\Freemium_DE
2014-04-05 15:52 - 2013-11-25 15:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DownloadGuide
2014-04-05 15:35 - 2014-04-05 14:51 - 00000000 ____D () C:\Users\Administrator\AppData\Local\TeamSpeak 3 Client
2014-04-05 15:07 - 2010-05-04 11:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Skype
2014-04-05 14:55 - 2014-04-05 14:55 - 00000954 _____ () C:\Users\Administrator\Desktop\Teamspeak 2 RC2.lnk
2014-04-05 14:55 - 2014-04-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Teamspeak2_RC2
2014-04-05 14:54 - 2014-04-05 14:54 - 05862994 _____ () C:\Users\Administrator\Downloads\ts2_client_rc2_2032.exe
2014-04-05 14:49 - 2013-05-22 13:12 - 00004144 _____ () C:\Windows\System32\Tasks\Freemium1ClickMaint
2014-04-05 14:44 - 2014-04-05 14:43 - 00041670 _____ () C:\Windows\iis7.log
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SUA
2014-04-05 14:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-04-05 14:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-05 14:42 - 2014-04-05 14:42 - 00000862 _____ () C:\Windows\system32\termcap
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\inetpub
2014-04-05 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-04-05 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-05 14:33 - 2014-04-05 14:33 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (1).exe
2014-04-05 14:28 - 2014-04-05 14:28 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14.exe
2014-04-05 14:26 - 2014-04-05 14:26 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-05 13:49 - 2013-12-19 17:26 - 00000308 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-04-04 13:52 - 2014-01-26 23:39 - 00007356 _____ () C:\Users\Administrator\Desktop\operationX.txt
2014-04-03 23:27 - 2010-05-08 18:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-04-03 21:43 - 2010-05-04 09:42 - 00000000 ____D () C:\Users\Administrator\Downloads\Filme
2014-04-03 21:42 - 2014-04-03 21:40 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part3.rar
2014-04-03 21:42 - 2014-04-03 21:40 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part2.rar
2014-04-03 21:42 - 2014-04-03 21:40 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part1.rar
2014-04-03 21:40 - 2014-04-03 21:40 - 41368249 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part4.rar
2014-04-03 21:38 - 2014-04-03 21:38 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part5.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part4.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part3.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part2.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part1.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 09590883 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part6.rar
2014-04-03 21:35 - 2014-04-03 21:35 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11
2014-04-03 21:34 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part4.rar
2014-04-03 21:34 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part3.rar
2014-04-03 21:34 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part2.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 94680553 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part5.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part1.rar
2014-04-03 01:10 - 2013-09-26 12:57 - 00000000 ____D () C:\Users\Administrator\Documents\FIFA 14
2014-04-02 19:19 - 2010-10-28 23:57 - 00000000 ____D () C:\ProgramData\Origin
2014-04-02 19:18 - 2011-06-08 10:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-02 18:26 - 2013-12-19 17:26 - 00000300 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\homeland.s03e04
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\home.s03e05
2014-04-02 18:03 - 2014-04-02 18:00 - 209715200 _____ () C:\Users\Administrator\Downloads\home.s03e05.part1.rar
2014-04-02 18:02 - 2014-04-02 18:00 - 209715200 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part1.rar
2014-04-02 18:02 - 2014-04-02 18:00 - 156306278 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part2.rar
2014-04-02 18:02 - 2014-04-02 18:00 - 147203437 _____ () C:\Users\Administrator\Downloads\home.s03e05.part2.rar
2014-04-01 20:16 - 2013-05-27 22:14 - 00142823 _____ () C:\Windows\DirectX.log
2014-04-01 20:15 - 2014-04-01 20:15 - 00000643 _____ () C:\Windows\KB942288-v3.log
2014-04-01 20:09 - 2010-05-24 21:25 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-04-01 20:09 - 2010-05-04 11:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-01 19:40 - 2013-08-21 12:54 - 00001183 _____ () C:\Users\Administrator\Desktop\Uplay.lnk
2014-04-01 19:38 - 2014-04-01 19:38 - 62404320 _____ (Ubisoft) C:\Users\Administrator\Downloads\UplayInstaller.exe
2014-04-01 12:46 - 2013-05-06 18:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\RBotPlus
2014-04-01 12:36 - 2013-05-06 18:53 - 00000000 ____D () C:\Program Files (x86)\RBPlus
2014-03-27 14:34 - 2013-02-17 13:53 - 00000000 ____D () C:\Users\Administrator\Documents\SimCity
2014-03-27 14:33 - 2014-03-27 14:33 - 00001471 _____ () C:\Users\Public\Desktop\SimCity.lnk
2014-03-27 14:28 - 2010-05-04 10:59 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-03-27 14:16 - 2010-05-04 09:58 - 00000000 ____D () C:\Users\Administrator\Downloads\Spiele
2014-03-27 14:15 - 2014-03-27 14:10 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part1.rar
2014-03-27 14:14 - 2014-03-27 14:10 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part3.rar
2014-03-27 14:14 - 2014-03-27 14:10 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part2.rar
2014-03-27 14:13 - 2014-03-27 14:10 - 382235835 _____ () C:\Users\Administrator\Downloads\SICISPED.part4.rar
2014-03-26 21:26 - 2013-12-18 13:09 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 21:26 - 2013-12-18 13:09 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-23 10:25 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-19 19:55 - 2014-03-19 19:53 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part3.rar
2014-03-19 19:55 - 2014-03-19 19:53 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part2.rar
2014-03-19 19:55 - 2014-03-19 19:53 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part1.rar
2014-03-19 19:55 - 2014-03-19 19:53 - 237455713 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part4.rar
2014-03-19 19:19 - 2010-05-04 10:59 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-03-19 19:10 - 2014-03-19 19:10 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu (1).exe
2014-03-19 19:10 - 2014-03-19 19:10 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-03-19 19:07 - 2014-03-19 19:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu.exe
2014-03-19 18:52 - 2014-03-19 18:51 - 00000000 ____D () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU
2014-03-19 18:50 - 2014-03-19 18:48 - 1261963178 _____ () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU.zip
2014-03-19 03:35 - 2013-08-14 23:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:35 - 2010-05-04 08:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-19 03:33 - 2010-05-03 21:42 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 02:59 - 2014-03-19 02:59 - 04994480 _____ (Adobe Systems Inc.) C:\Users\Administrator\Downloads\Shockwave_Installer_Slim.exe
2014-03-18 22:46 - 2014-03-18 18:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-15 21:28 - 2013-12-18 13:10 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 11:56 - 2014-03-14 11:55 - 171651993 _____ () C:\Users\Administrator\Downloads\15166_bounhlg.rar
2014-03-13 23:43 - 2012-05-15 10:05 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 23:43 - 2012-05-15 10:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 14:45 - 2009-07-14 04:34 - 00000783 _____ () C:\Windows\win.ini
2014-03-12 20:04 - 2012-06-25 05:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 20:04 - 2012-06-25 05:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:04 - 2011-07-14 22:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Administrator\AppData\Local\Temp\Checkupdate.exe
C:\Users\Administrator\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Administrator\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Administrator\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Administrator\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\Administrator\AppData\Local\Temp\MySearchDial.exe
C:\Users\Administrator\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Administrator\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-04-01 14:50

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 06.04.2014, 11:51   #4
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Administrator at 2014-04-05 22:31:55
Running from C:\Users\Administrator\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

4Videosoft PDF to ePub Maker 3.1.10 (HKLM-x32\...\{149BF4DA-08A2-434a-9A13-D76DD9FD205A}_is1) (Version:  - )
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{0099B484-C24C-4D5F-8167-B0F6DF196E72}) (Version: 12.0.3.133 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.2.0 - Sereby Corporation)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{469032A5-C6F3-CE61-67B1-F8820B747401}) (Version: 2.0.4196.33893 - Advanced Micro Devices, Inc.)
applicationupdater (HKCU\...\SOE-C:/Users/Administrator/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
ATI AVIVO64 Codecs (Version: 10.12.0.00325 - ATI Technologies Inc.) Hidden
Autoruns (HKLM-x32\...\Autoruns) (Version: 9.57 - 2009 Microsoft Corporation)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Guard (HKLM-x32\...\Browser Guard) (Version:  - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.29 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.4.1255 - CDBurnerXP)
COMPUTERBILD-Abzockschutz (HKLM-x32\...\{8AADC86C-5018-4762-A309-3031F68D1008}) (Version: 1.0.32 - J3S)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Core Temp (HKLM\...\Core Temp) (Version: 0.99.5.27 - 2001 - 2009 Arthur Liberman)
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version:  - )
CPU-Z (HKLM\...\CPU-Z) (Version: 1.53 - 2001 - 2009 CPUID)
CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2930.52 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd)
DAMN NFO Viewer (HKLM-x32\...\DAMN NFO Viewer) (Version: 2.10.0032 - 2000-2002 Ivanopulo)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DC4BC0CC-A928-4C48-BA40-AC24784F46E5}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.02.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version:  - )
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Easy Driver Pro (HKLM-x32\...\{FD27D456-ED8A-4027-A1E4-BBF95FAF4799}) (Version: 8.0.1 - Easy Driver Pro)
Elevated Installer (x32 Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
F1 2013 German (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FIFA 11 Demo (HKLM-x32\...\{DC158DF7-6B36-4C6F-BC91-109014297994}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.4 - Electronic Arts)
FLAC To MP3 V4.0.4 (HKLM-x32\...\FLAC To MP3_is1) (Version:  - FLAC To MP3, Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
Free Driver Scout (HKLM-x32\...\{ea754f75-d514-4d27-b53c-6990bdbbf34e}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free System Utilities (HKLM-x32\...\{f8cd9221-848c-45fb-a509-fa75dea3a22f}) (Version: 1.0.0.28 - Covus Freemium GmbH)
Free SystemUtilities (x32 Version: 1.0.0.28 - Covus Freemium GmbH) Hidden
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Freemium DE Toolbar for IE (HKLM-x32\...\IECT3311336) (Version: 6.17.2.8 - Freemium DE)
FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version:  - )
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.3.0 - Electronic Arts)
Game Dev Tycoon Version 1.3.0 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.0 - Greenheart Games Pty. Ltd.)
gamelauncher-ps2-psg (HKCU\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG) (Version:  - Sony Online Entertainment)
Garmin Express (HKLM-x32\...\{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin Update Service (x32 Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Geeks3D FurMark 1.12.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Chrome Backup 1.8.0.141 (HKLM-x32\...\{52291FC0-33D3-4A18-9587-5115225545D8}_is1) (Version:  - )
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPU-Z (HKLM-x32\...\Gpuz) (Version: 0.3.8 - 2004 - 2009 TechPowerUp)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0002.135 - Rockstar Games Inc.) Hidden
GRID 2 (c) Codemasters version 1 (HKLM-x32\...\R1JJRDI=_is1) (Version: 1 - )
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HDTune (HKLM-x32\...\HDTune) (Version: 2.5.5.0 - 2003 - 2009 by EFD Software)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation)
HWMonitor (HKLM\...\HWMonitor) (Version: 1.1.5.0 - 2001 - 2009 CPUID)
HydraVision (x32 Version: 4.2.152.0 - ATI Technologies Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{7FCDABCC-1A1E-4D61-909D-BA9495172774}) (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
K-Lite Codec Pack 9.4.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.4.0 - )
LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.5218 - CyberLink Corp.)
LG Burning Tool (x32 Version: 6.2.5218 - CyberLink Corp.) Hidden
LG CyberLink BD Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.3907 - CyberLink Corp.)
LG CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.)
LG CyberLink Blu-ray Disc Suite (x32 Version: 8.0.2820 - CyberLink Corp.) Hidden
LG CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
LG CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
LG CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1622_37397b - CyberLink Corp.)
LG CyberLink MediaEspresso (x32 Version: 6.5.1622_37397b - CyberLink Corp.) Hidden
LG CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
LG CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) Hidden
LG CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech Flow Scroll 4.0 (HKLM\...\Sn1) (Version: 4.00.33 - Logitech)
Logitech Gaming Software (Version: 8.20.74 - Logitech Inc.) Hidden
Logitech Gaming Software 5.08 (HKLM\...\{96F1BA99-300F-4DD5-A26B-788EF63B53B1}) (Version: 5.08.146 - Logitech)
Logitech Gaming Software 8.20 (HKLM\...\Logitech Gaming Software) (Version: 8.20.74 - Logitech Inc.)
Logitech SetPoint 6.32 (HKLM\...\SP6) (Version: 6.32.20 - Logitech)
MAGIX Screenshare (HKLM-x32\...\{518AD85A-EBCB-4F26-8A45-86DC5449AC1E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{D4ABBDE0-0F0E-40D7-9296-4227F2722B91}) (Version: 7.0.2.6 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MegaTrainer eXperience V1.1.7.6 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
MozBackup 1.4.9 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 18.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0 (x86 en-US)) (Version: 18.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 en-US)) (Version: 24.4.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)
Nero 9 (HKLM-x32\...\{addc7b14-9c41-4daf-8718-cd4d23c182d8}) (Version:  - Nero AG)
Nero 9 Trial (HKLM-x32\...\{bec0a015-659f-49ca-8809-239f800ba1a9}) (Version:  - Nero AG)
Nero BackItUp 4 (HKLM-x32\...\{a86299e1-e9d5-4ac5-80eb-d026acab2bcc}) (Version:  - Nero AG)
Nero Burning ROM (x32 Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero BurningROM 12 (HKLM-x32\...\{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}) (Version: 12.0.00300 - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18100 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero MediaHome 4 (x32 Version: 4.5.8.0 - Nero AG) Hidden
Nero MediaHome 4 Help (x32 Version: 4.5.5.0 - Nero AG) Hidden
Nero MediaHome 4 Trial (HKLM-x32\...\{e7f3a374-2176-42a2-a333-82e434b58988}) (Version:  - Nero AG)
Nero PhotoSnap (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero Recode (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 2.4.14.100 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.21.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Vision (x32 Version: 6.4.16.100 - Nero AG) Hidden
Nero WaveEditor (x32 Version: 5.4.37.1 - Nero AG) Hidden
NeroBurningROM (x32 Version: 9.4.26.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.26.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
New Star Soccer 5 (HKLM-x32\...\Steam App 212780) (Version:  - )
New Star Soccer 5 v1.12 (HKLM-x32\...\{4A49BF17-D3D0-49F1-B17E-ACAE15F94CE2}}_is1) (Version:  - New Star Games Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - )
ODF Add-In für Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team)
Ontrack EasyRecovery Professional (HKLM-x32\...\InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}) (Version: 6.22.01 - Kroll Ontrack Inc.)
Ontrack EasyRecovery Professional (x32 Version: 6.22.01 - Kroll Ontrack Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PAYDAY 2 Career Criminal Edition Plus Update 19 Incl. DLCs 1.0 (HKLM-x32\...\PAYDAY 2 Career Criminal Edition Plus Update 19 Incl. DLCs 1.0) (Version:  - )
PC Inspector File Recovery (HKLM-x32\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Power Challenge Game Plugin (HKCU\...\Power Loader) (Version:  - )
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKCU\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PS3 Video 9 6 (HKLM-x32\...\PS3 Video 9) (Version: 6 - Red Kawa)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Rapture3D 2.5.1 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Real Temp (HKLM-x32\...\Real Temp) (Version: 3.4.0.0 - 2004 - 2009 TechPowerUp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
RESCUE 2013 (HKCU\...\RESCUE 2013) (Version: 1.00.00.00 - rondomedia GmbH)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.7 - Rockstar Games)
Roulette Bot Plus (HKLM-x32\...\RBPlus) (Version: 1.3.8.2 - www.roulettebotplus.com)
RoulettePilot (HKLM-x32\...\{8AA4FF81-E2C9-43E0-A29B-0B13063AA896}) (Version: 1.1.092 - JemeSoft)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.6001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6001 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SimCity - Special Edition (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}_is1) (Version: 10.0 - Electronic Arts)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Soluto (HKLM\...\{DCF00FE8-348E-43CF-96CB-6C8EBB0037C2}) (Version: 1.3.1095.0 - Soluto)
SoundTrax (x32 Version: 4.4.37.1 - Nero AG) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.8.2.610.g090a06f8 - Spotify AB)
State of Decay - Breakdown (HKLM-x32\...\State of Decay - Breakdown_is1) (Version:  - )
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Swiss Casino (HKLM-x32\...\Swiss Casino) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.11117 - TeamViewer GmbH)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Tom Clancy's H.A.W.X. 2 (HKLM-x32\...\{76A232AF-B7D6-41A4-B795-6B355E6D32B1}) (Version: 1.0.1 - Ubisoft)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total War ROME II V1.0.0.1(CREATED BY XEONKING©) (HKLM-x32\...\Total War ROME II_is1) (Version: 1.0.0.1 - )
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 6.2 - TrueCrypt Foundation)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3010.1 - TuneUp Software) Hidden
TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.)
TVersity Media Server 2.3 (HKLM-x32\...\TVersity Media Server) (Version: 2.3 - TVersity)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall Manager 5.3 (HKLM\...\{45BFB5F0-19B7-4564-B787-A3BAAA0E5AA1}_is1) (Version: 5.3 - Martin Fuchs)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUSR_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34F51E79-0110-4B49-A245-81319F58453E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{05D8C7F6-9A93-4925-B2B3-7D6507AD2FC9}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BEA3259E-14B5-4D89-87FF-ED9F1D0D81C8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CA014CB4-B26F-4D27-BF26-C994CC3428E5}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{04DED3FB-DDB2-4C1E-A057-2A1FB97BE42D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A82E26EF-680E-427D-B7D0-FD7997DDC217}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version:  - Microsoft)
Update for Zip Extractor (HKCU\...\Digital Sites) (Version:  - Update for Zip Extractor) <==== ATTENTION
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
USB2.0 PC Camera (HKLM-x32\...\{B2B980D5-39DE-47E1-8CCD-874281A7EB5C}) (Version: 60.003.70.002 - Syntek)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V3.6 - VisualBee.com)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
WBFS Manager 4.0 (HKLM\...\{D34C07CA-DCF0-4A5C-A4DD-55522B17F4F2}) (Version: 4.0 - WBFS)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 7 Custom Theme Pack (HKLM-x32\...\Windows 7 Custom Theme Pack) (Version: 1.0.0.0 - )
Windows 7 Theme Pack (HKLM-x32\...\Windows 7 Theme Pack) (Version: 1.0.0.2 - Copyright 2009 Microsoft)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Winner Casino (HKLM-x32\...\Winner Casino) (Version:  - )
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
X Rebirth (HKLM-x32\...\WFJlYmlydGg=_is1) (Version: 1 - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Restore Points  =========================

01-04-2014 18:09:02 Installiert Tom Clancy's H.A.W.X. 2
05-04-2014 12:42:14 Windows Modules Installer
05-04-2014 20:28:38 Removed Overwolf

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-03-04 18:05 - 00000202 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 order.tune-up.com
127.0.0.1 tune-up.com
127.0.0.1 tune-up.com/order
127.0.0.1 registertuneup.com
127.0.0.1 download.tune-up.de
127.0.0.1 download.tune-up.com
127.0.0.1 secure.tune-up.com


==================== Scheduled Tasks (whitelisted) =============

Task: {056CD616-0C95-49FE-A916-97E48D90E41D} - System32\Tasks\Freemium1ClickMaint => C:\Users\Administrator\Downloads\1Click.exe
Task: {06AB381B-9473-4BB4-B36D-DB8DD774C8B7} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {06C96EB9-3F8B-44EA-9D09-D58C3F7A1C36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {0F9DD235-DF99-474B-B996-E2D3036A6518} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-18] ()
Task: {11477930-B0AA-4C8E-94D7-6BC3C809285E} - \Plus-HD-3.7-updater No Task File
Task: {114B799B-14F1-4184-84C3-07DBA72722BB} - System32\Tasks\{12E08912-105B-4837-A570-8EEDFC589694} => C:\Users\Administrator\Downloads\Spiele\Mafia\pc\mafia2.exe [2010-08-24] (2K Czech)
Task: {11D0C178-1A39-4635-AFFC-4BECDD45FBDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18] (Google Inc.)
Task: {1BC83C5B-28A1-4C76-8D70-678A2AE151C5} - System32\Tasks\TWIN 7 1-Klick-Optimierung => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe
Task: {1F288C4F-D007-4DB8-A8ED-3B46F95053F3} - \Plus-HD-3.7-firefoxinstaller No Task File
Task: {3456BFE0-611A-424A-9C98-DC37F00C87AF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {3B0B8786-41BA-4F1C-A941-659B94D5D564} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => c:\program files (x86)\common files\installshield\updateservice\isuspm.exe [2004-06-14] (InstallShield Software Corporation)
Task: {43655B81-0021-4BF9-882A-42ACFCA55486} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {500641BE-35C7-464D-94E2-EF96257A9601} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\program files (x86)\common files\installshield\updateservice\isuspm.exe [2004-06-14] (InstallShield Software Corporation)
Task: {509614EE-9FA0-4628-86E3-0E002C0D2910} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com)
Task: {5140BF47-CF20-4835-A9BF-F6080A31B516} - \Funmoods No Task File
Task: {576B1AAE-1E9D-49CB-A51B-A7347CB3DA6D} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-18] ()
Task: {72ECF7ED-1CF3-4260-BFF0-249987DAE196} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18] (Google Inc.)
Task: {7BBF01AF-068B-47FE-8995-FC654B1F77A8} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {816A414A-250E-4A95-9946-5B2010FE8B81} - System32\Tasks\{E03FE212-920D-4E54-A2ED-3F5232DBF089} => C:\Users\Administrator\Downloads\Spiele\Mafia\pc\mafia2.exe [2010-08-24] (2K Czech)
Task: {8366F607-EAE5-4391-91CF-D0B5563D7798} - System32\Tasks\{9715FA71-3D56-4C31-94A9-999536F6455E} => C:\Users\Administrator\Downloads\Spiele\DBZ\Dbz-me-2\DBZ-ME2.exe
Task: {8388F34C-8A40-4F4C-9F3B-171E83F3926A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {96829AB6-B226-4091-BFC4-F99D40273EF7} - System32\Tasks\Digital Sites => C:\Users\Administrator\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {98261A9F-3370-4ED7-BDC8-E1F9A1081E16} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com)
Task: {9DE50ABA-18B8-4B7A-8C7A-E1A72E5EED20} - \Plus-HD-3.7-chromeinstaller No Task File
Task: {A1554B1B-E326-4578-AFC6-A6897B50F712} - \Plus-HD-3.7-enabler No Task File
Task: {A21B3099-D171-474F-9E7C-1C2E0603A772} - System32\Tasks\TWIN 7 Live-Update => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe
Task: {A713D1B8-C4ED-4F8C-B388-9FFDF2182BA7} - System32\Tasks\VisualBeeRecovery => C:\Users\Administrator\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe
Task: {A9D1ADA0-746B-4E0D-8167-2BC7DFEDBE61} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com)
Task: {B3D91916-EB13-4F81-9B2A-F51E63E2F921} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CAF79D02-CCD4-4742-BF06-8377073E79ED} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com)
Task: {D2E5FD23-ECD3-46FC-BBE6-254BA8E4F033} - System32\Tasks\Google Updater and Installer => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {D42CDF72-F12F-4FAD-B836-3468F3A765A3} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-30] ()
Task: {DFB918C6-19F4-448C-BEB3-CCBF255BE06C} - \Plus-HD-3.7-codedownloader No Task File
Task: {E3F50E57-33E8-4F92-80E9-D72EE2C36C3D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {E6C2B4AA-AF7F-4E5A-80C2-F142363E626C} - System32\Tasks\{2B8749C1-AC76-496D-BEC2-7C49D271DD2A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {E85ACC44-8B11-4252-BED6-D2F32D8787A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E8957822-C9A5-4C1B-A0B4-191F93C9E5CB} - System32\Tasks\{3F9D19C7-935A-476A-8B54-FFBED74CE16C} => C:\Program Files (x86)\Weight Watchers\FlexPoints 2.01\FlexPoints.exe
Task: {EFD1DA95-1580-419E-B80D-4A2440D78F8C} - System32\Tasks\{3E1CADF4-48C7-4B4E-86D5-3FFC7166B8EA} => C:\Users\Administrator\Downloads\Spiele\DBZ\Dbz-me-2\DBZ-ME2.exe
Task: {F3613473-8821-4A6D-AAEE-340F4C6FCD1D} - System32\Tasks\{D51A974D-F7A1-40B3-A397-707148BB04A8} => C:\Users\Administrator\Downloads\Spiele\DBZ\Dbz-me-2\DBZ-ME2.exe
Task: {FD2D3BC8-A3CE-4744-94C2-9336F69A4675} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Administrator\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {FF13986C-94FA-4C57-975D-A011D94C8EF4} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-11-20] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\ADMINI~1\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-10 13:13 - 2013-01-10 13:13 - 03695104 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\fa610e3edbe05acb27fc2c510c598db2\PCGPreCompiled.ni.dll
2013-01-10 13:23 - 2013-01-10 13:23 - 00269312 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\4bae96f79ff187279b2fade2108e621f\PCGAppControlPluginLoader.ni.dll
2012-11-21 13:43 - 2012-11-21 13:43 - 00091192 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2011-12-01 18:11 - 2011-12-01 18:11 - 00743936 _____ () C:\Program Files (x86)\CPUCooL\CooLSrv.exe
2011-01-10 14:49 - 2011-01-10 14:49 - 00014848 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2011-09-15 13:06 - 2011-09-15 13:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-11-21 13:43 - 2012-11-21 13:43 - 00091192 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2012-11-30 04:06 - 2012-11-30 04:06 - 01263512 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-11-25 13:37 - 2013-10-31 20:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-03-15 21:28 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2014-03-15 21:28 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 21:28 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 21:28 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 21:28 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 21:28 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2012-11-30 04:07 - 2012-11-30 04:07 - 00100248 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-03-15 21:28 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: acthelper => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: StumbleUponUpdater => 2
MSCONFIG\Services: TeamViewer5 => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: TuneUp.Defrag => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: vToolbarUpdater14.2.0 => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

==================== Faulty Device Manager Devices =============

Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/02/2014 08:13:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (04/02/2014 08:13:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (04/02/2014 08:13:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 08:13:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

Error: (04/02/2014 08:13:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5023

Error: (04/02/2014 08:13:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 08:13:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (04/02/2014 08:13:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (04/02/2014 08:13:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 08:13:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3010


System errors:
=============
Error: (04/05/2014 10:28:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/05/2014 10:27:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/05/2014 10:26:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/05/2014 10:26:14 PM) (Source: DCOM) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/05/2014 10:25:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/05/2014 10:25:40 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
acedrv07
Beep

Error: (04/05/2014 10:24:28 PM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (04/05/2014 10:24:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/05/2014 10:02:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/05/2014 08:37:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126


Microsoft Office Sessions:
=========================
Error: (04/02/2014 08:13:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (04/02/2014 08:13:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (04/02/2014 08:13:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 08:13:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

Error: (04/02/2014 08:13:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5023

Error: (04/02/2014 08:13:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 08:13:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (04/02/2014 08:13:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (04/02/2014 08:13:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 08:13:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3010


CodeIntegrity Errors:
===================================
  Date: 2014-04-05 22:23:39.773
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-05 22:23:39.711
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-05 20:33:50.007
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-05 20:33:49.929
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-05 13:15:32.726
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-05 13:15:32.648
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-04 20:40:04.340
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-04 20:40:04.262
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-04 13:17:10.040
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-04 13:17:09.962
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 6135.12 MB
Available physical RAM: 3391.84 MB
Total Pagefile: 12268.38 MB
Available Pagefile: 8843.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.26 GB) (Free:101.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 00062175)
Partition 1: (Active) - (Size=-698723990528) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 07.04.2014, 11:39   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Zitat:
ProxyServer: 219.83.62.50:8080
Hast Du den Proxy installiert?


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.04.2014, 12:45   #6
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Nein, ich kann mich nicht daran erinnern jemals einen Proxy wissentlich installiert zu haben.





Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.04.07.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Administrator :: FIFU-PC [administrator]

07.04.2014 13:15:46
mbar-log-2014-04-07 (13-15-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 335784
Time elapsed: 23 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         





Code:
ATTFilter
13:40:01.0089 0x06ac  TDSS rootkit removing tool 3.0.0.28 Apr  4 2014 12:43:10
13:40:03.0084 0x06ac  ============================================================
13:40:03.0084 0x06ac  Current date / time: 2014/04/07 13:40:03.0084
13:40:03.0084 0x06ac  SystemInfo:
13:40:03.0084 0x06ac  
13:40:03.0084 0x06ac  OS Version: 6.1.7600 ServicePack: 0.0
13:40:03.0084 0x06ac  Product type: Workstation
13:40:03.0084 0x06ac  ComputerName: FIFU-PC
13:40:03.0084 0x06ac  UserName: Administrator
13:40:03.0084 0x06ac  Windows directory: C:\Windows
13:40:03.0084 0x06ac  System windows directory: C:\Windows
13:40:03.0084 0x06ac  Running under WOW64
13:40:03.0084 0x06ac  Processor architecture: Intel x64
13:40:03.0084 0x06ac  Number of processors: 8
13:40:03.0084 0x06ac  Page size: 0x1000
13:40:03.0084 0x06ac  Boot type: Normal boot
13:40:03.0084 0x06ac  ============================================================
13:40:04.0766 0x06ac  KLMD registered as C:\Windows\system32\drivers\33834783.sys
13:40:04.0875 0x06ac  System UUID: {77931F2F-1546-2086-F277-33FBB1732F83}
13:40:05.0269 0x06ac  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:40:05.0273 0x06ac  ============================================================
13:40:05.0273 0x06ac  \Device\Harddisk0\DR0:
13:40:05.0274 0x06ac  MBR partitions:
13:40:05.0274 0x06ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86702
13:40:05.0274 0x06ac  ============================================================
13:40:05.0288 0x06ac  C: <-> \Device\Harddisk0\DR0\Partition1
13:40:05.0288 0x06ac  ============================================================
13:40:05.0288 0x06ac  Initialize success
13:40:05.0288 0x06ac  ============================================================
13:40:11.0062 0x1a7c  ============================================================
13:40:11.0062 0x1a7c  Scan started
13:40:11.0062 0x1a7c  Mode: Manual; SigCheck; TDLFS; 
13:40:11.0062 0x1a7c  ============================================================
13:40:11.0062 0x1a7c  KSN ping started
13:40:24.0787 0x1a7c  KSN ping finished: true
13:40:26.0045 0x1a7c  ================ Scan system memory ========================
13:40:26.0045 0x1a7c  System memory - ok
13:40:26.0045 0x1a7c  ================ Scan services =============================
13:40:26.0131 0x1a7c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:40:26.0289 0x1a7c  1394ohci - ok
13:40:26.0306 0x1a7c  [ 6E9C8B324980AFE454C6F7762E2B4478, B65CC18B2A63EC28FF125F547F71FD265299CE30128174AE05FFEE05108B69AC ] acedrv07        C:\Windows\system32\drivers\acedrv07.sys
13:40:26.0328 0x1a7c  acedrv07 - detected UnsignedFile.Multi.Generic ( 1 )
13:40:28.0779 0x1a7c  acedrv07 ( UnsignedFile.Multi.Generic ) - warning
13:40:31.0164 0x1a7c  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
13:40:31.0199 0x1a7c  acedrv11 - ok
13:40:31.0212 0x1a7c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:40:31.0229 0x1a7c  ACPI - ok
13:40:31.0242 0x1a7c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:40:31.0283 0x1a7c  AcpiPmi - ok
13:40:31.0358 0x1a7c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:40:31.0368 0x1a7c  AdobeARMservice - ok
13:40:31.0453 0x1a7c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:40:31.0466 0x1a7c  AdobeFlashPlayerUpdateSvc - ok
13:40:31.0500 0x1a7c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:40:31.0533 0x1a7c  adp94xx - ok
13:40:31.0555 0x1a7c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:40:31.0572 0x1a7c  adpahci - ok
13:40:31.0590 0x1a7c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:40:31.0604 0x1a7c  adpu320 - ok
13:40:31.0616 0x1a7c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:40:31.0719 0x1a7c  AeLookupSvc - ok
13:40:31.0756 0x1a7c  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
13:40:31.0815 0x1a7c  AFD - ok
13:40:31.0825 0x1a7c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:40:31.0836 0x1a7c  agp440 - ok
13:40:31.0844 0x1a7c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:40:31.0879 0x1a7c  ALG - ok
13:40:31.0893 0x1a7c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:40:31.0903 0x1a7c  aliide - ok
13:40:31.0941 0x1a7c  ALSysIO - ok
13:40:31.0994 0x1a7c  [ 68B2C801CDB2B3838E9C27C3C6F66C73, D2E7A062973CB4D1C33A299D5AEFCE943EB59934EBA427F3C99D03A56EFF7A96 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:40:32.0040 0x1a7c  AMD External Events Utility - ok
13:40:32.0056 0x1a7c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:40:32.0065 0x1a7c  amdide - ok
13:40:32.0078 0x1a7c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:40:32.0099 0x1a7c  AmdK8 - ok
13:40:32.0402 0x1a7c  [ 784C941B5A19D69814F9514CFB733906, 496E78FE91B1D6E146EEB79297C4A131D50875A8385438C376CA58A245D4A77E ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:40:32.0797 0x1a7c  amdkmdag - ok
13:40:32.0830 0x1a7c  [ 954759EAE7FB2591A5E7206AB0093AE7, A47FFCE75767CFE79A1CD2B42DC1FEEC8C65C0E503289DC70B751FECDD9CE9FF ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:40:32.0857 0x1a7c  amdkmdap - ok
13:40:32.0880 0x1a7c  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
13:40:32.0889 0x1a7c  amdkmpfd - ok
13:40:32.0902 0x1a7c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:40:32.0924 0x1a7c  AmdPPM - ok
13:40:32.0952 0x1a7c  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:40:32.0964 0x1a7c  amdsata - ok
13:40:32.0981 0x1a7c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:40:32.0994 0x1a7c  amdsbs - ok
13:40:33.0007 0x1a7c  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:40:33.0018 0x1a7c  amdxata - ok
13:40:33.0080 0x1a7c  [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:40:33.0103 0x1a7c  AntiVirSchedulerService - ok
13:40:33.0131 0x1a7c  [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:40:33.0146 0x1a7c  AntiVirService - ok
13:40:33.0197 0x1a7c  [ DAB48CB546A895C3FC6219F298CC6DD7, 6E1B1402E4D63412C6FF47E9184636A7E7065089564C1A6C8BE0728D99F7FDBA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:40:33.0227 0x1a7c  AntiVirWebService - ok
13:40:33.0268 0x1a7c  [ 03FBB7C5EA4EF153F10282614B9771CB, 0E1FC4144AA83383F265000E9BB8837603DC821661A2D74A1CF3261496037B8A ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
13:40:33.0338 0x1a7c  AppHostSvc - ok
13:40:33.0347 0x1a7c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
13:40:33.0425 0x1a7c  AppID - ok
13:40:33.0447 0x1a7c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:40:33.0489 0x1a7c  AppIDSvc - ok
13:40:33.0529 0x1a7c  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:40:33.0539 0x1a7c  Apple Mobile Device - ok
13:40:33.0552 0x1a7c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:40:33.0593 0x1a7c  AppMgmt - ok
13:40:33.0609 0x1a7c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:40:33.0620 0x1a7c  arc - ok
13:40:33.0631 0x1a7c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:40:33.0643 0x1a7c  arcsas - ok
13:40:33.0700 0x1a7c  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:40:33.0721 0x1a7c  aspnet_state - ok
13:40:33.0731 0x1a7c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:40:33.0765 0x1a7c  AsyncMac - ok
13:40:33.0782 0x1a7c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:40:33.0791 0x1a7c  atapi - ok
13:40:33.0800 0x1a7c  [ 37CB595C0AB20ECBFA5170D3185690DB, 23CA3DC63C35649021AAFF0721BA8A7DF546B5CD1530A35AAAC3E742A787A7D2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:40:33.0844 0x1a7c  AtiHDAudioService - ok
13:40:33.0867 0x1a7c  [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
13:40:33.0927 0x1a7c  AtiHdmiService - ok
13:40:33.0953 0x1a7c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:40:34.0018 0x1a7c  AudioEndpointBuilder - ok
13:40:34.0039 0x1a7c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:40:34.0078 0x1a7c  AudioSrv - ok
13:40:34.0126 0x1a7c  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:40:34.0138 0x1a7c  avgntflt - ok
13:40:34.0173 0x1a7c  [ 4C05242DC361A217223E9B8EC2B3A76B, E2E5C7B853A734F11F71151B837B4D0C9BE5FFA171A700FC20ECA91B945D4832 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
13:40:34.0183 0x1a7c  avgtp - ok
13:40:34.0232 0x1a7c  [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:40:34.0245 0x1a7c  avipbb - ok
13:40:34.0303 0x1a7c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:40:34.0312 0x1a7c  avkmgr - ok
13:40:34.0339 0x1a7c  [ 3DE0EBA0BF4771C897F544CBF7CB8973, 6A032503561414EDCE0D123947AECACBAFE4BBF7D9849BA2DF010E28235973AB ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
13:40:34.0349 0x1a7c  avnetflt - ok
13:40:34.0361 0x1a7c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:40:34.0422 0x1a7c  AxInstSV - ok
13:40:34.0453 0x1a7c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:40:34.0483 0x1a7c  b06bdrv - ok
13:40:34.0497 0x1a7c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:40:34.0525 0x1a7c  b57nd60a - ok
13:40:34.0546 0x1a7c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:40:34.0585 0x1a7c  BDESVC - ok
13:40:34.0587 0x1a7c  Beep - ok
13:40:34.0617 0x1a7c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
13:40:34.0671 0x1a7c  BFE - ok
13:40:34.0712 0x1a7c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\system32\qmgr.dll
13:40:34.0774 0x1a7c  BITS - ok
13:40:34.0788 0x1a7c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:40:34.0816 0x1a7c  blbdrive - ok
13:40:34.0874 0x1a7c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:40:34.0891 0x1a7c  Bonjour Service - ok
13:40:34.0911 0x1a7c  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:40:34.0940 0x1a7c  bowser - ok
13:40:34.0956 0x1a7c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:40:34.0984 0x1a7c  BrFiltLo - ok
13:40:35.0000 0x1a7c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:40:35.0013 0x1a7c  BrFiltUp - ok
13:40:35.0044 0x1a7c  [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser         C:\Windows\System32\browser.dll
13:40:35.0094 0x1a7c  Browser - ok
13:40:35.0114 0x1a7c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:40:35.0152 0x1a7c  Brserid - ok
13:40:35.0163 0x1a7c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:40:35.0188 0x1a7c  BrSerWdm - ok
13:40:35.0202 0x1a7c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:40:35.0216 0x1a7c  BrUsbMdm - ok
13:40:35.0225 0x1a7c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:40:35.0247 0x1a7c  BrUsbSer - ok
13:40:35.0265 0x1a7c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:40:35.0288 0x1a7c  BTHMODEM - ok
13:40:35.0309 0x1a7c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:40:35.0362 0x1a7c  bthserv - ok
13:40:35.0401 0x1a7c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:40:35.0457 0x1a7c  cdfs - ok
13:40:35.0470 0x1a7c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:40:35.0495 0x1a7c  cdrom - ok
13:40:35.0507 0x1a7c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:40:35.0550 0x1a7c  CertPropSvc - ok
13:40:35.0648 0x1a7c  [ 213B6EC3DE19E35373A1906397588429, C72B74D4840946DC6952B9F6C4A568DA702DD2D6E211AA5BB7F82EF481F449C6 ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
13:40:35.0721 0x1a7c  CGVPNCliSrvc - ok
13:40:35.0737 0x1a7c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:40:35.0751 0x1a7c  circlass - ok
13:40:35.0771 0x1a7c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:40:35.0788 0x1a7c  CLFS - ok
13:40:35.0829 0x1a7c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:40:35.0838 0x1a7c  clr_optimization_v2.0.50727_32 - ok
13:40:35.0860 0x1a7c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:40:35.0870 0x1a7c  clr_optimization_v2.0.50727_64 - ok
13:40:35.0900 0x1a7c  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:40:35.0914 0x1a7c  clr_optimization_v4.0.30319_32 - ok
13:40:35.0922 0x1a7c  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:40:35.0943 0x1a7c  clr_optimization_v4.0.30319_64 - ok
13:40:35.0958 0x1a7c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:40:35.0970 0x1a7c  CmBatt - ok
13:40:35.0981 0x1a7c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:40:35.0991 0x1a7c  cmdide - ok
13:40:36.0029 0x1a7c  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:40:36.0062 0x1a7c  CNG - ok
13:40:36.0072 0x1a7c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:40:36.0081 0x1a7c  Compbatt - ok
13:40:36.0095 0x1a7c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:40:36.0120 0x1a7c  CompositeBus - ok
13:40:36.0122 0x1a7c  COMSysApp - ok
13:40:36.0180 0x1a7c  [ F4FD82F5D6617A45CC3C4B9D4E7DF2C0, 7FD97E17246F53DC191009BE0B434E89C5B9A937D3909FB1A6C43F64822B7421 ] CPUCooLServer   C:\Program Files (x86)\CPUCooL\CooLSrv.exe
13:40:36.0212 0x1a7c  CPUCooLServer - detected UnsignedFile.Multi.Generic ( 1 )
13:40:38.0624 0x1a7c  Detect skipped due to KSN trusted
13:40:38.0624 0x1a7c  CPUCooLServer - ok
13:40:38.0626 0x1a7c  cpuz132 - ok
13:40:38.0654 0x1a7c  cpuz135 - ok
13:40:38.0686 0x1a7c  cpuz136 - ok
13:40:38.0703 0x1a7c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:40:38.0713 0x1a7c  crcdisk - ok
13:40:38.0732 0x1a7c  [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:40:38.0773 0x1a7c  CryptSvc - ok
13:40:38.0790 0x1a7c  [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC             C:\Windows\system32\drivers\csc.sys
13:40:38.0825 0x1a7c  CSC - ok
13:40:38.0862 0x1a7c  [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService      C:\Windows\System32\cscsvc.dll
13:40:38.0915 0x1a7c  CscService - ok
13:40:38.0952 0x1a7c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:40:38.0992 0x1a7c  DcomLaunch - ok
13:40:39.0005 0x1a7c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:40:39.0046 0x1a7c  defragsvc - ok
13:40:39.0072 0x1a7c  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:40:39.0120 0x1a7c  DfsC - ok
13:40:39.0147 0x1a7c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:40:39.0218 0x1a7c  Dhcp - ok
13:40:39.0231 0x1a7c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:40:39.0269 0x1a7c  discache - ok
13:40:39.0283 0x1a7c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:40:39.0295 0x1a7c  Disk - ok
13:40:39.0320 0x1a7c  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:40:39.0362 0x1a7c  Dnscache - ok
13:40:39.0411 0x1a7c  [ FA122BC1451B1B35B7814FBE1ACF1924, 4E27B5E6201EC8B02EC578E4D16E8D34AC178081781E70FEA94D9D0A9B4C24D0 ] Dokan           C:\Windows\system32\drivers\dokan.sys
13:40:39.0423 0x1a7c  Dokan - ok
13:40:39.0457 0x1a7c  [ 8C856E531A1170F53AC6844E89CD0B5F, 64202D7CEF356A1BADE59A8D1F005483B69655D13BCA008110D667855DC6EE89 ] DokanMounter    C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
13:40:39.0469 0x1a7c  DokanMounter - detected UnsignedFile.Multi.Generic ( 1 )
13:40:41.0875 0x1a7c  Detect skipped due to KSN trusted
13:40:41.0875 0x1a7c  DokanMounter - ok
13:40:41.0897 0x1a7c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:40:41.0937 0x1a7c  dot3svc - ok
13:40:41.0977 0x1a7c  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
13:40:41.0994 0x1a7c  Dot4 - ok
13:40:42.0016 0x1a7c  [ 85135AD27E79B689335C08167D917CDE, B023ABF4CC71862AE107B27D3CD698517074A97FA76A8AE18058ACF39AC1E786 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:40:42.0035 0x1a7c  Dot4Print - ok
13:40:42.0049 0x1a7c  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
13:40:42.0074 0x1a7c  dot4usb - ok
13:40:42.0093 0x1a7c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
13:40:42.0130 0x1a7c  DPS - ok
13:40:42.0156 0x1a7c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:40:42.0168 0x1a7c  drmkaud - ok
13:40:42.0208 0x1a7c  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:40:42.0239 0x1a7c  DXGKrnl - ok
13:40:42.0259 0x1a7c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:40:42.0303 0x1a7c  EapHost - ok
13:40:42.0405 0x1a7c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:40:42.0517 0x1a7c  ebdrv - ok
13:40:42.0567 0x1a7c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
13:40:42.0617 0x1a7c  EFS - ok
13:40:42.0656 0x1a7c  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:40:42.0730 0x1a7c  ehRecvr - ok
13:40:42.0746 0x1a7c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:40:42.0770 0x1a7c  ehSched - ok
13:40:42.0795 0x1a7c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:40:42.0815 0x1a7c  elxstor - ok
13:40:42.0827 0x1a7c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:40:42.0852 0x1a7c  ErrDev - ok
13:40:42.0883 0x1a7c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:40:42.0931 0x1a7c  EventSystem - ok
13:40:42.0947 0x1a7c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:40:42.0978 0x1a7c  exfat - ok
13:40:42.0995 0x1a7c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:40:43.0026 0x1a7c  fastfat - ok
13:40:43.0059 0x1a7c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
13:40:43.0127 0x1a7c  Fax - ok
13:40:43.0135 0x1a7c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:40:43.0159 0x1a7c  fdc - ok
13:40:43.0174 0x1a7c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:40:43.0201 0x1a7c  fdPHost - ok
13:40:43.0211 0x1a7c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:40:43.0239 0x1a7c  FDResPub - ok
13:40:43.0251 0x1a7c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:40:43.0262 0x1a7c  FileInfo - ok
13:40:43.0272 0x1a7c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:40:43.0315 0x1a7c  Filetrace - ok
13:40:43.0338 0x1a7c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:40:43.0371 0x1a7c  flpydisk - ok
13:40:43.0400 0x1a7c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:40:43.0416 0x1a7c  FltMgr - ok
13:40:43.0454 0x1a7c  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
13:40:43.0526 0x1a7c  FontCache - ok
13:40:43.0557 0x1a7c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:40:43.0565 0x1a7c  FontCache3.0.0.0 - ok
13:40:43.0578 0x1a7c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:40:43.0588 0x1a7c  FsDepends - ok
13:40:43.0603 0x1a7c  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:40:43.0613 0x1a7c  Fs_Rec - ok
13:40:43.0627 0x1a7c  [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:40:43.0645 0x1a7c  fvevol - ok
13:40:43.0676 0x1a7c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:40:43.0686 0x1a7c  gagp30kx - ok
13:40:43.0750 0x1a7c  [ 2973B4EB7BE10A0D491B2037DCAAE88F, 17219885FF89EFD3538C7D780179060E3255B1E0D7BA5DF01AEA737123C07B59 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
13:40:43.0764 0x1a7c  Garmin Core Update Service - ok
13:40:43.0805 0x1a7c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:40:43.0813 0x1a7c  GEARAspiWDM - ok
13:40:43.0836 0x1a7c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:40:43.0882 0x1a7c  gpsvc - ok
13:40:43.0961 0x1a7c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:40:43.0971 0x1a7c  gupdate - ok
13:40:43.0985 0x1a7c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:40:43.0992 0x1a7c  gupdatem - ok
13:40:44.0000 0x1a7c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:40:44.0026 0x1a7c  hcw85cir - ok
13:40:44.0056 0x1a7c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:40:44.0089 0x1a7c  HdAudAddService - ok
13:40:44.0109 0x1a7c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:40:44.0132 0x1a7c  HDAudBus - ok
13:40:44.0147 0x1a7c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:40:44.0165 0x1a7c  HidBatt - ok
13:40:44.0181 0x1a7c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:40:44.0196 0x1a7c  HidBth - ok
13:40:44.0206 0x1a7c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:40:44.0232 0x1a7c  HidIr - ok
13:40:44.0245 0x1a7c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:40:44.0287 0x1a7c  hidserv - ok
13:40:44.0301 0x1a7c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:40:44.0313 0x1a7c  HidUsb - ok
13:40:44.0329 0x1a7c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:40:44.0358 0x1a7c  hkmsvc - ok
13:40:44.0374 0x1a7c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:40:44.0411 0x1a7c  HomeGroupListener - ok
13:40:44.0429 0x1a7c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:40:44.0453 0x1a7c  HomeGroupProvider - ok
13:40:44.0503 0x1a7c  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:40:44.0520 0x1a7c  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
13:40:46.0923 0x1a7c  Detect skipped due to KSN trusted
13:40:46.0923 0x1a7c  hpqcxs08 - ok
13:40:46.0946 0x1a7c  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:40:46.0965 0x1a7c  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:40:49.0371 0x1a7c  Detect skipped due to KSN trusted
13:40:49.0371 0x1a7c  hpqddsvc - ok
13:40:49.0387 0x1a7c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:40:49.0398 0x1a7c  HpSAMD - ok
13:40:49.0429 0x1a7c  HPSLPSVC - ok
13:40:49.0448 0x1a7c  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
13:40:49.0515 0x1a7c  HTCAND64 - ok
13:40:49.0526 0x1a7c  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
13:40:49.0534 0x1a7c  htcnprot - ok
13:40:49.0571 0x1a7c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:40:49.0631 0x1a7c  HTTP - ok
13:40:49.0648 0x1a7c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:40:49.0657 0x1a7c  hwpolicy - ok
13:40:49.0673 0x1a7c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:40:49.0700 0x1a7c  i8042prt - ok
13:40:49.0729 0x1a7c  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:40:49.0748 0x1a7c  iaStorV - ok
13:40:49.0794 0x1a7c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:40:49.0827 0x1a7c  idsvc - ok
13:40:49.0841 0x1a7c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:40:49.0851 0x1a7c  iirsp - ok
13:40:49.0887 0x1a7c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:40:49.0945 0x1a7c  IKEEXT - ok
13:40:49.0982 0x1a7c  [ ED9F842A948412A58C58EE8C46234AA8, 86265B9BCE15232CADACDAD66E5ECC766CB30EAA271811555A036C411855C057 ] INIDVD          C:\Windows\system32\DRIVERS\inidvd.sys
13:40:49.0990 0x1a7c  INIDVD - ok
13:40:50.0097 0x1a7c  [ 07E34A18AB9DAD1F680B1066D9782BFB, 62285189743CAA57B0108D8D4A197E5BB22143311026AD4AC5BA7BBEA7DC4299 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:40:50.0224 0x1a7c  IntcAzAudAddService - ok
13:40:50.0247 0x1a7c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:40:50.0257 0x1a7c  intelide - ok
13:40:50.0269 0x1a7c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:40:50.0292 0x1a7c  intelppm - ok
13:40:50.0305 0x1a7c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:40:50.0335 0x1a7c  IPBusEnum - ok
13:40:50.0360 0x1a7c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:40:50.0388 0x1a7c  IpFilterDriver - ok
13:40:50.0414 0x1a7c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:40:50.0466 0x1a7c  iphlpsvc - ok
13:40:50.0478 0x1a7c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:40:50.0499 0x1a7c  IPMIDRV - ok
13:40:50.0516 0x1a7c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:40:50.0555 0x1a7c  IPNAT - ok
13:40:50.0607 0x1a7c  [ 2872B90D57C8310194A78A9787406467, 1BD326E8E59330E07D6B93E514EC3E6629A2046316BC9371AB82FE62F0DA2E94 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:40:50.0628 0x1a7c  iPod Service - ok
13:40:50.0694 0x1a7c  [ 11FE7637A49B67D9B1F895B2AD4D982F, D448DA9083044E0B2627042D9FA5DC65C74A34AB09FF627777634B254260F4FB ] iprip           C:\Windows\System32\iprip.dll
13:40:50.0731 0x1a7c  iprip - ok
13:40:50.0735 0x1a7c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:40:50.0756 0x1a7c  IRENUM - ok
13:40:50.0773 0x1a7c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:40:50.0782 0x1a7c  isapnp - ok
13:40:50.0802 0x1a7c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:40:50.0816 0x1a7c  iScsiPrt - ok
13:40:50.0858 0x1a7c  [ 23A70C99813D554337500396188B9A07, 38AC132EB64948CC9544293349BACC9C32D592F41FB446D57B5C519FF1CE9A11 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
13:40:50.0868 0x1a7c  JRAID - ok
13:40:50.0883 0x1a7c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:40:50.0894 0x1a7c  kbdclass - ok
13:40:50.0901 0x1a7c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:40:50.0912 0x1a7c  kbdhid - ok
13:40:50.0921 0x1a7c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
13:40:50.0931 0x1a7c  KeyIso - ok
13:40:50.0950 0x1a7c  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:40:50.0961 0x1a7c  KSecDD - ok
13:40:50.0976 0x1a7c  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:40:51.0010 0x1a7c  KSecPkg - ok
13:40:51.0044 0x1a7c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:40:51.0079 0x1a7c  ksthunk - ok
13:40:51.0128 0x1a7c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:40:51.0175 0x1a7c  KtmRm - ok
13:40:51.0203 0x1a7c  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:40:51.0244 0x1a7c  LanmanServer - ok
13:40:51.0275 0x1a7c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:40:51.0320 0x1a7c  LanmanWorkstation - ok
13:40:51.0366 0x1a7c  [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:40:51.0382 0x1a7c  LBTServ - ok
13:40:51.0400 0x1a7c  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
13:40:51.0409 0x1a7c  LGBusEnum - ok
13:40:51.0424 0x1a7c  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
13:40:51.0431 0x1a7c  LGVirHid - ok
13:40:51.0447 0x1a7c  [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:40:51.0456 0x1a7c  LHidFilt - ok
13:40:51.0459 0x1a7c  libusb0 - ok
13:40:51.0462 0x1a7c  libusbd - ok
13:40:51.0491 0x1a7c  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:40:51.0496 0x1a7c  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
13:40:54.0399 0x1a7c  Detect skipped due to KSN trusted
13:40:54.0399 0x1a7c  LightScribeService - ok
13:40:54.0419 0x1a7c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:40:54.0446 0x1a7c  lltdio - ok
13:40:54.0476 0x1a7c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:40:54.0524 0x1a7c  lltdsvc - ok
13:40:54.0538 0x1a7c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:40:54.0576 0x1a7c  lmhosts - ok
13:40:54.0594 0x1a7c  [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:40:54.0603 0x1a7c  LMouFilt - ok
13:40:54.0622 0x1a7c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:40:54.0635 0x1a7c  LSI_FC - ok
13:40:54.0648 0x1a7c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:40:54.0660 0x1a7c  LSI_SAS - ok
13:40:54.0671 0x1a7c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:40:54.0681 0x1a7c  LSI_SAS2 - ok
13:40:54.0687 0x1a7c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:40:54.0698 0x1a7c  LSI_SCSI - ok
13:40:54.0706 0x1a7c  [ 29C733E1DE824670DC9315CFC9BDBCD3, 8CFC987FEB174D91E415DEC89437D31D7AA5F6B7685641372EF26790E1444610 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
13:40:54.0714 0x1a7c  LUsbFilt - ok
13:40:54.0756 0x1a7c  [ CD51E1D0D638F1E07A6EDC98CD7F5DDA, 360AC29DFE46C96BB41045DE325729397F17912DBAF83D5119EBD2A3A8C9A5FB ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
13:40:54.0766 0x1a7c  mbamchameleon - ok
13:40:54.0805 0x1a7c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:40:54.0813 0x1a7c  MBAMProtector - ok
13:40:54.0870 0x1a7c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:40:54.0886 0x1a7c  MBAMScheduler - ok
13:40:54.0917 0x1a7c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:40:54.0939 0x1a7c  MBAMService - ok
13:40:54.0954 0x1a7c  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:40:54.0977 0x1a7c  Mcx2Svc - ok
13:40:54.0992 0x1a7c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:40:55.0002 0x1a7c  megasas - ok
13:40:55.0021 0x1a7c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:40:55.0037 0x1a7c  MegaSR - ok
13:40:55.0066 0x1a7c  Microsoft SharePoint Workspace Audit Service - ok
13:40:55.0079 0x1a7c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:40:55.0108 0x1a7c  MMCSS - ok
13:40:55.0119 0x1a7c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:40:55.0156 0x1a7c  Modem - ok
13:40:55.0174 0x1a7c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:40:55.0200 0x1a7c  monitor - ok
13:40:55.0224 0x1a7c  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
13:40:55.0234 0x1a7c  MotioninJoyXFilter - ok
13:40:55.0243 0x1a7c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:40:55.0253 0x1a7c  mouclass - ok
13:40:55.0267 0x1a7c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:40:55.0285 0x1a7c  mouhid - ok
13:40:55.0298 0x1a7c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:40:55.0309 0x1a7c  mountmgr - ok
13:40:55.0326 0x1a7c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:40:55.0338 0x1a7c  mpio - ok
13:40:55.0354 0x1a7c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:40:55.0381 0x1a7c  mpsdrv - ok
13:40:55.0412 0x1a7c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:40:55.0460 0x1a7c  MpsSvc - ok
13:40:55.0490 0x1a7c  [ CD22D2563039DDA6793F7624719363A7, 82C91467EDCB61B1DD086A1D25925E4D89E43EF6EFAE3C59AFF3D73280119AF6 ] MQAC            C:\Windows\system32\drivers\mqac.sys
13:40:55.0523 0x1a7c  MQAC - ok
13:40:55.0536 0x1a7c  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:40:55.0553 0x1a7c  MRxDAV - ok
13:40:55.0567 0x1a7c  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:40:55.0589 0x1a7c  mrxsmb - ok
13:40:55.0615 0x1a7c  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:40:55.0640 0x1a7c  mrxsmb10 - ok
13:40:55.0646 0x1a7c  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:40:55.0664 0x1a7c  mrxsmb20 - ok
13:40:55.0678 0x1a7c  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:40:55.0688 0x1a7c  msahci - ok
13:40:55.0714 0x1a7c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:40:55.0726 0x1a7c  msdsm - ok
13:40:55.0743 0x1a7c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:40:55.0758 0x1a7c  MSDTC - ok
13:40:55.0767 0x1a7c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:40:55.0849 0x1a7c  Msfs - ok
13:40:55.0875 0x1a7c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:40:55.0960 0x1a7c  mshidkmdf - ok
13:40:55.0985 0x1a7c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:40:55.0995 0x1a7c  msisadrv - ok
13:40:56.0029 0x1a7c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:40:56.0073 0x1a7c  MSiSCSI - ok
13:40:56.0076 0x1a7c  msiserver - ok
13:40:56.0088 0x1a7c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:40:56.0113 0x1a7c  MSKSSRV - ok
13:40:56.0125 0x1a7c  [ FAAEAEF99E53561BEEE58F946CA56F0D, 78AC692C4B80616E4C44ED20954B8D2FCE2215056C2ED3522123E5B50A7CE67A ] MSMQ            C:\Windows\system32\mqsvc.exe
13:40:56.0150 0x1a7c  MSMQ - ok
13:40:56.0153 0x1a7c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:40:56.0179 0x1a7c  MSPCLOCK - ok
13:40:56.0190 0x1a7c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:40:56.0228 0x1a7c  MSPQM - ok
13:40:56.0253 0x1a7c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:40:56.0270 0x1a7c  MsRPC - ok
13:40:56.0275 0x1a7c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:40:56.0284 0x1a7c  mssmbios - ok
13:40:56.0293 0x1a7c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:40:56.0319 0x1a7c  MSTEE - ok
13:40:56.0331 0x1a7c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:40:56.0341 0x1a7c  MTConfig - ok
13:40:56.0359 0x1a7c  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
13:40:56.0366 0x1a7c  MTsensor - ok
13:40:56.0370 0x1a7c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:40:56.0380 0x1a7c  Mup - ok
13:40:56.0383 0x1a7c  mvvideodemo - ok
13:40:56.0405 0x1a7c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
13:40:56.0443 0x1a7c  napagent - ok
13:40:56.0461 0x1a7c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:40:56.0483 0x1a7c  NativeWifiP - ok
13:40:56.0557 0x1a7c  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
13:40:56.0595 0x1a7c  NAUpdate - ok
13:40:56.0647 0x1a7c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:40:56.0677 0x1a7c  NDIS - ok
13:40:56.0686 0x1a7c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:40:56.0713 0x1a7c  NdisCap - ok
13:40:56.0722 0x1a7c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:40:56.0762 0x1a7c  NdisTapi - ok
13:40:56.0781 0x1a7c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:40:56.0822 0x1a7c  Ndisuio - ok
13:40:56.0839 0x1a7c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:40:56.0869 0x1a7c  NdisWan - ok
13:40:56.0881 0x1a7c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:40:56.0908 0x1a7c  NDProxy - ok
13:40:56.0955 0x1a7c  [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:40:56.0982 0x1a7c  Nero BackItUp Scheduler 4.0 - ok
13:40:57.0048 0x1a7c  [ D554BAB5233582DAEADCD78B8495F77B, 9D359EABA7DA352E08572173592187B6C25825AD21AB8108055DCFC70E4C7E63 ] NeroMediaHomeService.4 C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
13:40:57.0072 0x1a7c  NeroMediaHomeService.4 - ok
13:40:57.0113 0x1a7c  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:40:57.0120 0x1a7c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:40:59.0538 0x1a7c  Detect skipped due to KSN trusted
13:40:59.0538 0x1a7c  Net Driver HPZ12 - ok
13:40:59.0554 0x1a7c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:40:59.0582 0x1a7c  NetBIOS - ok
13:40:59.0594 0x1a7c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:40:59.0636 0x1a7c  NetBT - ok
13:40:59.0649 0x1a7c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
13:40:59.0659 0x1a7c  Netlogon - ok
13:40:59.0680 0x1a7c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:40:59.0724 0x1a7c  Netman - ok
13:40:59.0774 0x1a7c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:40:59.0787 0x1a7c  NetMsmqActivator - ok
13:40:59.0793 0x1a7c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:40:59.0805 0x1a7c  NetPipeActivator - ok
13:40:59.0830 0x1a7c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:40:59.0867 0x1a7c  netprofm - ok
13:40:59.0897 0x1a7c  [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
13:40:59.0953 0x1a7c  netr28ux - ok
13:40:59.0960 0x1a7c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:40:59.0973 0x1a7c  NetTcpActivator - ok
13:40:59.0978 0x1a7c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:40:59.0991 0x1a7c  NetTcpPortSharing - ok
13:41:00.0005 0x1a7c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:41:00.0016 0x1a7c  nfrd960 - ok
13:41:00.0032 0x1a7c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:41:00.0066 0x1a7c  NlaSvc - ok
13:41:00.0083 0x1a7c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:41:00.0123 0x1a7c  Npfs - ok
13:41:00.0136 0x1a7c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:41:00.0175 0x1a7c  nsi - ok
13:41:00.0188 0x1a7c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:41:00.0214 0x1a7c  nsiproxy - ok
13:41:00.0276 0x1a7c  [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:41:00.0332 0x1a7c  Ntfs - ok
13:41:00.0366 0x1a7c  [ 69E894C5A09C6A6E6372E35653BB05F3, D377E6D7AF16468559C36D2145FE3AF5D696B57CC9F8A0D47489923D723B8D9D ] ntiopnp         C:\Windows\system32\drivers\ntiopnp.sys
13:41:00.0375 0x1a7c  ntiopnp - ok
13:41:00.0382 0x1a7c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:41:00.0423 0x1a7c  Null - ok
13:41:00.0448 0x1a7c  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:41:00.0461 0x1a7c  nvraid - ok
13:41:00.0486 0x1a7c  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:41:00.0500 0x1a7c  nvstor - ok
13:41:00.0517 0x1a7c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:41:00.0529 0x1a7c  nv_agp - ok
13:41:00.0542 0x1a7c  [ A03C9AC923CDF513AFE069114FBC60AD, 0307769BC780585E5070BD833705A0407AC9C9CF842C222A525898BA834DC8EE ] oem-drv64       C:\Windows\system32\DRIVERS\oem-drv64.sys
13:41:00.0560 0x1a7c  oem-drv64 - detected UnsignedFile.Multi.Generic ( 1 )
13:41:02.0961 0x1a7c  oem-drv64 ( UnsignedFile.Multi.Generic ) - warning
13:41:05.0316 0x1a7c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:41:05.0337 0x1a7c  ohci1394 - ok
13:41:05.0433 0x1a7c  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:41:05.0447 0x1a7c  ose64 - ok
13:41:05.0608 0x1a7c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:41:05.0792 0x1a7c  osppsvc - ok
13:41:05.0822 0x1a7c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:41:05.0842 0x1a7c  Parport - ok
13:41:05.0866 0x1a7c  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:41:05.0877 0x1a7c  partmgr - ok
13:41:05.0917 0x1a7c  [ 39B9DCD7040654C2E57D7396736C718E, 70A637A955A2611E5ADA31FDD4B1D7EEECFBC22504A770DA71B502E160AEDAFD ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
13:41:05.0937 0x1a7c  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
13:41:08.0341 0x1a7c  Detect skipped due to KSN trusted
13:41:08.0341 0x1a7c  PassThru Service - ok
13:41:08.0363 0x1a7c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:41:08.0381 0x1a7c  PcaSvc - ok
13:41:08.0389 0x1a7c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:41:08.0402 0x1a7c  pci - ok
13:41:08.0406 0x1a7c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:41:08.0415 0x1a7c  pciide - ok
13:41:08.0430 0x1a7c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:41:08.0444 0x1a7c  pcmcia - ok
13:41:08.0449 0x1a7c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:41:08.0458 0x1a7c  pcw - ok
13:41:08.0481 0x1a7c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:41:08.0523 0x1a7c  PEAUTH - ok
13:41:08.0572 0x1a7c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:41:08.0661 0x1a7c  PeerDistSvc - ok
13:41:08.0709 0x1a7c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:41:08.0730 0x1a7c  PerfHost - ok
13:41:08.0788 0x1a7c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
13:41:08.0863 0x1a7c  pla - ok
13:41:08.0902 0x1a7c  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:41:08.0929 0x1a7c  PlugPlay - ok
13:41:08.0962 0x1a7c  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:41:08.0978 0x1a7c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:41:11.0381 0x1a7c  Detect skipped due to KSN trusted
13:41:11.0381 0x1a7c  Pml Driver HPZ12 - ok
13:41:11.0431 0x1a7c  [ 205E1B699FD3F2F9B036EEA2EC30C620, 9D5C8009BC3F6F76438FC82C3DAAA3E9CC87F74CDE841A0ADD9EF00E98DB6890 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
13:41:11.0441 0x1a7c  PnkBstrA - ok
13:41:11.0490 0x1a7c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:41:11.0540 0x1a7c  PolicyAgent - ok
13:41:11.0566 0x1a7c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:41:11.0605 0x1a7c  Power - ok
13:41:11.0625 0x1a7c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:41:11.0662 0x1a7c  PptpMiniport - ok
13:41:11.0677 0x1a7c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:41:11.0701 0x1a7c  Processor - ok
13:41:11.0725 0x1a7c  [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc         C:\Windows\system32\profsvc.dll
13:41:11.0770 0x1a7c  ProfSvc - ok
13:41:11.0784 0x1a7c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:41:11.0793 0x1a7c  ProtectedStorage - ok
13:41:11.0805 0x1a7c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:41:11.0843 0x1a7c  Psched - ok
13:41:11.0881 0x1a7c  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
13:41:11.0889 0x1a7c  PSI - ok
13:41:11.0907 0x1a7c  [ FDA6EFB7014E8C4524CB6B5B885E8A95, C305226285B9319CAFB8EE6B44704AF7EBD4D5574D2FD21F827DB7A250538C0B ] PsxDrv          C:\Windows\system32\drivers\psxdrv.sys
13:41:11.0933 0x1a7c  PsxDrv - ok
13:41:11.0977 0x1a7c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:41:12.0032 0x1a7c  ql2300 - ok
13:41:12.0047 0x1a7c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:41:12.0059 0x1a7c  ql40xx - ok
13:41:12.0081 0x1a7c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:41:12.0100 0x1a7c  QWAVE - ok
13:41:12.0111 0x1a7c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:41:12.0135 0x1a7c  QWAVEdrv - ok
13:41:12.0150 0x1a7c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:41:12.0176 0x1a7c  RasAcd - ok
13:41:12.0195 0x1a7c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:41:12.0222 0x1a7c  RasAgileVpn - ok
13:41:12.0234 0x1a7c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:41:12.0263 0x1a7c  RasAuto - ok
13:41:12.0280 0x1a7c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:41:12.0317 0x1a7c  Rasl2tp - ok
13:41:12.0348 0x1a7c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
13:41:12.0399 0x1a7c  RasMan - ok
13:41:12.0413 0x1a7c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:41:12.0450 0x1a7c  RasPppoe - ok
13:41:12.0469 0x1a7c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:41:12.0497 0x1a7c  RasSstp - ok
13:41:12.0511 0x1a7c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:41:12.0544 0x1a7c  rdbss - ok
13:41:12.0552 0x1a7c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:41:12.0572 0x1a7c  rdpbus - ok
13:41:12.0585 0x1a7c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:41:12.0611 0x1a7c  RDPCDD - ok
13:41:12.0628 0x1a7c  [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:41:12.0643 0x1a7c  RDPDR - ok
13:41:12.0647 0x1a7c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:41:12.0684 0x1a7c  RDPENCDD - ok
13:41:12.0691 0x1a7c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:41:12.0717 0x1a7c  RDPREFMP - ok
13:41:12.0754 0x1a7c  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:41:12.0782 0x1a7c  RDPWD - ok
13:41:12.0803 0x1a7c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:41:12.0816 0x1a7c  rdyboost - ok
13:41:12.0839 0x1a7c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:41:12.0881 0x1a7c  RemoteAccess - ok
13:41:12.0901 0x1a7c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:41:12.0929 0x1a7c  RpcEptMapper - ok
13:41:12.0942 0x1a7c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:41:12.0961 0x1a7c  RpcLocator - ok
13:41:12.0990 0x1a7c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
13:41:13.0026 0x1a7c  RpcSs - ok
13:41:13.0043 0x1a7c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:41:13.0082 0x1a7c  rspndr - ok
13:41:13.0129 0x1a7c  [ EF91E0806C01806C3CF62AF006901127, 1F49D57B6598EF0923DF70FD31B755B29D5ED4D38840D7619D3399B759FD579F ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:41:13.0157 0x1a7c  RTL8167 - ok
13:41:13.0169 0x1a7c  RTL8192cu - ok
13:41:13.0184 0x1a7c  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
13:41:13.0229 0x1a7c  s3cap - ok
13:41:13.0241 0x1a7c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
13:41:13.0251 0x1a7c  SamSs - ok
13:41:13.0274 0x1a7c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:41:13.0286 0x1a7c  sbp2port - ok
13:41:13.0322 0x1a7c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:41:13.0363 0x1a7c  SCardSvr - ok
13:41:13.0384 0x1a7c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:41:13.0425 0x1a7c  scfilter - ok
13:41:13.0474 0x1a7c  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
13:41:13.0554 0x1a7c  Schedule - ok
13:41:13.0576 0x1a7c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:41:13.0602 0x1a7c  SCPolicySvc - ok
13:41:13.0635 0x1a7c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:41:13.0650 0x1a7c  SDRSVC - ok
13:41:13.0659 0x1a7c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:41:13.0698 0x1a7c  secdrv - ok
13:41:13.0731 0x1a7c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
13:41:13.0771 0x1a7c  seclogon - ok
13:41:13.0854 0x1a7c  [ 306F9390976E41063D21AB9AB6D48122, 77C4814AFC6719059E64492BD4B79A1B3ADA8F9EC4C34B51489983C98AC6E300 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:41:13.0897 0x1a7c  Secunia PSI Agent - ok
13:41:13.0932 0x1a7c  [ 29C852880E9634F8C6BD77A4E68B5B34, A9A5FEB3003AC5B3532275A8B35EEE89C7256F2A6870656FB417854CDC278C1E ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
13:41:13.0952 0x1a7c  Secunia Update Agent - ok
13:41:13.0961 0x1a7c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:41:14.0000 0x1a7c  SENS - ok
13:41:14.0016 0x1a7c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:41:14.0045 0x1a7c  SensrSvc - ok
13:41:14.0054 0x1a7c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:41:14.0076 0x1a7c  Serenum - ok
13:41:14.0091 0x1a7c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:41:14.0104 0x1a7c  Serial - ok
13:41:14.0123 0x1a7c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:41:14.0148 0x1a7c  sermouse - ok
13:41:14.0177 0x1a7c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:41:14.0206 0x1a7c  SessionEnv - ok
13:41:14.0233 0x1a7c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:41:14.0263 0x1a7c  sffdisk - ok
13:41:14.0278 0x1a7c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:41:14.0289 0x1a7c  sffp_mmc - ok
13:41:14.0304 0x1a7c  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:41:14.0322 0x1a7c  sffp_sd - ok
13:41:14.0339 0x1a7c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:41:14.0350 0x1a7c  sfloppy - ok
13:41:14.0399 0x1a7c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:41:14.0446 0x1a7c  SharedAccess - ok
13:41:14.0476 0x1a7c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:41:14.0507 0x1a7c  ShellHWDetection - ok
13:41:14.0534 0x1a7c  [ E9E830D540EDEDED650F906628468548, 9800160C6807B28A2A1E57810151473C96F1484F2EF75D3E378E8C96440CD4CE ] simptcp         C:\Windows\System32\tcpsvcs.exe
13:41:14.0556 0x1a7c  simptcp - ok
13:41:14.0576 0x1a7c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:41:14.0586 0x1a7c  SiSRaid2 - ok
13:41:14.0596 0x1a7c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:41:14.0607 0x1a7c  SiSRaid4 - ok
13:41:14.0658 0x1a7c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:41:14.0673 0x1a7c  SkypeUpdate - ok
13:41:14.0691 0x1a7c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:41:14.0720 0x1a7c  Smb - ok
13:41:14.0755 0x1a7c  [ 9228728C94B74F2E1EC78AF56795F940, 35AF180A364C3F518E7C4E74B42C72262601AC6ACEBA09035E8336B88098D34B ] SNMP            C:\Windows\System32\snmp.exe
13:41:14.0797 0x1a7c  SNMP - ok
13:41:14.0808 0x1a7c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:41:14.0829 0x1a7c  SNMPTRAP - ok
13:41:14.0866 0x1a7c  [ F9369327409492097B0BB7CE86BD29DE, 7E9B7A9659A6971029E491C702C306E2078B8F5547FCF874FDA8BAD5898D5E25 ] Soluto          C:\Windows\system32\DRIVERS\Soluto.sys
13:41:14.0875 0x1a7c  Soluto - ok
13:41:14.0907 0x1a7c  [ 27366B2132F818F67B2C1956C012D0A0, AD97A89CC921B4F8BE8D3434A12A12DB405E0DBF2E881E14D5D29AE6494E8486 ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe
13:41:14.0917 0x1a7c  SolutoLauncherService - ok
13:41:14.0951 0x1a7c  [ 94DD8FDB569EFC1CCC2C68B32C1CDF01, DA119ED52D6ED2A48C046E09A037BF52243D3B638492EE9AFD15E6C583A15808 ] SolutoService   C:\Program Files\Soluto\SolutoService.exe
13:41:14.0971 0x1a7c  SolutoService - ok
13:41:15.0014 0x1a7c  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
13:41:15.0024 0x1a7c  speedfan - ok
13:41:15.0043 0x1a7c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:41:15.0052 0x1a7c  spldr - ok
13:41:15.0088 0x1a7c  [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler         C:\Windows\System32\spoolsv.exe
13:41:15.0153 0x1a7c  Spooler - ok
13:41:15.0241 0x1a7c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:41:15.0370 0x1a7c  sppsvc - ok
13:41:15.0394 0x1a7c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:41:15.0421 0x1a7c  sppuinotify - ok
13:41:15.0434 0x1a7c  sptd - ok
13:41:15.0461 0x1a7c  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:41:15.0501 0x1a7c  srv - ok
13:41:15.0515 0x1a7c  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:41:15.0535 0x1a7c  srv2 - ok
13:41:15.0546 0x1a7c  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:41:15.0561 0x1a7c  srvnet - ok
13:41:15.0580 0x1a7c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:41:15.0610 0x1a7c  SSDPSRV - ok
13:41:15.0626 0x1a7c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:41:15.0661 0x1a7c  SstpSvc - ok
13:41:15.0711 0x1a7c  Steam Client Service - ok
13:41:15.0733 0x1a7c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:41:15.0743 0x1a7c  stexstor - ok
13:41:15.0766 0x1a7c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
13:41:15.0808 0x1a7c  stisvc - ok
13:41:15.0870 0x1a7c  [ 023EB5C6E3322E595E53B0FC1A1F9300, E4AF04CF3035F9A28A9D175F5A3958F24E5A0B8AD573A023618F6A98FD42A663 ] StkCMini        C:\Windows\system32\Drivers\StkCMini.sys
13:41:15.0928 0x1a7c  StkCMini - detected UnsignedFile.Multi.Generic ( 1 )
13:41:18.0328 0x1a7c  StkCMini ( UnsignedFile.Multi.Generic ) - warning
13:41:20.0689 0x1a7c  [ 54FB71D9645AE6754BA3390813280DBD, 560E1DDB2E79E3DDD02C35ACC4729E3E40C82B35412B3A10183E588396BDF1F3 ] StkSSrv         C:\Windows\System32\StkCSrv.exe
13:41:20.0706 0x1a7c  StkSSrv - detected UnsignedFile.Multi.Generic ( 1 )
13:41:23.0107 0x1a7c  Detect skipped due to KSN trusted
13:41:23.0107 0x1a7c  StkSSrv - ok
13:41:23.0139 0x1a7c  [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
13:41:23.0149 0x1a7c  storflt - ok
13:41:23.0171 0x1a7c  [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
13:41:23.0181 0x1a7c  storvsc - ok
13:41:23.0195 0x1a7c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:41:23.0204 0x1a7c  swenum - ok
13:41:23.0234 0x1a7c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:41:23.0273 0x1a7c  swprv - ok
13:41:23.0339 0x1a7c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
13:41:23.0425 0x1a7c  SysMain - ok
13:41:23.0449 0x1a7c  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:41:23.0459 0x1a7c  tap0901 - ok
13:41:23.0499 0x1a7c  [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
13:41:23.0508 0x1a7c  taphss6 - ok
13:41:23.0526 0x1a7c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:41:23.0574 0x1a7c  TapiSrv - ok
13:41:23.0596 0x1a7c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:41:23.0624 0x1a7c  TBS - ok
13:41:23.0720 0x1a7c  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:41:23.0785 0x1a7c  Tcpip - ok
13:41:23.0837 0x1a7c  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:41:23.0880 0x1a7c  TCPIP6 - ok
13:41:23.0898 0x1a7c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:41:23.0939 0x1a7c  tcpipreg - ok
13:41:23.0954 0x1a7c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:41:23.0982 0x1a7c  TDPIPE - ok
13:41:24.0008 0x1a7c  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:41:24.0039 0x1a7c  TDTCP - ok
13:41:24.0055 0x1a7c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:41:24.0083 0x1a7c  tdx - ok
13:41:24.0176 0x1a7c  [ 1C46C27E9F1938B9589859C70450D275, 7DBE7E85B9EA22F0CE556829C21F2A1492DEDF1DAB798A4E52E6D2C744467CB5 ] TeamViewer6     C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
13:41:24.0264 0x1a7c  TeamViewer6 - ok
13:41:24.0290 0x1a7c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:41:24.0300 0x1a7c  TermDD - ok
13:41:24.0324 0x1a7c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
13:41:24.0366 0x1a7c  TermService - ok
13:41:24.0381 0x1a7c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:41:24.0395 0x1a7c  Themes - ok
13:41:24.0420 0x1a7c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:41:24.0446 0x1a7c  THREADORDER - ok
13:41:24.0472 0x1a7c  [ 519CB7D7F697F4BA47DE05845C20F158, F4B40014CB5047463FC40C28D9CFF0DA5E8592A2A9ED8E938A0A9D43DBD0A516 ] TlntSvr         C:\Windows\System32\tlntsvr.exe
13:41:24.0500 0x1a7c  TlntSvr - ok
13:41:24.0539 0x1a7c  [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
13:41:24.0549 0x1a7c  TomTomHOMEService - ok
13:41:24.0565 0x1a7c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:41:24.0608 0x1a7c  TrkWks - ok
13:41:24.0648 0x1a7c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:41:24.0672 0x1a7c  TrustedInstaller - ok
13:41:24.0681 0x1a7c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:41:24.0706 0x1a7c  tssecsrv - ok
13:41:24.0732 0x1a7c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:41:24.0762 0x1a7c  tunnel - ok
13:41:24.0852 0x1a7c  [ 9A404CE3D11FA26F1EB08BE2F9C9269A, 6D0A91100C015F475B66270BF51173DAB42B8036693EB730A35E2587922D2A94 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe
13:41:24.0904 0x1a7c  TVersityMediaServer - ok
13:41:24.0922 0x1a7c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:41:24.0933 0x1a7c  uagp35 - ok
13:41:24.0948 0x1a7c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:41:24.0981 0x1a7c  udfs - ok
13:41:24.0994 0x1a7c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:41:25.0006 0x1a7c  UI0Detect - ok
13:41:25.0020 0x1a7c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:41:25.0033 0x1a7c  uliagpkx - ok
13:41:25.0054 0x1a7c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:41:25.0066 0x1a7c  umbus - ok
13:41:25.0081 0x1a7c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:41:25.0098 0x1a7c  UmPass - ok
13:41:25.0122 0x1a7c  [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:41:25.0145 0x1a7c  UmRdpService - ok
13:41:25.0175 0x1a7c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:41:25.0217 0x1a7c  upnphost - ok
13:41:25.0243 0x1a7c  [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:41:25.0269 0x1a7c  usbaudio - ok
13:41:25.0298 0x1a7c  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:41:25.0335 0x1a7c  usbccgp - ok
13:41:25.0354 0x1a7c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:41:25.0379 0x1a7c  usbcir - ok
13:41:25.0396 0x1a7c  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:41:25.0418 0x1a7c  usbehci - ok
13:41:25.0439 0x1a7c  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:41:25.0457 0x1a7c  usbhub - ok
13:41:25.0474 0x1a7c  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:41:25.0493 0x1a7c  usbohci - ok
13:41:25.0512 0x1a7c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:41:25.0525 0x1a7c  usbprint - ok
13:41:25.0543 0x1a7c  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:41:25.0557 0x1a7c  usbscan - ok
13:41:25.0580 0x1a7c  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:41:25.0607 0x1a7c  USBSTOR - ok
13:41:25.0619 0x1a7c  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:41:25.0637 0x1a7c  usbuhci - ok
13:41:25.0665 0x1a7c  [ E388D1507E779D0B499A1D87476E4230, 9818AA09BFBCB5C26B13EF1B0F3702678CA5C5C284A9480E7DF31AFD9DC93197 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
13:41:25.0732 0x1a7c  usb_rndisx - ok
13:41:25.0751 0x1a7c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:41:25.0779 0x1a7c  UxSms - ok
13:41:25.0826 0x1a7c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
13:41:25.0835 0x1a7c  VaultSvc - ok
13:41:25.0882 0x1a7c  [ 84BB306B7863883018D7F3EB0C453BD5, 0602C6987E42ADB3F98D200BA078363F80389941938E0611C3CCA6AD6A183DD0 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
13:41:25.0920 0x1a7c  VClone - ok
13:41:25.0929 0x1a7c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:41:25.0939 0x1a7c  vdrvroot - ok
13:41:25.0964 0x1a7c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
13:41:26.0003 0x1a7c  vds - ok
13:41:26.0018 0x1a7c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:41:26.0031 0x1a7c  vga - ok
13:41:26.0068 0x1a7c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:41:26.0094 0x1a7c  VgaSave - ok
13:41:26.0109 0x1a7c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:41:26.0122 0x1a7c  vhdmp - ok
13:41:26.0135 0x1a7c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:41:26.0145 0x1a7c  viaide - ok
13:41:26.0166 0x1a7c  [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
13:41:26.0180 0x1a7c  vmbus - ok
13:41:26.0191 0x1a7c  [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
13:41:26.0211 0x1a7c  VMBusHID - ok
13:41:26.0217 0x1a7c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:41:26.0227 0x1a7c  volmgr - ok
13:41:26.0254 0x1a7c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:41:26.0270 0x1a7c  volmgrx - ok
13:41:26.0289 0x1a7c  [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:41:26.0305 0x1a7c  volsnap - ok
13:41:26.0335 0x1a7c  [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
13:41:26.0373 0x1a7c  vpcbus - ok
13:41:26.0402 0x1a7c  [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:41:26.0414 0x1a7c  vpcnfltr - ok
13:41:26.0434 0x1a7c  [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
13:41:26.0446 0x1a7c  vpcusb - ok
13:41:26.0472 0x1a7c  [ C5B651E52540E6F46DA66574C74B4898, 4292E1D574FB0AF1D61F17F88D82A1A77738A3F7ECECB49FF20997FEC99078B2 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
13:41:26.0490 0x1a7c  vpcvmm - ok
13:41:26.0504 0x1a7c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:41:26.0516 0x1a7c  vsmraid - ok
13:41:26.0568 0x1a7c  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
13:41:26.0663 0x1a7c  VSS - ok
13:41:26.0678 0x1a7c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:41:26.0705 0x1a7c  vwifibus - ok
13:41:26.0724 0x1a7c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:41:26.0748 0x1a7c  vwififlt - ok
13:41:26.0833 0x1a7c  [ 06D2B9BC146BB0F45F45FF7A296D50C4, A182C30FBA200673132D43E679F17C8F986ADA39B043A73857640C9D587E0DC5 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
13:41:26.0867 0x1a7c  W3SVC - ok
13:41:26.0881 0x1a7c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:41:26.0893 0x1a7c  WacomPen - ok
13:41:26.0911 0x1a7c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:41:26.0938 0x1a7c  WANARP - ok
13:41:26.0945 0x1a7c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:41:26.0971 0x1a7c  Wanarpv6 - ok
13:41:27.0003 0x1a7c  [ 06D2B9BC146BB0F45F45FF7A296D50C4, A182C30FBA200673132D43E679F17C8F986ADA39B043A73857640C9D587E0DC5 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
13:41:27.0022 0x1a7c  WAS - ok
13:41:27.0086 0x1a7c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:41:27.0131 0x1a7c  WatAdminSvc - ok
13:41:27.0182 0x1a7c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
13:41:27.0290 0x1a7c  wbengine - ok
13:41:27.0310 0x1a7c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:41:27.0344 0x1a7c  WbioSrvc - ok
13:41:27.0376 0x1a7c  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:41:27.0403 0x1a7c  wcncsvc - ok
13:41:27.0417 0x1a7c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:41:27.0471 0x1a7c  WcsPlugInService - ok
13:41:27.0487 0x1a7c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:41:27.0497 0x1a7c  Wd - ok
13:41:27.0534 0x1a7c  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:41:27.0561 0x1a7c  Wdf01000 - ok
13:41:27.0574 0x1a7c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:41:27.0603 0x1a7c  WdiServiceHost - ok
13:41:27.0609 0x1a7c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:41:27.0625 0x1a7c  WdiSystemHost - ok
13:41:27.0656 0x1a7c  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
13:41:27.0686 0x1a7c  WebClient - ok
13:41:27.0701 0x1a7c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:41:27.0744 0x1a7c  Wecsvc - ok
13:41:27.0767 0x1a7c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:41:27.0793 0x1a7c  WfpLwf - ok
13:41:27.0809 0x1a7c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:41:27.0819 0x1a7c  WIMMount - ok
13:41:27.0834 0x1a7c  WinHttpAutoProxySvc - ok
13:41:27.0881 0x1a7c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:41:27.0920 0x1a7c  Winmgmt - ok
13:41:27.0977 0x1a7c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:41:28.0065 0x1a7c  WinRM - ok
13:41:28.0106 0x1a7c  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:41:28.0120 0x1a7c  WinUsb - ok
13:41:28.0153 0x1a7c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:41:28.0189 0x1a7c  Wlansvc - ok
13:41:28.0267 0x1a7c  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:41:28.0339 0x1a7c  wlidsvc - ok
13:41:28.0363 0x1a7c  [ E7F4937B613B1E4294100C9D4EFC36A9, E8C7EE623E5BEA179F0FC01AB90C129BD7F930A2ACC48D68D88534108BE0AF43 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
13:41:28.0370 0x1a7c  WmBEnum - ok
13:41:28.0391 0x1a7c  [ 6F6F2B263002B243D3501C7E6C8FC11D, EBC1C9936D35D9FD68E1A17A399759ACFB8B8BF57C179F8926D60CD11CEB8106 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
13:41:28.0399 0x1a7c  WmFilter - ok
13:41:28.0416 0x1a7c  [ 1584F8D5FDFE44C03DBA85A2106B937F, AABF84DD39E9F5547DD9721B37364EFB7FAB8EA14FA23688929ED649266FA86C ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
13:41:28.0424 0x1a7c  WmHidLo - ok
13:41:28.0443 0x1a7c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:41:28.0463 0x1a7c  WmiAcpi - ok
13:41:28.0492 0x1a7c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:41:28.0508 0x1a7c  wmiApSrv - ok
13:41:28.0530 0x1a7c  WMPNetworkSvc - ok
13:41:28.0539 0x1a7c  [ 52B4FCC6AFAEC0FFD80BDA63F9B140CD, 5C1BF49D78EFF9E642694255A08E951E7D25B27792CA9E4C06BD619986B55588 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
13:41:28.0547 0x1a7c  WmVirHid - ok
13:41:28.0556 0x1a7c  [ 395B3E7FBA81BDC4501641B3B2CF2E20, 8DED5B304111F6A21C1C2AFC50228B2A0BB0C20D737EE6F7E955C8CCF36FD702 ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
13:41:28.0565 0x1a7c  WmXlCore - ok
13:41:28.0580 0x1a7c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:41:28.0608 0x1a7c  WPCSvc - ok
13:41:28.0625 0x1a7c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:41:28.0662 0x1a7c  WPDBusEnum - ok
13:41:28.0673 0x1a7c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:41:28.0700 0x1a7c  ws2ifsl - ok
13:41:28.0722 0x1a7c  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\system32\wscsvc.dll
13:41:28.0765 0x1a7c  wscsvc - ok
13:41:28.0835 0x1a7c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:41:28.0909 0x1a7c  wuauserv - ok
13:41:28.0928 0x1a7c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:41:28.0973 0x1a7c  WudfPf - ok
13:41:28.0990 0x1a7c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:41:29.0022 0x1a7c  WUDFRd - ok
13:41:29.0038 0x1a7c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:41:29.0050 0x1a7c  wudfsvc - ok
13:41:29.0065 0x1a7c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:41:29.0095 0x1a7c  WwanSvc - ok
13:41:29.0123 0x1a7c  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
13:41:29.0132 0x1a7c  xusb21 - ok
13:41:29.0173 0x1a7c  ================ Scan global ===============================
13:41:29.0203 0x1a7c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:41:29.0230 0x1a7c  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
13:41:29.0242 0x1a7c  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
13:41:29.0265 0x1a7c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:41:29.0286 0x1a7c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:41:29.0295 0x1a7c  [ Global ] - ok
13:41:29.0295 0x1a7c  ================ Scan MBR ==================================
13:41:29.0304 0x1a7c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:41:29.0561 0x1a7c  \Device\Harddisk0\DR0 - ok
13:41:29.0561 0x1a7c  ================ Scan VBR ==================================
13:41:29.0563 0x1a7c  [ 50597CC12A24276DC9AE88E46DC3C4DA ] \Device\Harddisk0\DR0\Partition1
13:41:29.0634 0x1a7c  \Device\Harddisk0\DR0\Partition1 - ok
13:41:29.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:30.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:31.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:32.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:33.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:34.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:35.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:36.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:37.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:38.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:39.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:40.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:41.0634 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:42.0635 0x1a7c  Waiting for KSN requests completion. In queue: 106
13:41:43.0733 0x1a7c  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x40000 ( disabled : updated )
13:41:43.0747 0x1a7c  Win FW state via NFP2: disabled
13:41:46.0079 0x1a7c  ============================================================
13:41:46.0079 0x1a7c  Scan finished
13:41:46.0079 0x1a7c  ============================================================
13:41:46.0083 0x0638  Detected object count: 3
13:41:46.0083 0x0638  Actual detected object count: 3
13:41:55.0768 0x0638  acedrv07 ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:55.0769 0x0638  acedrv07 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:41:55.0769 0x0638  oem-drv64 ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:55.0769 0x0638  oem-drv64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:41:55.0770 0x0638  StkCMini ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:55.0770 0x0638  StkCMini ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:41:58.0881 0x171c  Deinitialize success
         

Alt 08.04.2014, 09:16   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.04.2014, 12:08   #8
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Hey,

Combofix gab keine Fehlermeldung hat alles funktioniert.



Code:
ATTFilter
ComboFix 14-04-08.01 - Administrator 08.04.2014  12:56:47.2.8 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.6135.4233 [GMT 2:00]
ausgeführt von:: c:\users\Administrator\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\Browser Guard\brOWserguard.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Templates\OdfAddInForOfficeSetup-de_4.0.5309.exe
c:\windows\SysWow64\is-HV454.tmp
c:\windows\SysWow64\tmp7B76.tmp
c:\windows\SysWow64\tmp7B77.tmp
c:\windows\SysWow64\tmpDFB9.tmp
c:\windows\SysWow64\tmpDFBA.tmp
c:\windows\SysWow64\tmpF493.tmp
c:\windows\SysWow64\tmpF4D3.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-08 bis 2014-04-08  ))))))))))))))))))))))))))))))
.
.
2014-04-08 11:03 . 2014-04-08 11:03	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-04-08 11:03 . 2014-04-08 11:03	--------	d-----w-	c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2014-04-08 11:03 . 2014-04-08 11:03	--------	d-----w-	c:\users\hedev\AppData\Local\temp
2014-04-08 11:03 . 2014-04-08 11:03	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-06 10:40 . 2012-06-01 05:16	191488	----a-w-	c:\windows\system32\iisRtl.dll
2014-04-06 10:40 . 2012-06-01 05:15	55296	----a-w-	c:\windows\system32\admwprox.dll
2014-04-06 10:40 . 2012-06-01 05:14	16896	----a-w-	c:\windows\system32\iisreset.exe
2014-04-06 10:40 . 2012-06-01 04:44	154624	----a-w-	c:\windows\SysWow64\iisRtl.dll
2014-04-06 10:40 . 2012-06-01 04:43	50688	----a-w-	c:\windows\SysWow64\admwprox.dll
2014-04-06 10:40 . 2012-06-01 05:17	14848	----a-w-	c:\windows\system32\wamregps.dll
2014-04-06 10:40 . 2012-06-01 05:16	11264	----a-w-	c:\windows\system32\iisrstap.dll
2014-04-06 10:40 . 2012-06-01 05:15	60928	----a-w-	c:\windows\system32\ahadmin.dll
2014-04-06 10:40 . 2012-06-01 04:47	10752	----a-w-	c:\windows\SysWow64\wamregps.dll
2014-04-06 10:40 . 2012-06-01 04:44	8192	----a-w-	c:\windows\SysWow64\iisrstap.dll
2014-04-06 10:40 . 2012-06-01 04:43	26624	----a-w-	c:\windows\SysWow64\ahadmin.dll
2014-04-06 10:40 . 2012-06-01 04:42	15360	----a-w-	c:\windows\SysWow64\iisreset.exe
2014-04-05 20:31 . 2014-04-05 20:32	--------	d-----w-	C:\FRST
2014-04-05 19:29 . 2014-04-07 11:39	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-04-05 19:29 . 2014-04-07 11:15	119000	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-05 19:27 . 2014-04-07 11:06	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-05 19:25 . 2014-04-05 19:25	--------	d-----w-	c:\users\Administrator\AppData\Roaming\DigitalSites
2014-04-05 19:02 . 2014-04-05 20:29	--------	d-----w-	c:\program files (x86)\Overwolf
2014-04-05 12:57 . 2014-04-05 12:57	--------	d-----w-	c:\program files\config
2014-04-05 12:55 . 2014-04-05 12:55	--------	d-----w-	c:\program files (x86)\Teamspeak2_RC2
2014-04-05 12:51 . 2014-04-05 13:35	--------	d-----w-	c:\users\Administrator\AppData\Local\TeamSpeak 3 Client
2014-04-05 12:46 . 2014-04-05 20:26	--------	d-----w-	c:\users\Administrator\AppData\Local\Overwolf
2014-04-05 12:43 . 2014-04-08 10:40	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2014-04-05 12:43 . 2014-04-05 12:43	--------	d-----w-	c:\windows\SysWow64\BestPractices
2014-04-05 12:43 . 2014-04-05 12:43	--------	d-----w-	c:\windows\SUA
2014-04-05 12:42 . 2014-04-05 12:42	--------	d-----w-	c:\windows\system32\msmq
2014-04-05 12:42 . 2014-04-05 12:42	--------	d-----w-	c:\windows\system32\BestPractices
2014-04-05 12:42 . 2014-04-05 12:42	--------	d-----w-	C:\inetpub
2014-04-05 12:31 . 2014-04-06 11:31	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2014-03-19 17:10 . 2014-03-19 17:10	--------	d-----w-	c:\program files\Microsoft Xbox 360 Accessories
2014-03-18 16:15 . 2014-03-18 20:46	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-06 18:59 . 2012-06-25 03:35	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-06 18:59 . 2011-07-14 20:20	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-19 01:33 . 2010-05-03 19:42	90015360	----a-w-	c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35	1727176	----a-w-	c:\program files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35	1727176	----a-w-	c:\program files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35	1727176	----a-w-	c:\program files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-03-25 385024]
"Octoshape Streaming Services"="c:\users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]
"BackgroundContainer"="c:\users\Administrator\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" [2013-11-06 319264]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-20 689744]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-10-08 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-15 152392]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallDeleteDir"="rmdir" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"facemoods"="c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe"  /DoAction
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" blrun
"ROC_ROC_JULY_P1"="c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe;c:\program files\CyberGhost VPN\CGVPNCliService.exe [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 INIDVD;Initio USB DVD Filter Driver;c:\windows\system32\DRIVERS\inidvd.sys;c:\windows\SYSNATIVE\DRIVERS\inidvd.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys;c:\windows\SYSNATIVE\DRIVERS\mvvideodemo.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam;c:\windows\system32\Drivers\StkCMini.sys;c:\windows\SYSNATIVE\Drivers\StkCMini.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 oem-drv64;OEM-SLP2.1 Driver (HPD64);c:\windows\system32\DRIVERS\oem-drv64.sys;c:\windows\SYSNATIVE\DRIVERS\oem-drv64.sys [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys;c:\windows\SYSNATIVE\DRIVERS\Soluto.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys;c:\windows\SYSNATIVE\drivers\dokan.sys [x]
S2 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe;c:\program files\Soluto\SolutoLauncherService.exe [x]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe;c:\program files\Soluto\SolutoService.exe [x]
S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe;c:\windows\SYSNATIVE\StkCSrv.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys;c:\windows\SYSNATIVE\drivers\psxdrv.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 11:29	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:26	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 18:59]
.
2014-04-07 c:\windows\Tasks\Digital Sites.job
- c:\users\ADMINI~1\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12 14:10]
.
2014-04-02 c:\windows\Tasks\DLL-Files FixerASKUSER.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-12-19 13:44]
.
2014-03-05 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-12-19 13:44]
.
2014-04-05 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-12-19 13:44]
.
2014-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18 11:09]
.
2014-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18 11:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:30	2331336	----a-w-	c:\program files\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:30	2331336	----a-w-	c:\program files\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:30	2331336	----a-w-	c:\program files\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-17 190472]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"LogiScrollApp"="c:\program files\Logitech\FlowScroll\KhalScroll.exe" [2012-02-08 166680]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 219.83.62.50:8080
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = 
IE: An OneNote s&enden - c:\program files\Microsoft Office\Office15\ONBttnIE.dll/105
IE: Free YouTube to Mp3 Converter - c:\users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\program files\Microsoft Office\Office15\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\program files (x86)\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&CUI=UN72286315531286267&UM=2&SearchSource=3&q={searchTerms}&sspv=TB_TNI
FF - prefs.js: browser.search.selectedEngine - Freemium DE Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3311336&octid=CT3311336&SearchSource=61&CUI=UN72286315531286267&UM=2&UP=SP71C9EC9F-E26C-4D53-B6C0-0DCEA6D0D9AA&sspv=TB_TNI
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&SearchSource=2&CUI=UN72286315531286267&UM=2&sspv=TB_TNI&q=
FF - ExtSQL: !HIDDEN! 2012-04-16 08:46; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{5786d022-540e-4699-b350-b4be0ae94b79} - (no file)
BHO-{02a0d829-4393-46fc-a37e-126263035883} - c:\program files (x86)\Browser Guard\browserguard.dll
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-DS3 Tool - c:\program files\MotioninJoy\ds3\DS3_Tool.exe
Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe
Toolbar-10 - (no file)
AddRemove-PunkBusterSvc - c:\program files (x86)\Electronic Arts\Battlefield 4 Beta\pbsvc.exe
AddRemove-PlanetSide 2 PSG - c:\users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\Uninstaller.exe
AddRemove-UnityWebPlayer - c:\users\Administrator\AppData\Local\Unity\WebPlayer\Uninstall.exe
AddRemove-VisualBee for Microsoft PowerPoint - c:\users\Administrator\AppData\Local\VisualBeeExe\uninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}"=hex:51,66,7a,6c,4c,1d,3b,1b,ef,76,75,
   c4,b8,8b,c3,0d,84,8d,bd,f4,d4,29,f4,d1
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,82,9c,
   87,1c,16,b6,0c,81,df,83,da,6a,ab,3b,a7
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,3b,1b,28,cd,f8,
   31,75,0a,f2,0f,ac,be,4b,37,f9,41,27,20
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,21,39,
   52,8f,3b,11,02,88,fd,a2,87,04,76,3f,6e
"{11111111-1111-1111-1111-110311721112}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0b,05,
   0e,20,43,7a,54,09,19,4e,5f,10,31,57,09
"{338A754C-B46E-4BF2-8AC8-23DE36862AD3}"=hex:51,66,7a,6c,4c,1d,38,12,22,76,99,
   37,5c,fa,9c,0e,f5,de,60,9e,33,d8,6e,c7
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,e7,f5,b9,ca,47,ee,4b,81,89,97,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b9,f0,52,33,99,60,24,4b,91,52,27,\
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.001\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\7zFM.exe"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\vlc.exe"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.7z\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\7z.exe"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AIF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.aif"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.aifc"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.aiff"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AU\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_avi_file"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.cda"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.cdda"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cpt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\photoviewer.dll"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dat\UserChoice]
@Denied: (2) (Administrator)
"Progid"="NeroShowTime.Files9.dat"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.div\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_div_file"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_divx_file"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\notepad.exe"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Document.8"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.DocumentMacroEnabled.12"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Document.12"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Template.8"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.TemplateMacroEnabled.12"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Template.12"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.IFO\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PDVD10IFOfile"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ipa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.ipa"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ipg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.ipg"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ipsw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.ipsw"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itdb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.itdb"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ite\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.ite"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.itl"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itlp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.itlp"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itls\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.itls"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.itms"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itpc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.itpc"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.key\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\avp.exe"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.m3u"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u8\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.m3u8"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.m4a"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4b\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.m4b"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4p\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.m4p"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4r\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.m4r"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.m4v"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MID\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_mkv_file"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOV\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.mp2"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.mp3"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPG\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nfo\UserChoice]
@Denied: (2) (Administrator)
"Progid"="nfo_auto_file"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Excel.OpenDocumentSpreadsheet.12"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcast\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.pcast"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.pls"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RMI\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RMX\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PDVD10RMXfile"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.RTF.8"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_tix_file"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PDVD10VOBfile"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WAV\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.wav"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wave\UserChoice]
@Denied: (2) (Administrator)
"Progid"="iTunes.wave"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbk\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Backup.8"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wiz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Wizard.8"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WMA\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WMV\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.XDL\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PDVD10XDLfile"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\Software\SecuROM\License information*]
"datasecu"=hex:76,9b,6b,0e,56,98,6e,23,c8,0f,1a,09,cd,29,f7,17,af,a1,3b,3b,15,
   b5,5e,ce,3f,6d,c2,08,8e,cf,0e,3d,43,ac,3a,6b,ef,b0,c9,f2,34,d2,e2,3c,d1,c9,\
"rkeysecu"=hex:c0,ac,ce,a3,a6,8a,c6,46,60,b3,83,a8,a9,ca,ac,2a
.
[HKEY_USERS\S-1-5-21-466614843-1103789956-2564716473-500\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\DirectInput\VID_0079&PID_0006\Calibration\0\Type\Axes]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{722b3793-5367-4446-b6bb-db89b05c1f24}\LocalServer32]
@DACL=(02 0000)
@=expand:"%SystemRoot%\\System32\\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {722b3793-5367-4446-b6bb-db89b05c1f24}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-08  13:05:46
ComboFix-quarantined-files.txt  2014-04-08 11:05
.
Vor Suchlauf: 32 Verzeichnis(se), 106.547.601.408 Bytes frei
Nach Suchlauf: 35 Verzeichnis(se), 106.161.688.576 Bytes frei
.
- - End Of File - - 9C39A13E25115D3D9203C2225FD162B9
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 09.04.2014, 08:29   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.04.2014, 10:45   #10
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 09.04.2014
Suchlauf-Zeit: 11:35:55
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.09.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Administrator

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 349980
Verstrichene Zeit: 33 Min, 26 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 5
PUP.Optional.Conduit.A, HKU\S-1-5-21-466614843-1103789956-2564716473-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF, , [8d730ef258a80ff1c858523c9f64b050], 
PUP.Optional.ValueApps.A, HKU\S-1-5-21-466614843-1103789956-2564716473-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, , [b24e17e9db25ce32785c4f23679b7c84], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-466614843-1103789956-2564716473-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [a45c02fe87795ea24a13a4cecc366b95], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-466614843-1103789956-2564716473-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [14ecad53a45c1ee2debcaade3cc74db3], 
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IECT3311336, , [d42cc23e37c9c83813d873e42ad8b34d], 

Registrierungswerte: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-466614843-1103789956-2564716473-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R0DtO0U1C1S1U1StR0J1Q2P1J1K1I2R, , [14ecad53a45c1ee2debcaade3cc74db3]
PUP.Optional.Conduit, HKU\S-1-5-21-466614843-1103789956-2564716473-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BackgroundContainer, "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Administrator\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun, , [d92727d93ec247b923adc1d5bf44649c]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 5
PUP.Optional.Conduit.A, C:\PROGRAMDATA\Conduit\IE, , [d42cc23e37c9c83813d873e42ad8b34d], 
PUP.Optional.Conduit.A, C:\PROGRAMDATA\Conduit\IE\CT3311336, , [d42cc23e37c9c83813d873e42ad8b34d], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VISUALBEECLIENT, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VISUALBEECLIENT\Domain, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VISUALBEECLIENT\LocalDB, , [7888aa56619f7c845aa2ed6bc33f916f], 

Dateien: 705
PUP.Optional.Somoto.A, C:\Users\Administrator\Local Settings\Application Data\Bundled software uninstaller\biclient.exe, , [db2542be659b5ea222ce60b02ad7cc34], 
PUP.Optional.Conduit.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\searchplugins\conduit.xml, , [13ed4fb1ea1630d09e87aabda85a5ba5], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [37c904fcce329c642ce9016bcf3309f7], 
PUP.Optional.Conduit, C:\Windows\System32\Tasks\BackgroundContainer Startup Task, , [24dc06fa10f089779d8e771c53b0b749], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3311336\configutaion.json, , [d42cc23e37c9c83813d873e42ad8b34d], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3311336\SetupIcon.ico, , [d42cc23e37c9c83813d873e42ad8b34d], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3311336\UninstallerUI.exe, , [d42cc23e37c9c83813d873e42ad8b34d], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 colors 01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 colors 01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 colors 01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 06_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 06_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 07_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 07_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 07_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 08_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 08_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 08_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_6frame_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_6frame_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_6frame_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_blue_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_blue_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_blue_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_book_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_book_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_chinesepaper_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_chinesepaper_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_chinesepaper_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_greenstars_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_greenstars_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_greenstars_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_majestic_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_majestic_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_majestic_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_paperback_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_paperback_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_paperback_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_pareeca_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_pareeca_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_pink_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_pink_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_pink_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_spirala_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_spirala_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_spirala_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\BaloonGirl_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\BaloonGirl_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\BaloonGirl_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ChineseDoll_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ChineseDoll_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ChineseDoll_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Christmas1_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Christmas1_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Christmas2_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Christmas2_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Christmas2_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\3 Colors 06_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_book_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Analogue_pareeca_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Christmas1_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Composite_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Paper_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Classic_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Ornament_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_B_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Plants_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PaymentPanel-Buy2.png, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_10_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_16_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics06_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics06_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Comics06_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Angles_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Angles_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Angles_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Apo_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Apo_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Apo_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_BlackTie_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_BlackTie_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_BlackTie_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Composite_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Composite_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Elemental_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Elemental_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Elemental_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_gray_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_gray_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_gray_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Horizon_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Horizon_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Horizon_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Newspaper_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Newspaper_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Newspaper_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Paper_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Paper_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Technic_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Technic_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Technic_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Verve_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Verve_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Flashy_Colours_Verve_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Bubbles_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Bubbles_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Bubbles_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Classic_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Classic_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Desert_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Desert_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Desert_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Earth_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Earth_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Earth_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Flower_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Flower_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Flower_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Leaves_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Leaves_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Leaves_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Ornament_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Ornament_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Sky_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Sky_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Sky_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Sport_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Sport_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Sport_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Urban_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Urban_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Guga_Urban_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\HandShake_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\HandShake_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\HandShake_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_A_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_A_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_A_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_B_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_B_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_C_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_C_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_C_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_D_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_D_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Large_title_D_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\logo.png, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark 05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Flowers_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Flowers_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Flowers_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Paper_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Paper_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Paper_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Plants_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Plants_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Sand_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Sand_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Sand_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Stars_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Stars_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Stars_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Waves_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Waves_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Mono Dark Waves_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_Female_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_Female_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_Female_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_Guy_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_Guy_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_Guy_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_SCI_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplates_3M_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplate_Background.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\myTemplate_Button.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Painting_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Painting_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Painting_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PaymentPanel-Background.png, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PaymentPanel-Background_v35.png, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PaymentPanel-Buy1.png, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PaymentPanel-Buy3.png, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_travl_01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_travl_01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_travl_01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_travl_06_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_travl_06_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_travl_06_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_06_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_06_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_06_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_08_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_08_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legal_03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legl_04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legl_04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_legl_04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_medc_03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_medc_03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_sport_05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_tech_03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_tech_03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_travl_05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PurpleButterfly_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PurpleButterfly_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PurpleButterfly_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\RedHeadCalling_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\RedHeadCalling_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ShipsComing_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ShipsComing_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ShipsComing_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Simple 04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\SunFlower_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\SunFlower_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T105_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T105_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T105_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T107_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T107_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T107_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T109_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T109_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T109_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T115_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T115_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T115_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T116_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T116_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T116_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T119_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T119_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T120_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T120_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T120_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T121_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T121_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T121_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T202_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T202_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T202_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T203_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T203_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T203_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T205_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T205_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T205_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T207_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T207_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T211_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T211_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T211_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T213_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T213_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T213_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T218_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T218_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T218_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T219_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T219_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T219_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T220_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T220_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T220_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T301_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T301_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T302_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T302_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T302_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T303_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T303_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T303_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T304_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T304_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T304_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T305_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T305_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T305_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T306_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T306_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T306_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T307_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T307_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T308_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T308_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T308_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T309_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T309_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T309_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T311_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T311_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T311_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T312_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T312_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T312_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T313_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T313_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T313_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T314_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T314_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T316_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T316_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T316_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T317_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T317_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T317_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T318_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T318_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T318_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T319_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T319_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T319_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T320_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T320_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T320_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T322_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T322_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T324_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T324_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T324_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T325_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T325_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T325_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T326_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T326_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T326_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T327_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T327_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T327_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Teenage_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Teenage_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Teenage_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp03_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp04_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp04_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp04_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp05_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp05_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp05_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp06_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp06_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp07_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp07_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp07_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp08_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp08_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp08_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp09_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp09_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp09_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp10_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp10_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp10_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp11_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp11_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp11_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp12_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp12_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp13_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp13_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp13_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp14_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp14_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp14_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp15_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp15_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp15_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp16_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp16_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp16_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp17_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp17_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp17_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp18_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp18_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp19_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp19_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp19_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp20_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp20_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp20_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11A_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11A_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11A_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11B_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11B_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11B_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11C_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11C_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11D_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11D_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11D_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11E_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11E_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11E_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11F_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11F_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11F_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11G_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11G_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11G_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11H_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11H_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11H_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11I_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_educ_08_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_medc_03_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Pp_tech_03_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\RedHeadCalling_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\SunFlower_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T119_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T207_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T301_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T307_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T314_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\T322_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp06_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp12_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ThinkUp18_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11C_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11I_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\VisualBeeLogo.png, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y103_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y319_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11I_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11J_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11J_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11J_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11K_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11K_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11K_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11L_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11L_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11L_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11M_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11M_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11M_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11N_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11N_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Typo11N_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WatchingTheSea_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WatchingTheSea_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WatchingTheSea_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Watching_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Watching_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Watching_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WeddingSoon_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WeddingSoon_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WeddingSoon_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WindGirl_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WindGirl_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\WindGirl_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y101_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y101_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y101_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y103_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y103_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y305_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y305_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y305_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y306_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y306_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y306_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y307_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y307_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y307_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y308_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y308_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y308_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y312_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y312_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y312_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y319_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y319_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y323_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y323_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y323_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y324_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y324_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y324_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y327_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y327_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y327_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y330_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y330_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y330_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y332_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y332_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y332_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y333_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y333_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y333_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y335_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y335_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y335_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y336_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y336_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\Y336_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_06_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_06_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_06_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_07_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_07_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_07_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_08_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_08_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_08_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_09_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_09_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_09_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_10_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_10_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_11_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_11_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_11_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_12_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_12_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_12_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_13_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_13_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_13_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_15_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_15_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_15_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_16_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_16_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_17_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_17_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_17_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_18_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_18_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_18_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_19_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_19_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_19_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_20_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_20_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppA_Classic_20_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppD_Classic_14_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppD_Classic_14_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\ppD_Classic_14_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_educ_07_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_educ_07_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_educ_07_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_medc_01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_medc_01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_medc_01_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_medc_02_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_medc_02_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_medc_02_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_sport_06_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_sport_06_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_sport_06_thumb.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_01_smart.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\Domain\PpD_techPp_01_text.jpg, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\checksum.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\Layouts.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\LayoutsSchema.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\PublicImages.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\PublicImagesKeywords.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\PublicImagesKeywordsSchema.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\PublicImagesSchema.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\Schemes.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\SchemesSchema.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\Slides.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\SlidesKeywords.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\SlidesKeywordsSchema.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Visualbee, C:\Users\Administrator\AppData\Local\VisualBeeClient\LocalDB\SlidesSchema.vdb, , [7888aa56619f7c845aa2ed6bc33f916f], 
PUP.Optional.Babylon.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (   "homepage": "hxxp://search.babylon.com/?affID=109958&tt=010712_7&babsrc=HP_ss&mntrId=4e8b3082000000000000485b391de0c0",), ,[2ad6fc0409f7ae522412c184ec18a25e]
PUP.Optional.Conduit.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3311336&octid=CT3311336&SearchSource=61&CUI=UN72286315531286267&UM=2&UP=SP71C9EC9F-E26C-4D53-B6C0-0DCEA6D0D9AA&sspv=TB_TNI");), ,[39c7ae525ea21ce4e4e887bd41c33bc5]
PUP.Optional.Conduit.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&SearchSource=2&CUI=UN72286315531286267&UM=2&sspv=TB_TNI&q=");), ,[41bf0bf516eaf907c24560e5c83c1be5]
PUP.Optional.Conduit.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&CUI=UN72286315531286267&UM=2&SearchSource=3&q={searchTerms}&sspv=TB_TNI");), ,[33cd52ae3ec2ea16829aec5918ec5ea2]

Physische Sektoren: 0
(No malicious items detected)


(end)
         



Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 09/04/2014 um 12:10:40
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate  (64 bits)
# Benutzername : Administrator - FIFU-PC
# Gestartet von : C:\Users\Administrator\Downloads\adwcleaner (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\Freemium_DE
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Program Files\SoftwareUpdater
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Software_Updater
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\SoftwareUpdater
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\GutscheinCodes
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\Freemium_DE
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Administrator\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\CT3311336
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{e66f4171-0f28-4599-a595-58b840522f7e}
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jopemfhojpebdeollanchfjhpbkcijoi
Datei Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\Digital Sites.job
Datei Gelöscht : C:\Windows\System32\Tasks\Digital Sites
Datei Gelöscht : C:\Windows\System32\Tasks\FreeDriverScout
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\jopemfhojpebdeollanchfjhpbkcijoi
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jopemfhojpebdeollanchfjhpbkcijoi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GutscheinCodes.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3311336
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E871EFD1-2572-4BFC-937D-F2D90EB13C94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E871EFD1-2572-4BFC-937D-F2D90EB13C94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B23D42-4A89-4D55-B13D-F8740C4E3B3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{922F8BEE-887F-43CC-94BE-F7A6330A9108}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Freemium_DE
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\Freemium_DE
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267


-\\ Mozilla Firefox v18.0 (en-US)

[ Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\prefs.js ]

Zeile gelöscht : user_pref("CT3311336.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3311336.UserID", "UN72286315531286267");
Zeile gelöscht : user_pref("CT3311336.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3311336.fullUserID", "UN72286315531286267.IN.20131125141126");
Zeile gelöscht : user_pref("CT3311336.installDate", "25/11/2013 14:11:27");
Zeile gelöscht : user_pref("CT3311336.installSessionId", "{11E5F21E-7650-441D-90CF-38FAD137C36D}");
Zeile gelöscht : user_pref("CT3311336.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3311336.installerVersion", "1.8.1.4");
Zeile gelöscht : user_pref("CT3311336.keyword", "true");
Zeile gelöscht : user_pref("CT3311336.originalHomepage", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-100&v=a9397-135&t=4");
Zeile gelöscht : user_pref("CT3311336.originalSearchAddressUrl", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=100&systemid=473&v=a9397-135&apn_dtid=BND473&apn_ptnrs=AG1&apn_uid=4364009910184243&o=APN10640&q=");
Zeile gelöscht : user_pref("CT3311336.originalSearchEngine", "Ask.com");
Zeile gelöscht : user_pref("CT3311336.originalSearchEngineName", "Ask.com");
Zeile gelöscht : user_pref("CT3311336.searchRevert", "true");
Zeile gelöscht : user_pref("CT3311336.searchUninstallUserMode", "2");
Zeile gelöscht : user_pref("CT3311336.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3311336.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3311336.toolbarInstallDate", "25-11-2013 14:11:27");
Zeile gelöscht : user_pref("CT3311336.versionFromInstaller", "10.23.0.172");
Zeile gelöscht : user_pref("CT3311336.xpeMode", "0");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=100&systemid=473&v=a9397-135&apn_dtid=BND473&apn_ptnrs=AG1&apn_uid=4364009910184243&o=APN10640&q="[...]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Freemium DE Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "Freemium DE Customized Web Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Freemium DE Customized Web Search");
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3311336");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3311336&CUI=UN72286315531286267&UM=2&SearchSource=13&sspv=TB_TNI,hxxp://search.conduit.com/?ctid=CT3311336&octid=CT3311336&[...]
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3311336&SearchSource=2&CUI=UN72286315531286267&UM=2&sspv=TB_TNI&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3311336");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3311336");
Zeile gelöscht : user_pref("smartbar.machineId", "PCZ0PB/HFTY5C+ID4CRL8HBGNQRBDGSNQWVLM5T8GSMOEA9YSCPEBRPZQU6XHAFQWGH0TRBROAFBTIM19CCGXG");
Zeile gelöscht : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3311336&CUI=UN72286315531286267&UM=2&SearchSource=13&sspv=TB_TNI");

-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

*************************

AdwCleaner[R0].txt - [48314 octets] - [14/11/2013 18:13:00]
AdwCleaner[R1].txt - [8697 octets] - [09/04/2014 12:09:21]
AdwCleaner[S0].txt - [47067 octets] - [14/11/2013 18:14:09]
AdwCleaner[S1].txt - [8444 octets] - [09/04/2014 12:10:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8504 octets] ##########
         



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by Administrator on 09.04.2014 at 12:26:28,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-466614843-1103789956-2564716473-500\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\covus freemium gmbh
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355725512}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355725512}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskToolbarNRO_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskToolbarNRO_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF85CA8F-C78E-44AB-AF1D-0405A97DB86D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}



~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\Users\Administrator\AppData\Roaming\dll-files.com"
Failed to delete: [Folder] "C:\Program Files (x86)\dll-files.com fixer"
Successfully deleted: [Folder] "C:\Program Files (x86)\red kawa"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\tgi1zjay.default\prefs.js

user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.04.2014 at 12:28:42,45
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Geändert von rudak (09.04.2014 um 11:31 Uhr)

Alt 09.04.2014, 11:35   #11
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



und das frische FRST noch.



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by Administrator (administrator) on FIFU-PC on 09-04-2014 12:33:15
Running from C:\Users\Administrator\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\psxss.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Soluto) c:\program files\soluto\soluto.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Octoshape ApS) C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190472 2009-09-17] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [LogiScrollApp] - C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [5889816 2011-12-07] (Logitech Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-03-25] (AMD)
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [Octoshape Streaming Services] - C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [70936 2009-01-08] (Octoshape ApS)
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [ISUSPM Startup] - C:\program files (x86)\common files\installshield\updateservice\isuspm.exe [221184 2004-06-14] (InstallShield Software Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: 219.83.62.50:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x09F8B1D0F9F7CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @powerchallenge.com/PowerLoader - C:\Users\ADMINI~1\AppData\LocalLow\PowerChallenge\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\Administrator\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Administrator\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Administrator\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\searchplugins\searchplugins-backup
FF Extension: Разпознаване на устройство Logitech - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\DeviceDetection@logitech.com [2010-09-23]
FF Extension: FIFA Online Web Launcher - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\eafo3fflauncher@ea.com [2010-08-28]
FF Extension: TVU Web Player - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\firefox@tvunetworks.com [2010-06-26]
FF Extension: Simple Dyyno Launcher - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\NPDyyno@dyyno.com [2010-05-04]
FF Extension: StumbleUpon - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\toolbar@stumbleupon.com [2012-07-10]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-04]
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-08-19]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2011-07-21]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-05-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi [2013-08-27]
FF HKCU\...\Firefox\Extensions: [{E0CC257A-4D42-4ED7-AFAF-0AE6422F60D0}] - C:\Program Files (x86)\Copernic Desktop Search - Home\Firefox36Connector
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-16]

Chrome: 
=======
CHR HomePage: hxxp://search.babylon.com/?affID=109958&tt=010712_7&babsrc=HP_ss&mntrId=4e8b3082000000000000485b391de0c0
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-18]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-18]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-18]
CHR Extension: (Google-Suche) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-18]
CHR Extension: (The Godfather: Five Families) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl [2011-10-30]
CHR Extension: (Logitech Flow Scroll) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi [2013-12-18]
CHR Extension: (Browser Guard) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfepagcelbegkpkcjgfeecmlnmkedjin [2013-12-18]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-12-18]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Docs Viewer für PDF/PowerPoint (von Google)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2012-10-14]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-12-18]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-01-06]
CHR Extension: (Google Mail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-18]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Administrator\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-02]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\ADMINI~1\AppData\Local\Temp\tbch.crx [2012-11-02]
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2012-04-16]
CHR HKLM-x32\...\Chrome\Extension: [kfepagcelbegkpkcjgfeecmlnmkedjin] - C:\Program Files (x86)\Browser Guard\browserguard.crx [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
S3 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
S3 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-03-08] (Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
S3 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-10-14] ()
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-07] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2009-07-14] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2009-07-14] (Microsoft Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182840 2012-11-21] (Soluto)
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2007-03-29] (Syntek America Inc.)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
S3 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1621800 2012-08-11] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-14] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\ADMINI~1\AppData\Local\Temp\7zS663B\hpslpsvc64.dll [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2012-03-10] ()
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S1 Beep; No ImagePath
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
S3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [18328 2010-04-09] (Initio Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-09] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [14336 2010-06-03] (secr9tos)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-24] (Duplex Secure Ltd.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1352832 2007-05-10] (Syntek)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz132; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 mvvideodemo; system32\DRIVERS\mvvideodemo.sys [X]
U4 RemoteRegistry; 
S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X]
U4 W32Time; %SystemRoot%\system32\svchost.exe -k LocalService
U4 WerSvc; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-09 12:28 - 2014-04-09 12:28 - 00003241 _____ () C:\Users\Administrator\Desktop\JRT.txt
2014-04-09 12:27 - 2014-04-09 12:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\dll-files.com
2014-04-09 12:22 - 2014-04-09 12:22 - 00000000 ____D () C:\Windows\ERUNT
2014-04-09 11:36 - 2014-04-09 11:36 - 00106345 _____ () C:\Users\Administrator\Desktop\mbam2.txt
2014-04-09 11:35 - 2014-04-09 11:35 - 00106344 _____ () C:\Users\Administrator\Desktop\mbam.txt
2014-04-09 11:10 - 2014-04-09 11:11 - 01016261 _____ (Thisisu) C:\Users\Administrator\Downloads\JRT.exe
2014-04-09 11:10 - 2014-04-09 11:10 - 01426178 _____ () C:\Users\Administrator\Downloads\adwcleaner (1).exe
2014-04-09 11:01 - 2014-04-09 11:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-09 11:01 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 11:00 - 2014-04-09 11:00 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-08 13:05 - 2014-04-08 13:05 - 00050580 _____ () C:\ComboFix.txt
2014-04-08 12:54 - 2014-04-08 13:05 - 00000000 ____D () C:\Qoobox
2014-04-08 12:54 - 2014-04-08 13:05 - 00000000 ____D () C:\ComboFix
2014-04-08 12:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-08 12:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-08 12:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-08 12:53 - 2014-04-08 12:53 - 05194596 ____R (Swearware) C:\Users\Administrator\Downloads\ComboFix.exe
2014-04-07 13:15 - 2014-04-07 13:15 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009 (2).exe
2014-04-07 13:13 - 2014-04-07 13:13 - 04118888 _____ () C:\Users\Administrator\Downloads\tdsskiller.zip
2014-04-07 13:13 - 2014-04-07 13:13 - 00000000 ____D () C:\Users\Administrator\Downloads\tdsskiller
2014-04-07 13:12 - 2014-04-07 13:12 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Administrator\Downloads\tdsskiller.exe
2014-04-07 13:05 - 2014-04-07 13:06 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009 (1).exe
2014-04-06 12:48 - 2014-04-06 12:48 - 00056957 _____ () C:\Users\Administrator\Downloads\FRST (1).txt
2014-04-06 12:40 - 2012-06-01 07:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-04-06 12:40 - 2012-06-01 07:16 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-04-06 12:40 - 2012-06-01 07:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-04-06 12:40 - 2012-06-01 07:15 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-04-06 12:40 - 2012-06-01 07:15 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-04-06 12:40 - 2012-06-01 07:14 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-04-06 12:40 - 2012-06-01 06:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-04-06 12:40 - 2012-06-01 06:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-04-06 12:40 - 2012-06-01 06:44 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-04-06 12:40 - 2012-06-01 06:43 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-04-06 12:40 - 2012-06-01 06:43 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-04-06 12:40 - 2012-06-01 06:42 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-04-05 22:32 - 2014-04-05 22:32 - 00081600 _____ () C:\Users\Administrator\Desktop\Addition.txt
2014-04-05 22:32 - 2014-04-05 22:32 - 00056957 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-04-05 22:31 - 2014-04-09 12:33 - 00000000 ____D () C:\FRST
2014-04-05 22:31 - 2014-04-09 12:33 - 00000000 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-05 22:31 - 2014-04-05 22:32 - 00081600 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-05 22:21 - 2014-04-05 22:21 - 00000668 _____ () C:\Users\Administrator\Downloads\defogger_disable.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00000188 _____ () C:\Users\Administrator\defogger_reenable
2014-04-05 22:20 - 2014-04-05 22:20 - 02157056 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00380416 _____ () C:\Users\Administrator\Downloads\Gmer-19357.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00050477 _____ () C:\Users\Administrator\Downloads\Defogger.exe
2014-04-05 22:19 - 2014-04-05 22:19 - 00000704 _____ () C:\Users\Administrator\Desktop\Ereignisse.txt
2014-04-05 21:29 - 2014-04-09 11:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 21:29 - 2014-04-07 13:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-05 21:27 - 2014-04-07 13:39 - 00000000 ____D () C:\Users\Administrator\Desktop\mbar
2014-04-05 21:27 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 21:26 - 2014-04-05 21:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009.exe
2014-04-05 21:02 - 2014-04-05 22:29 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-05 21:02 - 2014-04-05 21:02 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (2).exe
2014-04-05 15:35 - 2014-04-05 21:01 - 00000000 ____D () C:\Users\Administrator\Desktop\TS3
2014-04-05 14:55 - 2014-04-05 14:55 - 00000954 _____ () C:\Users\Administrator\Desktop\Teamspeak 2 RC2.lnk
2014-04-05 14:55 - 2014-04-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Teamspeak2_RC2
2014-04-05 14:54 - 2014-04-05 14:54 - 05862994 _____ () C:\Users\Administrator\Downloads\ts2_client_rc2_2032.exe
2014-04-05 14:51 - 2014-04-05 15:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\TeamSpeak 3 Client
2014-04-05 14:46 - 2014-04-05 22:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Overwolf
2014-04-05 14:43 - 2014-04-06 20:17 - 00047286 _____ () C:\Windows\iis7.log
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SUA
2014-04-05 14:42 - 2014-04-05 14:42 - 00000862 _____ () C:\Windows\system32\termcap
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\inetpub
2014-04-05 14:33 - 2014-04-05 14:33 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (1).exe
2014-04-05 14:31 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-05 14:28 - 2014-04-05 14:28 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14.exe
2014-04-05 14:26 - 2014-04-05 14:26 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-03 21:40 - 2014-04-03 21:42 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part3.rar
2014-04-03 21:40 - 2014-04-03 21:42 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part2.rar
2014-04-03 21:40 - 2014-04-03 21:42 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part1.rar
2014-04-03 21:40 - 2014-04-03 21:40 - 41368249 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part4.rar
2014-04-03 21:38 - 2014-04-03 21:38 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part5.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part4.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part3.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part2.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part1.rar
2014-04-03 21:35 - 2014-04-03 21:36 - 09590883 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part6.rar
2014-04-03 21:35 - 2014-04-03 21:35 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11
2014-04-03 21:33 - 2014-04-03 21:34 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part4.rar
2014-04-03 21:33 - 2014-04-03 21:34 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part3.rar
2014-04-03 21:33 - 2014-04-03 21:34 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part2.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 94680553 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part5.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part1.rar
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\homeland.s03e04
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\home.s03e05
2014-04-02 18:00 - 2014-04-02 18:03 - 209715200 _____ () C:\Users\Administrator\Downloads\home.s03e05.part1.rar
2014-04-02 18:00 - 2014-04-02 18:02 - 209715200 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part1.rar
2014-04-02 18:00 - 2014-04-02 18:02 - 156306278 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part2.rar
2014-04-02 18:00 - 2014-04-02 18:02 - 147203437 _____ () C:\Users\Administrator\Downloads\home.s03e05.part2.rar
2014-04-01 20:15 - 2014-04-01 20:15 - 00000643 _____ () C:\Windows\KB942288-v3.log
2014-04-01 19:38 - 2014-04-01 19:38 - 62404320 _____ (Ubisoft) C:\Users\Administrator\Downloads\UplayInstaller.exe
2014-03-27 14:33 - 2014-03-27 14:33 - 00001471 _____ () C:\Users\Public\Desktop\SimCity.lnk
2014-03-27 14:10 - 2014-03-27 14:15 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part1.rar
2014-03-27 14:10 - 2014-03-27 14:14 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part3.rar
2014-03-27 14:10 - 2014-03-27 14:14 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part2.rar
2014-03-27 14:10 - 2014-03-27 14:13 - 382235835 _____ () C:\Users\Administrator\Downloads\SICISPED.part4.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part3.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part2.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part1.rar
2014-03-19 19:53 - 2014-03-19 19:55 - 237455713 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part4.rar
2014-03-19 19:10 - 2014-03-19 19:10 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu (1).exe
2014-03-19 19:10 - 2014-03-19 19:10 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-03-19 19:07 - 2014-03-19 19:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu.exe
2014-03-19 18:51 - 2014-03-19 18:52 - 00000000 ____D () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU
2014-03-19 18:48 - 2014-03-19 18:50 - 1261963178 _____ () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU.zip
2014-03-19 02:59 - 2014-03-19 02:59 - 04994480 _____ (Adobe Systems Inc.) C:\Users\Administrator\Downloads\Shockwave_Installer_Slim.exe
2014-03-18 18:15 - 2014-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-15 20:59 - 2014-04-09 12:27 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder
2014-03-14 11:55 - 2014-03-14 11:56 - 171651993 _____ () C:\Users\Administrator\Downloads\15166_bounhlg.rar

==================== One Month Modified Files and Folders =======

2014-04-09 12:33 - 2014-04-05 22:31 - 00000000 ____D () C:\FRST
2014-04-09 12:33 - 2014-04-05 22:31 - 00000000 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-09 12:32 - 2009-07-14 19:58 - 00742506 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 12:32 - 2009-07-14 19:58 - 00161042 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 12:32 - 2009-07-14 07:13 - 01714942 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 12:31 - 2013-12-18 13:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-09 12:28 - 2014-04-09 12:28 - 00003241 _____ () C:\Users\Administrator\Desktop\JRT.txt
2014-04-09 12:27 - 2014-04-09 12:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\dll-files.com
2014-04-09 12:27 - 2014-03-15 20:59 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder
2014-04-09 12:26 - 2013-12-19 17:25 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-04-09 12:26 - 2013-12-18 13:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 12:25 - 2013-05-22 14:52 - 00083645 _____ () C:\Windows\setupact.log
2014-04-09 12:25 - 2010-05-03 13:02 - 01537485 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 12:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 12:22 - 2014-04-09 12:22 - 00000000 ____D () C:\Windows\ERUNT
2014-04-09 12:20 - 2009-07-14 06:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 12:20 - 2009-07-14 06:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 12:12 - 2011-07-10 16:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Htc
2014-04-09 12:11 - 2013-11-14 18:12 - 00000000 ____D () C:\AdwCleaner
2014-04-09 12:04 - 2012-06-25 05:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 11:48 - 2013-05-22 19:25 - 00617164 _____ () C:\Windows\PFRO.log
2014-04-09 11:38 - 2010-10-25 13:18 - 00000000 ____D () C:\Windows\USB Vibration
2014-04-09 11:36 - 2014-04-09 11:36 - 00106345 _____ () C:\Users\Administrator\Desktop\mbam2.txt
2014-04-09 11:35 - 2014-04-09 11:35 - 00106344 _____ () C:\Users\Administrator\Desktop\mbam.txt
2014-04-09 11:11 - 2014-04-09 11:10 - 01016261 _____ (Thisisu) C:\Users\Administrator\Downloads\JRT.exe
2014-04-09 11:10 - 2014-04-09 11:10 - 01426178 _____ () C:\Users\Administrator\Downloads\adwcleaner (1).exe
2014-04-09 11:02 - 2014-04-05 21:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 11:01 - 2014-04-09 11:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-09 11:01 - 2013-09-12 11:19 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 11:01 - 2011-07-15 00:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 11:00 - 2014-04-09 11:00 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-08 23:55 - 2014-04-05 14:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-08 14:14 - 2014-01-26 23:39 - 00007631 _____ () C:\Users\Administrator\Desktop\operationX.txt
2014-04-08 13:05 - 2014-04-08 13:05 - 00050580 _____ () C:\ComboFix.txt
2014-04-08 13:05 - 2014-04-08 12:54 - 00000000 ____D () C:\Qoobox
2014-04-08 13:05 - 2014-04-08 12:54 - 00000000 ____D () C:\ComboFix
2014-04-08 13:04 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-08 13:03 - 2013-11-25 15:12 - 00000000 ____D () C:\Program Files (x86)\Browser Guard
2014-04-08 12:53 - 2014-04-08 12:53 - 05194596 ____R (Swearware) C:\Users\Administrator\Downloads\ComboFix.exe
2014-04-07 13:39 - 2014-04-05 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-07 13:39 - 2014-04-05 21:27 - 00000000 ____D () C:\Users\Administrator\Desktop\mbar
2014-04-07 13:15 - 2014-04-07 13:15 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009 (2).exe
2014-04-07 13:13 - 2014-04-07 13:13 - 04118888 _____ () C:\Users\Administrator\Downloads\tdsskiller.zip
2014-04-07 13:13 - 2014-04-07 13:13 - 00000000 ____D () C:\Users\Administrator\Downloads\tdsskiller
2014-04-07 13:12 - 2014-04-07 13:12 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Administrator\Downloads\tdsskiller.exe
2014-04-07 13:06 - 2014-04-07 13:05 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009 (1).exe
2014-04-06 21:01 - 2010-06-29 18:45 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-04-06 20:59 - 2012-06-25 05:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-06 20:59 - 2012-06-25 05:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-06 20:59 - 2011-07-14 22:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-06 20:17 - 2014-04-05 14:43 - 00047286 _____ () C:\Windows\iis7.log
2014-04-06 20:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-04-06 20:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-04-06 14:42 - 2013-09-26 12:57 - 00000000 ____D () C:\Users\Administrator\Documents\FIFA 14
2014-04-06 13:36 - 2011-06-08 10:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-06 13:36 - 2010-10-28 23:57 - 00000000 ____D () C:\ProgramData\Origin
2014-04-06 13:25 - 2013-05-22 13:12 - 00004144 _____ () C:\Windows\System32\Tasks\Freemium1ClickMaint
2014-04-06 12:48 - 2014-04-06 12:48 - 00056957 _____ () C:\Users\Administrator\Downloads\FRST (1).txt
2014-04-06 02:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-05 22:32 - 2014-04-05 22:32 - 00081600 _____ () C:\Users\Administrator\Desktop\Addition.txt
2014-04-05 22:32 - 2014-04-05 22:32 - 00056957 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-04-05 22:32 - 2014-04-05 22:31 - 00081600 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-05 22:29 - 2014-04-05 21:02 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-04-05 22:26 - 2014-04-05 14:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Overwolf
2014-04-05 22:21 - 2014-04-05 22:21 - 00000668 _____ () C:\Users\Administrator\Downloads\defogger_disable.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00000188 _____ () C:\Users\Administrator\defogger_reenable
2014-04-05 22:21 - 2010-05-03 13:06 - 00000000 ____D () C:\Users\Administrator
2014-04-05 22:20 - 2014-04-05 22:20 - 02157056 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00380416 _____ () C:\Users\Administrator\Downloads\Gmer-19357.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00050477 _____ () C:\Users\Administrator\Downloads\Defogger.exe
2014-04-05 22:19 - 2014-04-05 22:19 - 00000704 _____ () C:\Users\Administrator\Desktop\Ereignisse.txt
2014-04-05 21:26 - 2014-04-05 21:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009.exe
2014-04-05 21:02 - 2014-04-05 21:02 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (2).exe
2014-04-05 21:01 - 2014-04-05 15:35 - 00000000 ____D () C:\Users\Administrator\Desktop\TS3
2014-04-05 15:35 - 2014-04-05 14:51 - 00000000 ____D () C:\Users\Administrator\AppData\Local\TeamSpeak 3 Client
2014-04-05 15:07 - 2010-05-04 11:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Skype
2014-04-05 14:55 - 2014-04-05 14:55 - 00000954 _____ () C:\Users\Administrator\Desktop\Teamspeak 2 RC2.lnk
2014-04-05 14:55 - 2014-04-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Teamspeak2_RC2
2014-04-05 14:54 - 2014-04-05 14:54 - 05862994 _____ () C:\Users\Administrator\Downloads\ts2_client_rc2_2032.exe
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SUA
2014-04-05 14:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-05 14:42 - 2014-04-05 14:42 - 00000862 _____ () C:\Windows\system32\termcap
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\inetpub
2014-04-05 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-05 14:33 - 2014-04-05 14:33 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14 (1).exe
2014-04-05 14:28 - 2014-04-05 14:28 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win64-3.0.14.exe
2014-04-05 14:26 - 2014-04-05 14:26 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Administrator\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-04-03 23:27 - 2010-05-08 18:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-04-03 21:43 - 2010-05-04 09:42 - 00000000 ____D () C:\Users\Administrator\Downloads\Filme
2014-04-03 21:42 - 2014-04-03 21:40 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part3.rar
2014-04-03 21:42 - 2014-04-03 21:40 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part2.rar
2014-04-03 21:42 - 2014-04-03 21:40 - 380633088 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part1.rar
2014-04-03 21:40 - 2014-04-03 21:40 - 41368249 _____ () C:\Users\Administrator\Downloads\9758698801768798704274202.part4.rar
2014-04-03 21:38 - 2014-04-03 21:38 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part5.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part4.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part3.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part2.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part1.rar
2014-04-03 21:36 - 2014-04-03 21:35 - 09590883 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e12.part6.rar
2014-04-03 21:35 - 2014-04-03 21:35 - 00000000 ____D () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11
2014-04-03 21:34 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part4.rar
2014-04-03 21:34 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part3.rar
2014-04-03 21:34 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part2.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 94680553 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part5.rar
2014-04-03 21:33 - 2014-04-03 21:33 - 106954755 _____ () C:\Users\Administrator\Downloads\greysanatomy_sdx264_s10e11.part1.rar
2014-04-03 09:51 - 2014-04-09 11:01 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:51 - 2014-04-05 21:27 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2011-07-15 00:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 18:26 - 2013-12-19 17:26 - 00000300 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\homeland.s03e04
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\home.s03e05
2014-04-02 18:03 - 2014-04-02 18:00 - 209715200 _____ () C:\Users\Administrator\Downloads\home.s03e05.part1.rar
2014-04-02 18:02 - 2014-04-02 18:00 - 209715200 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part1.rar
2014-04-02 18:02 - 2014-04-02 18:00 - 156306278 _____ () C:\Users\Administrator\Downloads\homeland.s03e04.part2.rar
2014-04-02 18:02 - 2014-04-02 18:00 - 147203437 _____ () C:\Users\Administrator\Downloads\home.s03e05.part2.rar
2014-04-01 20:16 - 2013-05-27 22:14 - 00142823 _____ () C:\Windows\DirectX.log
2014-04-01 20:15 - 2014-04-01 20:15 - 00000643 _____ () C:\Windows\KB942288-v3.log
2014-04-01 20:09 - 2010-05-24 21:25 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-04-01 20:09 - 2010-05-04 11:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-01 19:40 - 2013-08-21 12:54 - 00001183 _____ () C:\Users\Administrator\Desktop\Uplay.lnk
2014-04-01 19:38 - 2014-04-01 19:38 - 62404320 _____ (Ubisoft) C:\Users\Administrator\Downloads\UplayInstaller.exe
2014-04-01 12:46 - 2013-05-06 18:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\RBotPlus
2014-04-01 12:36 - 2013-05-06 18:53 - 00000000 ____D () C:\Program Files (x86)\RBPlus
2014-03-27 14:34 - 2013-02-17 13:53 - 00000000 ____D () C:\Users\Administrator\Documents\SimCity
2014-03-27 14:33 - 2014-03-27 14:33 - 00001471 _____ () C:\Users\Public\Desktop\SimCity.lnk
2014-03-27 14:28 - 2010-05-04 10:59 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-03-27 14:16 - 2010-05-04 09:58 - 00000000 ____D () C:\Users\Administrator\Downloads\Spiele
2014-03-27 14:15 - 2014-03-27 14:10 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part1.rar
2014-03-27 14:14 - 2014-03-27 14:10 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part3.rar
2014-03-27 14:14 - 2014-03-27 14:10 - 838860803 _____ () C:\Users\Administrator\Downloads\SICISPED.part2.rar
2014-03-27 14:13 - 2014-03-27 14:10 - 382235835 _____ () C:\Users\Administrator\Downloads\SICISPED.part4.rar
2014-03-26 21:26 - 2013-12-18 13:09 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 21:26 - 2013-12-18 13:09 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-23 10:25 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-19 19:55 - 2014-03-19 19:53 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part3.rar
2014-03-19 19:55 - 2014-03-19 19:53 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part2.rar
2014-03-19 19:55 - 2014-03-19 19:53 - 314572800 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part1.rar
2014-03-19 19:55 - 2014-03-19 19:53 - 237455713 _____ () C:\Users\Administrator\Downloads\Bastille - Discography - 2011-2013.part4.rar
2014-03-19 19:19 - 2010-05-04 10:59 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-03-19 19:10 - 2014-03-19 19:10 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu (1).exe
2014-03-19 19:10 - 2014-03-19 19:10 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-03-19 19:07 - 2014-03-19 19:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu.exe
2014-03-19 18:52 - 2014-03-19 18:51 - 00000000 ____D () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU
2014-03-19 18:50 - 2014-03-19 18:48 - 1261963178 _____ () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU.zip
2014-03-19 03:35 - 2013-08-14 23:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:35 - 2010-05-04 08:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-19 03:33 - 2010-05-03 21:42 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 02:59 - 2014-03-19 02:59 - 04994480 _____ (Adobe Systems Inc.) C:\Users\Administrator\Downloads\Shockwave_Installer_Slim.exe
2014-03-18 22:46 - 2014-03-18 18:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-15 21:28 - 2013-12-18 13:10 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 11:56 - 2014-03-14 11:55 - 171651993 _____ () C:\Users\Administrator\Downloads\15166_bounhlg.rar
2014-03-13 23:43 - 2012-05-15 10:05 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 23:43 - 2012-05-15 10:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 14:45 - 2009-07-14 04:34 - 00000783 _____ () C:\Windows\win.ini

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Administrator\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-04-01 14:50

==================== End Of Log ============================
         
--- --- ---

Alt 10.04.2014, 08:02   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.04.2014, 21:12   #13
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Teamspeak 3 bringt nach Neuinstallation weiterhin den fehler das der angegebene Dienst nicht installiert ist



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b14efa233c272544a9c19f3906e83496
# engine=17835
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-10 08:09:26
# local_time=2014-04-10 10:09:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=1799 16775165 100 94 14176 13920248 84577 0
# scanned=474145
# found=6
# cleaned=0
# scan_time=14003
sh=26A4D8D46950F6A36CE4C678DC1BA36F63980EAB ft=1 fh=5b1a47320b91d0bf vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2014\rld.dll"
sh=26A4D8D46950F6A36CE4C678DC1BA36F63980EAB ft=1 fh=5b1a47320b91d0bf vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2014\PESEdit\temp\rld.dll"
sh=29336CD82B5BA6E4DDD380DF0313C98A385EB6E1 ft=1 fh=d6b2c24a54bc60d0 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Program Files (x86)\Milestone\SBKGen\rld.dll"
sh=9AC7914BD4B7289861B9ACE1F250CB64768E418D ft=1 fh=06ebcc233b34fe99 vn="Win32/AdWare.1ClickDownload.AR application" ac=I fn="C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000000"
sh=8E6DA34B78F3FB505912DF972E7CFF34290A4705 ft=0 fh=0000000000000000 vn="Win32/AdWare.1ClickDownload.AR application" ac=I fn="C:\Users\Administrator\Documents\chrome_User Data_18122013.gcb"
sh=D4E77FD525F2E66A5F6A46E4B6EB956E74529671 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="C:\Users\Administrator\Downloads\rld-ac3103.7z"
         


Code:
ATTFilter
.. Results of screen317's Security Check version 0.99.81  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!! 
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.6001)   
 TuneUp Utilities Language Pack (de-DE) 
 CCleaner     
 Java 7 Update 45  
 Java version out of Date! 
 Adobe Flash Player 12.0.0.77  
 Adobe Reader XI  
 Mozilla Firefox 18.0 Firefox out of Date!  
 Mozilla Thunderbird (24.4.0) 
 Google Chrome 33.0.1750.154  
 Google Chrome 34.0.1847.116  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 28 days old and could be outdated)
Ran by Administrator (administrator) on FIFU-PC on 10-04-2014 22:18:32
Running from C:\Users\Administrator\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\psxss.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Soluto) c:\program files\soluto\soluto.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Octoshape ApS) C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Hewlett-Packard Co.) C:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190472 2009-09-17] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [LogiScrollApp] - C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [5889816 2011-12-07] (Logitech Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-03-25] (AMD)
HKU\S-1-5-21-466614843-1103789956-2564716473-500\...\Run: [Octoshape Streaming Services] - C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [70936 2009-01-08] (Octoshape ApS)

==================== Internet (Whitelisted) ====================

ProxyServer: 219.83.62.50:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x09F8B1D0F9F7CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\Administrator\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @powerchallenge.com/PowerLoader - C:\Users\ADMINI~1\AppData\LocalLow\PowerChallenge\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\Administrator\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Administrator\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Administrator\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\searchplugins\searchplugins-backup
FF Extension: Разпознаване на устройство Logitech - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\DeviceDetection@logitech.com [2010-09-23]
FF Extension: FIFA Online Web Launcher - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\eafo3fflauncher@ea.com [2010-08-28]
FF Extension: TVU Web Player - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\firefox@tvunetworks.com [2010-06-26]
FF Extension: Simple Dyyno Launcher - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\NPDyyno@dyyno.com [2010-05-04]
FF Extension: StumbleUpon - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\toolbar@stumbleupon.com [2012-07-10]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-04]
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-08-19]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\tgi1zjay.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2011-07-21]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-05-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-04-16]
FF HKCU\...\Firefox\Extensions: [{E0CC257A-4D42-4ED7-AFAF-0AE6422F60D0}] - C:\Program Files (x86)\Copernic Desktop Search - Home\Firefox36Connector
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-16]

Chrome: 
=======
CHR HomePage: hxxp://search.babylon.com/?affID=109958&tt=010712_7&babsrc=HP_ss&mntrId=4e8b3082000000000000485b391de0c0
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-18]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-18]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-18]
CHR Extension: (Google-Suche) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-18]
CHR Extension: (The Godfather: Five Families) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl [2011-10-30]
CHR Extension: (Logitech Flow Scroll) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi [2013-12-18]
CHR Extension: (Browser Guard) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfepagcelbegkpkcjgfeecmlnmkedjin [2013-12-18]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-12-18]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Docs Viewer für PDF/PowerPoint (von Google)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2012-10-14]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-12-18]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-01-06]
CHR Extension: (Google Mail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-18]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Administrator\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-02]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\ADMINI~1\AppData\Local\Temp\tbch.crx [2012-11-02]
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2012-04-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
S3 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
S3 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-03-08] (Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-10-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-07] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2009-07-14] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2009-07-14] (Microsoft Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182840 2012-11-21] (Soluto)
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2007-03-29] (Syntek America Inc.)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
S3 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1621800 2012-08-11] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-14] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\ADMINI~1\AppData\Local\Temp\7zS663B\hpslpsvc64.dll [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]

==================== Drivers (Whitelisted) ====================

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2012-03-10] ()
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S1 Beep; No ImagePath
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
S3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [18328 2010-04-09] (Initio Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [14336 2010-06-03] (secr9tos)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-24] (Duplex Secure Ltd.)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1352832 2007-05-10] (Syntek)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz132; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 mvvideodemo; system32\DRIVERS\mvvideodemo.sys [X]
U4 RemoteRegistry; 
S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X]
U4 W32Time; %SystemRoot%\system32\svchost.exe -k LocalService
U4 WerSvc; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-10 22:13 - 2014-04-10 22:13 - 00987448 _____ () C:\Users\Administrator\Downloads\SecurityCheck.exe
2014-04-10 18:12 - 2014-04-10 18:12 - 02347384 _____ (ESET) C:\Users\Administrator\Downloads\esetsmartinstaller_enu (2).exe
2014-04-09 12:28 - 2014-04-09 12:28 - 00003241 _____ () C:\Users\Administrator\Desktop\JRT.txt
2014-04-09 12:27 - 2014-04-09 12:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\dll-files.com
2014-04-09 12:22 - 2014-04-09 12:22 - 00000000 ____D () C:\Windows\ERUNT
2014-04-09 11:36 - 2014-04-09 11:36 - 00106345 _____ () C:\Users\Administrator\Desktop\mbam2.txt
2014-04-09 11:35 - 2014-04-09 11:35 - 00106344 _____ () C:\Users\Administrator\Desktop\mbam.txt
2014-04-09 11:10 - 2014-04-09 11:11 - 01016261 _____ (Thisisu) C:\Users\Administrator\Downloads\JRT.exe
2014-04-09 11:10 - 2014-04-09 11:10 - 01426178 _____ () C:\Users\Administrator\Downloads\adwcleaner (1).exe
2014-04-09 11:01 - 2014-04-09 11:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-09 11:01 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-08 13:05 - 2014-04-08 13:05 - 00050580 _____ () C:\ComboFix.txt
2014-04-08 12:54 - 2014-04-08 13:05 - 00000000 ____D () C:\Qoobox
2014-04-08 12:54 - 2014-04-08 13:05 - 00000000 ____D () C:\ComboFix
2014-04-08 12:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-08 12:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-08 12:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-08 12:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-08 12:53 - 2014-04-08 12:53 - 05194596 ____R (Swearware) C:\Users\Administrator\Downloads\ComboFix.exe
2014-04-07 13:13 - 2014-04-07 13:13 - 04118888 _____ () C:\Users\Administrator\Downloads\tdsskiller.zip
2014-04-07 13:13 - 2014-04-07 13:13 - 00000000 ____D () C:\Users\Administrator\Downloads\tdsskiller
2014-04-07 13:12 - 2014-04-07 13:12 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Administrator\Downloads\tdsskiller.exe
2014-04-06 12:48 - 2014-04-06 12:48 - 00056957 _____ () C:\Users\Administrator\Downloads\FRST (1).txt
2014-04-06 12:40 - 2012-06-01 07:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-04-06 12:40 - 2012-06-01 07:16 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-04-06 12:40 - 2012-06-01 07:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-04-06 12:40 - 2012-06-01 07:15 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-04-06 12:40 - 2012-06-01 07:15 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-04-06 12:40 - 2012-06-01 07:14 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-04-06 12:40 - 2012-06-01 06:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-04-06 12:40 - 2012-06-01 06:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-04-06 12:40 - 2012-06-01 06:44 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-04-06 12:40 - 2012-06-01 06:43 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-04-06 12:40 - 2012-06-01 06:43 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-04-06 12:40 - 2012-06-01 06:42 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-04-05 22:32 - 2014-04-05 22:32 - 00081600 _____ () C:\Users\Administrator\Desktop\Addition.txt
2014-04-05 22:32 - 2014-04-05 22:32 - 00056957 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-04-05 22:31 - 2014-04-10 22:18 - 00008565 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-05 22:31 - 2014-04-10 22:18 - 00000000 ____D () C:\FRST
2014-04-05 22:31 - 2014-04-05 22:32 - 00081600 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-05 22:21 - 2014-04-05 22:21 - 00000668 _____ () C:\Users\Administrator\Downloads\defogger_disable.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00000188 _____ () C:\Users\Administrator\defogger_reenable
2014-04-05 22:20 - 2014-04-05 22:20 - 02157056 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00380416 _____ () C:\Users\Administrator\Downloads\Gmer-19357.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00050477 _____ () C:\Users\Administrator\Downloads\Defogger.exe
2014-04-05 22:19 - 2014-04-05 22:19 - 00000704 _____ () C:\Users\Administrator\Desktop\Ereignisse.txt
2014-04-05 21:29 - 2014-04-10 18:09 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 21:29 - 2014-04-07 13:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-05 21:27 - 2014-04-07 13:39 - 00000000 ____D () C:\Users\Administrator\Desktop\mbar
2014-04-05 21:27 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 15:35 - 2014-04-05 21:01 - 00000000 ____D () C:\Users\Administrator\Desktop\TS3
2014-04-05 14:55 - 2014-04-05 14:55 - 00000954 _____ () C:\Users\Administrator\Desktop\Teamspeak 2 RC2.lnk
2014-04-05 14:55 - 2014-04-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Teamspeak2_RC2
2014-04-05 14:54 - 2014-04-05 14:54 - 05862994 _____ () C:\Users\Administrator\Downloads\ts2_client_rc2_2032.exe
2014-04-05 14:51 - 2014-04-05 15:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\TeamSpeak 3 Client
2014-04-05 14:46 - 2014-04-05 22:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Overwolf
2014-04-05 14:43 - 2014-04-06 20:17 - 00047286 _____ () C:\Windows\iis7.log
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SUA
2014-04-05 14:42 - 2014-04-05 14:42 - 00000862 _____ () C:\Windows\system32\termcap
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\inetpub
2014-04-05 14:31 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\homeland.s03e04
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\home.s03e05
2014-04-01 20:15 - 2014-04-01 20:15 - 00000643 _____ () C:\Windows\KB942288-v3.log
2014-03-27 14:33 - 2014-03-27 14:33 - 00001471 _____ () C:\Users\Public\Desktop\SimCity.lnk
2014-03-19 19:10 - 2014-03-19 19:10 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu (1).exe
2014-03-19 19:10 - 2014-03-19 19:10 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-03-19 19:07 - 2014-03-19 19:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu.exe
2014-03-19 18:51 - 2014-03-19 18:52 - 00000000 ____D () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU
2014-03-19 02:59 - 2014-03-19 02:59 - 04994480 _____ (Adobe Systems Inc.) C:\Users\Administrator\Downloads\Shockwave_Installer_Slim.exe
2014-03-18 18:15 - 2014-03-18 22:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-15 20:59 - 2014-04-10 18:11 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder

==================== One Month Modified Files and Folders =======

2014-04-10 22:18 - 2014-04-05 22:31 - 00008565 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-10 22:18 - 2014-04-05 22:31 - 00000000 ____D () C:\FRST
2014-04-10 22:13 - 2014-04-10 22:13 - 00987448 _____ () C:\Users\Administrator\Downloads\SecurityCheck.exe
2014-04-10 22:12 - 2013-05-22 13:12 - 00004144 _____ () C:\Windows\System32\Tasks\Freemium1ClickMaint
2014-04-10 22:04 - 2012-06-25 05:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-10 21:31 - 2013-12-18 13:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-10 21:05 - 2010-05-03 13:02 - 01789312 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 20:48 - 2010-05-04 09:58 - 00000000 ____D () C:\Users\Administrator\Downloads\Spiele
2014-04-10 20:31 - 2013-12-18 13:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-10 20:24 - 2010-06-01 11:28 - 00000000 ____D () C:\Users\Administrator\Downloads\Programme
2014-04-10 20:08 - 2010-05-04 09:42 - 00000000 ____D () C:\Users\Administrator\Downloads\Filme
2014-04-10 18:26 - 2013-12-19 17:26 - 00000300 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-04-10 18:18 - 2011-07-10 16:10 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Htc
2014-04-10 18:16 - 2009-07-14 06:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-10 18:16 - 2009-07-14 06:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-10 18:12 - 2014-04-10 18:12 - 02347384 _____ (ESET) C:\Users\Administrator\Downloads\esetsmartinstaller_enu (2).exe
2014-04-10 18:11 - 2014-03-15 20:59 - 00003112 _____ () C:\Windows\System32\Tasks\RDReminder
2014-04-10 18:09 - 2014-04-05 21:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 18:07 - 2013-05-22 14:52 - 00083757 _____ () C:\Windows\setupact.log
2014-04-10 18:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 23:38 - 2010-05-04 08:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 23:35 - 2013-08-14 23:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 23:33 - 2010-05-03 21:42 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 23:19 - 2013-09-26 12:57 - 00000000 ____D () C:\Users\Administrator\Documents\FIFA 14
2014-04-09 22:18 - 2010-10-28 23:57 - 00000000 ____D () C:\ProgramData\Origin
2014-04-09 22:17 - 2011-06-08 10:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-09 21:57 - 2014-01-26 23:39 - 00007697 _____ () C:\Users\Administrator\Desktop\operationX.txt
2014-04-09 21:34 - 2013-12-18 13:10 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-09 20:41 - 2009-07-14 19:58 - 00742506 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 20:41 - 2009-07-14 19:58 - 00161042 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 20:41 - 2009-07-14 07:13 - 01714942 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 20:38 - 2013-05-22 13:11 - 00002563 _____ () C:\Users\Public\Desktop\Free System Utilities.lnk
2014-04-09 12:28 - 2014-04-09 12:28 - 00003241 _____ () C:\Users\Administrator\Desktop\JRT.txt
2014-04-09 12:27 - 2014-04-09 12:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\dll-files.com
2014-04-09 12:22 - 2014-04-09 12:22 - 00000000 ____D () C:\Windows\ERUNT
2014-04-09 12:11 - 2013-11-14 18:12 - 00000000 ____D () C:\AdwCleaner
2014-04-09 11:48 - 2013-05-22 19:25 - 00617164 _____ () C:\Windows\PFRO.log
2014-04-09 11:47 - 2010-10-25 13:18 - 00000000 ____D () C:\Windows\USB Vibration
2014-04-09 11:36 - 2014-04-09 11:36 - 00106345 _____ () C:\Users\Administrator\Desktop\mbam2.txt
2014-04-09 11:35 - 2014-04-09 11:35 - 00106344 _____ () C:\Users\Administrator\Desktop\mbam.txt
2014-04-09 11:11 - 2014-04-09 11:10 - 01016261 _____ (Thisisu) C:\Users\Administrator\Downloads\JRT.exe
2014-04-09 11:10 - 2014-04-09 11:10 - 01426178 _____ () C:\Users\Administrator\Downloads\adwcleaner (1).exe
2014-04-09 11:01 - 2014-04-09 11:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-09 11:01 - 2013-09-12 11:19 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 11:01 - 2011-07-15 00:33 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Malwarebytes
2014-04-09 11:01 - 2011-07-15 00:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 23:55 - 2014-04-05 14:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-04-08 13:05 - 2014-04-08 13:05 - 00050580 _____ () C:\ComboFix.txt
2014-04-08 13:05 - 2014-04-08 12:54 - 00000000 ____D () C:\Qoobox
2014-04-08 13:05 - 2014-04-08 12:54 - 00000000 ____D () C:\ComboFix
2014-04-08 13:04 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-08 12:53 - 2014-04-08 12:53 - 05194596 ____R (Swearware) C:\Users\Administrator\Downloads\ComboFix.exe
2014-04-07 13:39 - 2014-04-05 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-07 13:39 - 2014-04-05 21:27 - 00000000 ____D () C:\Users\Administrator\Desktop\mbar
2014-04-07 13:13 - 2014-04-07 13:13 - 04118888 _____ () C:\Users\Administrator\Downloads\tdsskiller.zip
2014-04-07 13:13 - 2014-04-07 13:13 - 00000000 ____D () C:\Users\Administrator\Downloads\tdsskiller
2014-04-07 13:12 - 2014-04-07 13:12 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Administrator\Downloads\tdsskiller.exe
2014-04-06 21:01 - 2010-06-29 18:45 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-04-06 20:59 - 2012-06-25 05:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-06 20:59 - 2012-06-25 05:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-06 20:59 - 2011-07-14 22:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-06 20:17 - 2014-04-05 14:43 - 00047286 _____ () C:\Windows\iis7.log
2014-04-06 20:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-04-06 20:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-04-06 12:48 - 2014-04-06 12:48 - 00056957 _____ () C:\Users\Administrator\Downloads\FRST (1).txt
2014-04-06 02:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-05 22:32 - 2014-04-05 22:32 - 00081600 _____ () C:\Users\Administrator\Desktop\Addition.txt
2014-04-05 22:32 - 2014-04-05 22:32 - 00056957 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-04-05 22:32 - 2014-04-05 22:31 - 00081600 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-05 22:26 - 2014-04-05 14:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Overwolf
2014-04-05 22:21 - 2014-04-05 22:21 - 00000668 _____ () C:\Users\Administrator\Downloads\defogger_disable.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00000188 _____ () C:\Users\Administrator\defogger_reenable
2014-04-05 22:21 - 2010-05-03 13:06 - 00000000 ____D () C:\Users\Administrator
2014-04-05 22:20 - 2014-04-05 22:20 - 02157056 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00380416 _____ () C:\Users\Administrator\Downloads\Gmer-19357.exe
2014-04-05 22:20 - 2014-04-05 22:20 - 00050477 _____ () C:\Users\Administrator\Downloads\Defogger.exe
2014-04-05 22:19 - 2014-04-05 22:19 - 00000704 _____ () C:\Users\Administrator\Desktop\Ereignisse.txt
2014-04-05 21:01 - 2014-04-05 15:35 - 00000000 ____D () C:\Users\Administrator\Desktop\TS3
2014-04-05 15:35 - 2014-04-05 14:51 - 00000000 ____D () C:\Users\Administrator\AppData\Local\TeamSpeak 3 Client
2014-04-05 15:07 - 2010-05-04 11:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Skype
2014-04-05 14:55 - 2014-04-05 14:55 - 00000954 _____ () C:\Users\Administrator\Desktop\Teamspeak 2 RC2.lnk
2014-04-05 14:55 - 2014-04-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Teamspeak2_RC2
2014-04-05 14:54 - 2014-04-05 14:54 - 05862994 _____ () C:\Users\Administrator\Downloads\ts2_client_rc2_2032.exe
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-05 14:43 - 2014-04-05 14:43 - 00000000 ____D () C:\Windows\SUA
2014-04-05 14:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-05 14:42 - 2014-04-05 14:42 - 00000862 _____ () C:\Windows\system32\termcap
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-05 14:42 - 2014-04-05 14:42 - 00000000 ____D () C:\inetpub
2014-04-05 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-03 23:27 - 2010-05-08 18:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-04-03 09:51 - 2014-04-09 11:01 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:51 - 2014-04-05 21:27 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2011-07-15 00:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\homeland.s03e04
2014-04-02 18:04 - 2014-04-02 18:04 - 00000000 ____D () C:\Users\Administrator\Downloads\home.s03e05
2014-04-01 20:16 - 2013-05-27 22:14 - 00142823 _____ () C:\Windows\DirectX.log
2014-04-01 20:15 - 2014-04-01 20:15 - 00000643 _____ () C:\Windows\KB942288-v3.log
2014-04-01 20:09 - 2010-05-24 21:25 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-04-01 20:09 - 2010-05-04 11:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-01 19:40 - 2013-08-21 12:54 - 00001183 _____ () C:\Users\Administrator\Desktop\Uplay.lnk
2014-04-01 12:46 - 2013-05-06 18:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\RBotPlus
2014-04-01 12:36 - 2013-05-06 18:53 - 00000000 ____D () C:\Program Files (x86)\RBPlus
2014-03-27 14:34 - 2013-02-17 13:53 - 00000000 ____D () C:\Users\Administrator\Documents\SimCity
2014-03-27 14:33 - 2014-03-27 14:33 - 00001471 _____ () C:\Users\Public\Desktop\SimCity.lnk
2014-03-27 14:28 - 2010-05-04 10:59 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-03-26 21:26 - 2013-12-18 13:09 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 21:26 - 2013-12-18 13:09 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-23 10:25 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-19 19:19 - 2010-05-04 10:59 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-03-19 19:10 - 2014-03-19 19:10 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu (1).exe
2014-03-19 19:10 - 2014-03-19 19:10 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-03-19 19:07 - 2014-03-19 19:07 - 07886712 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\Xbox360_64Deu.exe
2014-03-19 18:52 - 2014-03-19 18:51 - 00000000 ____D () C:\Users\Administrator\Downloads\fifa11_pc_demo_EU
2014-03-19 02:59 - 2014-03-19 02:59 - 04994480 _____ (Adobe Systems Inc.) C:\Users\Administrator\Downloads\Shockwave_Installer_Slim.exe
2014-03-18 22:46 - 2014-03-18 18:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-13 23:43 - 2012-05-15 10:05 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 23:43 - 2012-05-15 10:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 14:45 - 2009-07-14 04:34 - 00000783 _____ () C:\Windows\win.ini

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Administrator\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-04-09 13:09

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Geändert von rudak (10.04.2014 um 21:22 Uhr)

Alt 13.04.2014, 13:45   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



Java und Firefox updaten. WIndows updaten, da fehlen Jahre an Updates.

Teamspeak mal mit Rechtsklick als Admin starten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.04.2014, 17:26   #15
rudak
 
Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Standard

Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"



firefox nutz ich nicht mehr, java ist geupdadet... bei windows müsste alles up to date sein, da er die updates immer automatisch macht, so wie es empfohlen ist

achso und Teamspeak habe ich mehrmals schon versucht als Administrator zu starten...trotzdem gleicher Fehler. Hab grad nochmal Windows geupdated... das Jahre an Updates fehlen liegt wahrscheinlich daran das ich kein Service pack 1 drauf habe, aber das kriege ich auch nicht installiert, wenn ich es versuche zu installieren kommt der Fehler das Kompotenten zum installieren fehlen, wenn ich auf Problem lösen klicken wird mir eine komplette Windows 7 installation empfohlen

Antwort

Themen zu Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"
adware/installcore.gen, anweisung, beendet, direkt, durchgeführt, fehler, gmer, installier, neue, programm, pup.optional.babylon.a, pup.optional.conduit, pup.optional.conduit.a, pup.optional.installcore.a, pup.optional.pcperformer.a, pup.optional.somoto.a, pup.optional.valueapps.a, pup.optional.visualbee, speicher, teamspeak, thema, versucht, win



Ähnliche Themen: Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"


  1. Keine Verbindung mit dem Dienst "Benachrichtigungsdienst für Systemereignisse"
    Plagegeister aller Art und deren Bekämpfung - 14.11.2015 (11)
  2. der angegeben dienst ist kein installierter dienst
    Plagegeister aller Art und deren Bekämpfung - 14.11.2015 (11)
  3. Kunden PC Virus *Der angegebene Dienst ist kein Installierter Dienst*
    Plagegeister aller Art und deren Bekämpfung - 11.03.2015 (16)
  4. Immer Ärger mit Samsung-Dienst "Find My Mobile"
    Nachrichten - 28.10.2014 (0)
  5. Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand
    Plagegeister aller Art und deren Bekämpfung - 20.05.2014 (15)
  6. Win XP SP3: der Dienst "Automatische Updates" lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 09.01.2014 (5)
  7. [Meldung im Wartecenter] 'Dienst "Windows-Sicherheitscenter" aktivieren (Wichtig)'
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (1)
  8. Der angegebene Dienst ist kein installierter Dienst.
    Plagegeister aller Art und deren Bekämpfung - 07.03.2013 (29)
  9. Dienst "Windows-Sicherheitscenter" lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 21.06.2011 (21)
  10. Dienst "Sicherheitscenter" lässt sich nicht starten - Googleumleitungen - Trojaner on Board ?
    Log-Analyse und Auswertung - 10.02.2011 (25)
  11. Schwerer Virenbefall - Dienst "Boot Helper"
    Plagegeister aller Art und deren Bekämpfung - 15.01.2011 (5)
  12. Kein internet mehr nach automatisch installierter "anti"-virus software
    Plagegeister aller Art und deren Bekämpfung - 10.07.2010 (1)
  13. Windows Update Dienst bleibt im Status "wird gestartet" stehen
    Alles rund um Windows - 05.06.2010 (0)
  14. "Der angegebene Dienst ist kein istallierter Dienst."
    Plagegeister aller Art und deren Bekämpfung - 29.07.2009 (0)
  15. Computer aufeinmal sehr langsam , AntiVir "Dienst gestoppt"
    Log-Analyse und Auswertung - 08.07.2009 (16)
  16. Dienst "Automatische Updates" deaktiviert
    Alles rund um Windows - 30.10.2008 (19)
  17. Dienst "Automatische Updates" deaktiviert+Firefox lädt keine Seiten+google.de googelt
    Log-Analyse und Auswertung - 25.08.2008 (2)

Zum Thema Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" - Hallo liebes Forum, Habe heute versucht TeamSpeak 3 seit einiger zeit mal wieder aufzuspielen. Dabei geht die Installation (64 bit) ohne Probleme. Wenn ich Versuche das Programm zustarten kommt direkt - Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"...
Archiv
Du betrachtest: Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.