Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Trojan.Ransomlock.G

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 23.01.2015, 22:47   #1
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Hallo und guten Abend!

Mein Norton meldet mir seit heute Nachmittag ständig, dass o.g. Trojaner (?!) gefunden wurde.

Ebenfalls seit heute Nachmittag werden hin und wieder scheinbar automatisch irgendwelche Dateien geladen und von Norton als "vertrauenswürdig" eingestuft. Mir erscheint das jedoch mehr als komisch. Zum Beispiel: "widevinecdm.dll" oder "KWae.dll" oder "2jLD.dll"


Habe dann zwei vollständige System-Scans mit Norton und einen mit Norton Power Eraser durchgeführt. Jeweils ohne Ergebnis.

Danach habe ich mbar laufen lassen:

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.3.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17501

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.095000 GHz
Memory total: 4197453824, free: 2141044736

Downloaded database version: v2015.01.23.07
Downloaded database version: v2015.01.14.01
Downloaded database version: v2014.12.06.01
=======================================
Initializing...
------------ Kernel report ------------
     01/23/2015 20:22:06
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\N360x64\1506000.020\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\N360x64\1506000.020\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\N360x64\1506000.020\ccSetx64.sys
\SystemRoot\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS
\SystemRoot\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS
\SystemRoot\system32\drivers\N360x64\1506000.020\Ironx64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150122.039\EX64.SYS
\??\C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150122.039\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20150122.001\IDSvia64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\??\C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20150106.001\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\drivers\nusb3xhc.sys
\SystemRoot\system32\drivers\USBD.SYS
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\iwdbus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\nusb3hub.sys
\SystemRoot\System32\Drivers\RtsUVStor.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\atksgt.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\SystemRoot\System32\drivers\SMR430.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.01.23.07
  rootkit: v2015.01.14.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006a24060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006a24b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006a24060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004351050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File user open failed: C:\WINDOWS\SYSTEM32\drivers\SMR430.dat (0x00000020)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2BD2C32A

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 1378953216

    Partition 2 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1379160064  Numsec = 83877888

    Partition 3 type is Other (0x12)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1463037952  Numsec = 2099200

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Done!
Infected: C:\ProgramData\5AE8CEA3B.cpp --> [Trojan.Agent.ED]
Infected: HKLM\SOFTWARE\Refog Software --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\M0000 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\REFOG Keylogger.lnk --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\S0000 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\1 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\1\D0000 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\1\S0000 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\2 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\2\D0000 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\2\S0000 --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\CPDA --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\CPDM --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\CPDM\cpfm.bin --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\REFOG Keylogger --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\REFOG Keylogger\Jetzt bestellen!.lnk --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\REFOG Keylogger\REFOG Keylogger im Internet.lnk --> [Refog.Keylogger]
Infected: C:\ProgramData\MPK\REFOG Keylogger\REFOG Keylogger.lnk --> [Refog.Keylogger]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit --> [Refog.Keylogger]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
         

Nach dem Neustart des Rechners kam folgender Hinweis:


"WButton: Can not load HotKey.sys!!"

Ein neuer Hinweis auf "Trojan.Ransomlock.G" ist bisher nicht mehr erschienen.

Danach habe ich eure Anleitung zum Erstellen eines Themas gelesen und die beschriebenen Schritte ausgeführt.

Hier die Logs:

FRST

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Daniel (administrator) on DANIEL-PC on 23-01-2015 21:27:33
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available profiles: Daniel & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\nacl64.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxTrayapp.exe
() C:\Users\Daniel\Desktop\Defogger.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BITBstartApplicationAsUser.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\bitb.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-15] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\MountPoints2: {31d51659-6335-11e2-a2c6-bc77379f524e} - F:\iLinker.exe
HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\MountPoints2: {92aa41c8-5d98-11e4-ab16-00262dc88bf2} - F:\autorun.exe
HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\MountPoints2: {931312c2-9659-11e3-b0ac-bc77379f524e} - F:\autorun.exe
HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\MountPoints2: {ff8d135a-abd7-11e3-aba8-bc77379f524e} - F:\autorun.exe
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\B3AEC8EA5.lnk
ShortcutTarget: B3AEC8EA5.lnk -> C:\PROGRA~3\5AE8CEA3B.cpp (No File)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2189779353-2093667472-534821050-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2189779353-2093667472-534821050-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll (Google, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll (Google, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2189779353-2093667472-534821050-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2189779353-2093667472-534821050-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2189779353-2093667472-534821050-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2015-01-23]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF

Chrome: 
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-18]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-18]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-18]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-18]
CHR Extension: (Norton Security Toolbar) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-12-18]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-18]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-07]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Daniel\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-06-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2014-12-19] (Sirrix AG) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138272 2014-09-05] ()
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [219680 2014-09-05] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [271176 2012-07-09] ()
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
S2 Winmgmt; C:\PROGRA~3\B3AEC8EA5.zot [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-11-26] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20150122.001\IDSvia64.sys [668888 2015-01-14] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-11-26] ()
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150122.039\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150122.039\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-10-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 21:27 - 2015-01-23 21:28 - 00023901 _____ () C:\Users\Daniel\Desktop\FRST.txt
2015-01-23 21:27 - 2015-01-23 21:27 - 00000000 ____D () C:\FRST
2015-01-23 21:25 - 2015-01-23 21:25 - 02126848 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-01-23 21:23 - 2015-01-23 21:23 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2015-01-23 21:23 - 2015-01-23 21:23 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2015-01-23 21:22 - 2015-01-23 21:22 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2015-01-23 21:19 - 2015-01-23 21:20 - 00000036 _____ () C:\Users\Daniel\Desktop\Neues Textdokument (2).txt
2015-01-23 21:15 - 2015-01-23 21:16 - 00000000 ____D () C:\Users\Daniel\Desktop\mist
2015-01-23 20:53 - 2015-01-23 20:53 - 00000542 _____ () C:\Users\Daniel\Desktop\Neues Textdokument.txt
2015-01-23 20:22 - 2015-01-23 21:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-23 20:22 - 2015-01-23 20:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 20:22 - 2015-01-23 20:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 20:21 - 2015-01-23 20:21 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-23 20:19 - 2015-01-23 20:20 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.08.3.1004.exe
2015-01-23 15:17 - 2015-01-23 15:17 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Sirrix AG
2015-01-23 15:16 - 2015-01-23 15:16 - 00001259 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-01-23 15:16 - 2015-01-23 15:16 - 00001247 _____ () C:\Users\Public\Desktop\Browser in the Box.lnk
2015-01-23 15:16 - 2015-01-23 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\ProgramData\Sirrix AG
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\Program Files (x86)\Sirrix AG
2015-01-23 15:13 - 2014-12-12 16:02 - 00915864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-01-23 15:12 - 2015-01-23 15:12 - 00000000 ____D () C:\Program Files\Oracle
2015-01-23 15:12 - 2014-12-12 16:01 - 00127408 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-01-23 14:58 - 2015-01-23 15:09 - 575369736 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.0.0-r30.chrome.Archive.exe
2015-01-23 09:55 - 2015-01-23 09:55 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{20A8770E-0FBF-41E8-B5D8-CFFA66E715B2}
2015-01-22 15:52 - 2015-01-22 15:52 - 00003114 _____ () C:\Windows\System32\Tasks\{B91BDA59-9C0C-4BC2-833E-8CD34949DD65}
2015-01-22 10:27 - 2015-01-22 10:27 - 00001249 _____ () C:\Users\Public\Desktop\HP LJ M127128 Scan.lnk
2015-01-22 10:27 - 2015-01-22 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-22 10:27 - 2015-01-22 10:27 - 00000000 ____D () C:\Program Files\HP
2015-01-22 10:26 - 2015-01-22 10:26 - 00000275 _____ () C:\Windows\system32\AddPort.ini
2015-01-22 10:26 - 2015-01-22 10:26 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-01-22 10:24 - 2015-01-22 10:27 - 00000000 ____D () C:\Program Files (x86)\HP
2015-01-22 10:21 - 2015-01-22 10:27 - 00000000 ____D () C:\ProgramData\HP
2015-01-22 10:20 - 2013-06-17 23:51 - 00957264 _____ (Hewlett-Packard) C:\Windows\system32\hpptsplj127128_x64.dll
2015-01-22 10:20 - 2013-06-17 23:51 - 00789328 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hpptsplj127128.dll
2015-01-22 10:20 - 2013-06-17 23:51 - 00528208 _____ (Hewlett-Packard) C:\Windows\system32\hpwia2_lj127128.dll
2015-01-22 10:20 - 2013-04-05 15:31 - 00557088 _____ (Hewlett-Packard) C:\Windows\system32\hpzjcd01.dll
2015-01-22 10:20 - 2010-10-21 22:15 - 00217656 _____ (Hewlett Packard) C:\Windows\system32\hppscancoins64.dll
2015-01-22 10:11 - 2015-01-22 10:11 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{44E5E5D6-85B1-4796-8B29-A0F2F3B36007}
2015-01-21 15:48 - 2015-01-21 15:48 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{4AE162B5-2750-4114-8628-0E86C313F9EF}
2015-01-19 10:52 - 2015-01-19 10:52 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{C4A40AE1-BDC3-4AB0-AD65-ADF45611B221}
2015-01-15 11:50 - 2015-01-15 11:50 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{CC82E834-C910-4FA2-8BE8-F251745AE941}
2015-01-14 23:32 - 2015-01-14 23:32 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{2A5A4728-C75A-4EA3-92F6-76FD84CC244D}
2015-01-13 22:33 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 22:33 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 22:33 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 22:33 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 22:33 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 22:33 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 22:32 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 22:32 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 22:32 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 22:32 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 22:32 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 22:32 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 22:32 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 22:13 - 2015-01-13 22:13 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{E4185D76-7414-41B7-A0BA-8959799C5417}
2015-01-12 21:52 - 2015-01-12 21:52 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{94723EA0-90D9-4F98-A0A6-B39D5A2A1EC6}
2015-01-11 17:54 - 2015-01-11 17:55 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{9426922B-ACF5-4E99-88F6-AE9A081B3AF9}
2015-01-10 18:39 - 2015-01-10 18:39 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{91A5E764-6CCD-48C9-A258-A9D24A40C7C1}
2015-01-10 10:54 - 2015-01-10 10:54 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{FCF1442E-86FB-4104-B32E-AD732586D8F1}
2015-01-09 22:15 - 2015-01-09 22:15 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{E5FCF343-3A8C-421D-AA6F-F8BBD8C739F6}
2015-01-09 09:28 - 2015-01-09 09:28 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{88D53900-6BC6-45F7-BF33-7012E1C1E8A0}
2015-01-08 11:05 - 2015-01-08 11:06 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{5BA64583-D02A-4030-A14A-9039C90B03E8}
2015-01-08 03:41 - 2015-01-08 03:41 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{EAA4E978-7004-4314-9788-9493125033D2}
2015-01-07 13:53 - 2015-01-07 13:53 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{C196F29C-E44D-48E8-A367-C1881E9CB2DB}
2015-01-07 00:32 - 2015-01-07 00:33 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{D6BD04B0-2D5F-4DB8-8619-6426FD751969}
2015-01-05 19:43 - 2015-01-05 19:43 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{97A40121-44E3-49B3-A4A4-7536DD2A8C49}
2015-01-02 18:37 - 2015-01-02 18:37 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{41BCEA74-E660-4966-AD5B-98DA2FA1C735}
2015-01-02 06:52 - 2015-01-02 06:52 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{F8D1E6B9-1A55-44B6-A38C-9F9BA3952DCA}
2014-12-31 12:35 - 2014-12-31 12:36 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{23A1CEB4-F60D-4728-97A0-28B4C8B70139}
2014-12-30 14:13 - 2014-12-30 14:13 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{3455279E-BD6B-4F01-B494-68A6CD59205E}
2014-12-30 13:51 - 2014-12-30 13:51 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{3844E661-41BB-4995-815F-23D80BC408F8}
2014-12-30 13:27 - 2014-12-30 13:28 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{F278B819-370D-4B95-8848-DC2787E2891B}
2014-12-29 20:45 - 2014-12-29 20:45 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{79D8113A-247D-4E04-8380-F5210D67EFEC}
2014-12-28 19:45 - 2015-01-08 11:00 - 00000000 ____D () C:\Users\Daniel\Neuer Ordner (2)...#
2014-12-28 19:04 - 2014-12-28 19:04 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{09E89F87-7D96-4935-B012-880D49A393BE}
2014-12-25 17:21 - 2014-12-25 17:22 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{96ECD87B-FF83-4E11-B991-6E377A1202A8}
2014-12-24 13:09 - 2014-12-24 13:10 - 00000000 ____D () C:\Users\Daniel\AppData\Local\{B8C7CA37-E2D6-418E-B339-3F2EFCBDB909}
2014-12-24 13:09 - 2014-12-24 13:09 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 13:00 - 2014-12-24 13:00 - 00000092 _____ () C:\Windows\brpcfx.ini
2014-12-24 13:00 - 2014-12-24 13:00 - 00000024 _____ () C:\Windows\Brpfx04a.ini
2014-12-24 12:58 - 2014-12-24 12:58 - 00000000 ____D () C:\Users\Public\Documents\BrFaxRx
2014-12-24 12:58 - 2014-12-24 12:58 - 00000000 ____D () C:\ProgramData\PCFaxTx
2014-12-24 12:58 - 2013-07-12 06:03 - 00251392 ____R (brother) C:\Windows\system32\NSSRH64.dll
2014-12-24 12:58 - 2013-07-03 03:46 - 00065024 ____R (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2014-12-24 12:58 - 2013-03-08 07:45 - 00059904 ____R (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2014-12-24 12:58 - 2013-03-08 07:44 - 00087040 ____R (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2014-12-24 12:58 - 2012-12-12 11:37 - 00318464 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrFaxTxAppRun64.dll
2014-12-24 12:58 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2014-12-24 12:57 - 2015-01-14 23:44 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-12-24 12:34 - 2014-12-24 12:53 - 00000000 ____D () C:\ProgramData\Brother

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 21:25 - 2011-08-01 16:03 - 01247324 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 21:23 - 2011-08-01 16:11 - 00000000 ____D () C:\Users\Daniel
2015-01-23 21:22 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:22 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:17 - 2013-01-19 10:48 - 00000000 ____D () C:\ProgramData\TwonkyServer
2015-01-23 21:16 - 2012-05-16 21:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 21:16 - 2012-01-25 21:04 - 00000000 ____D () C:\Users\Daniel\Documents\Mein Steuer-Sparbuch Heute
2015-01-23 21:13 - 2011-08-01 16:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 21:12 - 2010-11-21 04:47 - 01176508 _____ () C:\Windows\PFRO.log
2015-01-23 21:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 21:12 - 2009-07-14 05:51 - 00142060 _____ () C:\Windows\setupact.log
2015-01-23 21:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SchCache
2015-01-23 20:53 - 2011-08-01 16:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 20:09 - 2014-10-27 04:57 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NPE
2015-01-23 20:01 - 2014-11-13 19:38 - 00000000 ____D () C:\NPE
2015-01-23 15:44 - 2012-07-14 01:26 - 00137216 ___SH () C:\Users\Daniel\Thumbs.db
2015-01-23 14:41 - 2011-08-01 16:06 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-23 10:23 - 2011-08-07 00:29 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{62FB66EF-804C-4875-A0F6-44EE189A54B6}
2015-01-23 09:16 - 2012-05-16 21:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 09:16 - 2012-05-16 21:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 09:16 - 2011-05-20 23:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 13:42 - 2014-09-15 08:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-22 13:42 - 2011-05-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-22 04:15 - 2014-06-08 13:30 - 00000000 ____D () C:\Users\Daniel\Neuer Ordner (2)
2015-01-14 23:46 - 2014-08-16 19:54 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2015-01-14 23:42 - 2011-05-21 00:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-14 07:25 - 2013-07-14 19:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 07:11 - 2011-05-20 22:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 13:03 - 2012-02-12 12:33 - 00000000 ____D () C:\Users\Gast
2014-12-30 13:23 - 2014-01-05 17:12 - 00000000 ____D () C:\Users\Daniel\Arbeit
2014-12-29 20:44 - 2014-11-16 18:44 - 00000000 ____D () C:\Users\Daniel\Desktop\manu
2014-12-29 09:42 - 2011-08-02 19:26 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2014-12-28 19:19 - 2014-11-07 17:20 - 00000000 ____D () C:\Users\Daniel\Documents\Outlook-Dateien

==================== Files in the root of some directories =======
2014-08-24 08:54 - 2014-08-07 18:47 - 0000034 _____ () C:\Users\Daniel\AppData\Roaming\pdfdrawcodec.dll
2012-11-07 18:46 - 2012-11-07 18:46 - 0000168 _____ () C:\Users\Daniel\AppData\Local\270384221183696e666f
2012-11-07 18:46 - 2012-11-07 18:46 - 0000173 _____ () C:\Users\Daniel\AppData\Local\75736572696e666f
2011-10-15 16:46 - 2011-10-15 16:47 - 0012800 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-02 08:59 - 2013-06-02 08:59 - 0000001 _____ () C:\Users\Daniel\AppData\Local\llftool.4.12.agreement
2012-03-30 22:36 - 2012-03-30 22:36 - 0001525 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20120330.233600.txt
2012-05-07 11:03 - 2012-05-07 11:03 - 0001548 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20120507.120315.txt
2012-06-19 22:52 - 2012-06-19 22:53 - 0001525 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20120619.235259.txt
2013-05-09 15:46 - 2013-05-09 15:46 - 0001551 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20130509.164627.txt

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\_is8320.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 22:06

==================== End Of Log ============================
         
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Daniel at 2015-01-23 21:28:58
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Airport Simulator (HKLM-x32\...\AirportSimulator_is1) (Version: 1.0 - Layernet)
Airport Tycoon 2 Demo (HKLM-x32\...\InstallShield_{ECADB01B-4ECA-47E9-BDCE-0CDEA6D34E21}) (Version: 1.00.0000 - Sunstorm Interactive)
Airport Tycoon 2 Demo (x32 Version: 1.00.0000 - Sunstorm Interactive) Hidden
Airport Tycoon 3 Demo (HKLM-x32\...\InstallShield_{D831BD9F-40D1-4959-B978-62B5B9486670}) (Version: 1.00.0000 - Global Star Software)
Airport Tycoon 3 Demo (x32 Version: 1.00.0000 - Global Star Software) Hidden
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.3.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.1 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1995652334.48.56.10620274 - Audible, Inc.)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.0.0-r30 - Sirrix AG)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.1.588 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deaktivierungs-Add-on für Browser von Google Analytics (HKLM\...\{9F540EA8-086E-4D53-B845-A06E6903DED6}) (Version: 0.9.6.0 - Google Inc.)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version:  - )
Die Sims™ 2 Super Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Text Pad (HKLM-x32\...\Free Text Pad) (Version: 1.0 - Zenith Technology Limited)
Fund Manager (HKLM-x32\...\Fund Manager) (Version:  - Beiley Software)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 4.12 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version:  - HDDGURU)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 8.0.13295.984 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM128DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
MediaManager (HKLM-x32\...\MediaManager) (Version: 3.0.3 (60) - PacketVideo)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\SkyDriveSetup.exe) (Version: 17.0.2011.0627 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version:  - )
OpenTTD 1.2.1 (HKLM-x32\...\OpenTTD) (Version: 1.2.1 - OpenTTD)
Oracle VM VirtualBox 4.3.20_Sirrix (HKLM\...\{F529EE99-7FEA-4B6B-8668-3290927669C2}) (Version: 4.3.20 - Sirrix AG)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFBearbeiten V2.1 (HKLM-x32\...\PDFBearbeiten_is1) (Version:  - hxxp://www.PDFBearbeiten.net)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6334 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
Teledat 300 USB Treiber (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version:  - )
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VR-pulse Installer (HKLM\...\{D3836C5E-6824-4C9F-9B45-09C989B13EF6}) (Version: 1.5.1.0 - American Megatrends Inc.)
watchmi (HKLM-x32\...\{AA4D1C5E-116A-4FF4-AA91-28F526868203}) (Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2012 (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.03.7334 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\{CFE7C9FC-546F-4C94-9E26-2E51BBEDB408}) (Version: 21.04.8571 - Buhl Data Service GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

Could not list restore points.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AFA43CD-486C-4E77-AA87-3012B33B0680} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2AB7068B-C2B6-4E27-BB7E-02659BC3B21D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {2EC87DB0-F995-4D13-ACB8-D05A93FE9A60} - System32\Tasks\{30064661-2261-4E4C-A1E6-5C690C87F2B0} => C:\Program Files (x86)\Analog Devices\Teledat 300 USB Treiber\DSLMON.exe
Task: {4098B725-04F6-465C-AD09-40D35A0F005B} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {40F91377-6907-42D8-B202-DF6AC835B46B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {52503587-22F1-4441-9E1C-EB64C4D8D32E} - System32\Tasks\{939A43A0-8C89-42C9-990F-639CE9CB15BD} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Analog Devices\Teledat 300 USB Treiber\DSLMON.exe"
Task: {5F7220C7-2716-4F3D-AC36-E58522DFFE08} - System32\Tasks\{A9E044F4-88B7-40BB-9C34-6D9A215DA5B6} => C:\Program Files (x86)\Analog Devices\Teledat 300 USB Treiber\DSLMON.exe
Task: {67290EF2-2532-4B1E-9AB5-E97D2D230ED9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {76A0EA5C-DF41-47B8-B5FD-BAA6225AA409} - System32\Tasks\{B91BDA59-9C0C-4BC2-833E-8CD34949DD65} => pcalua.exe -a C:\Users\Daniel\AppData\Local\Temp\jre-8u31-windows-au.exe
Task: {7CD467B4-777F-49F0-B6D5-5411F78394D9} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {7E1DEFC1-5D9A-4917-89FD-4ABF79C9CB4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8D379CF6-EC9A-477E-8CF8-40E52EF3BC77} - System32\Tasks\{E0CC31F6-565A-424A-93EC-11D6DD83863A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" -c deinst
Task: {9167BE81-0A9E-44D0-AACE-E97AF7054276} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {B6B24EB4-B141-450F-B797-21AE38ABB5DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {D56314C1-CD41-4B77-8399-A44D67033D7D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {D77399EE-6C6B-4FA6-A30A-326FA85F30B9} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E9DAC121-8343-4643-9EAA-27FF04648B23} - System32\Tasks\4770 => Wscript.exe C:\Users\Daniel\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {F757D33A-3022-428F-AE8A-AFCBEEFDA570} - System32\Tasks\{DDD1F654-457B-4C00-8B20-5B40141ACF2E} => pcalua.exe -a E:\Software\Teledat\Setup.exe -d E:\Software\Teledat
Task: {FD98FF6B-6646-4EEA-B4BD-EA95EBB4AF95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-03-16 06:44 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-12 19:24 - 2014-09-05 08:40 - 00138272 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2014-12-12 19:24 - 2014-09-05 08:40 - 00219680 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2011-05-23 16:57 - 2010-12-14 10:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-07-09 19:50 - 2012-07-09 19:50 - 00271176 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
2010-12-06 11:52 - 2010-12-06 11:52 - 00062464 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2011-08-01 16:08 - 2011-08-01 16:08 - 00061952 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.5.0.5__f722db7bec59a14b\Tvd.Remote.dll
2011-08-01 16:08 - 2011-08-01 16:08 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2011-08-01 16:08 - 2011-08-01 16:08 - 00078848 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.5.0.5__f722db7bec59a14b\Tvd.Reporting.dll
2011-08-01 16:08 - 2011-08-01 16:08 - 00148480 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.5.0.5__f722db7bec59a14b\Tvd.Aprico.dll
2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-05-28 11:39 - 2011-05-21 09:32 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-12 16:02 - 2014-12-12 16:02 - 00383336 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2014-12-12 16:02 - 2014-12-12 16:02 - 05884048 _____ () C:\Program Files\Oracle\VirtualBox\VBoxRT.dll
2010-12-23 11:06 - 2010-12-23 11:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 16:03 - 2014-06-30 16:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2015-01-23 14:41 - 2015-01-21 04:50 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\libglesv2.dll
2015-01-23 14:41 - 2015-01-21 04:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\libegl.dll
2015-01-23 14:41 - 2015-01-21 04:50 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\pdf.dll
2014-02-15 15:29 - 2014-02-15 15:29 - 01853440 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtCore.pyd
2014-02-15 15:25 - 2014-02-15 15:25 - 00110592 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pyside-python2.7.dll
2014-02-15 15:24 - 2014-02-15 15:24 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\shiboken-python2.7.dll
2014-02-15 15:47 - 2014-02-15 15:47 - 06947328 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtGui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00042496 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32service.pyd
2014-04-30 08:25 - 2014-04-30 08:25 - 00036352 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_psutil_windows.pyd
2014-12-12 16:02 - 2014-12-12 16:02 - 04520816 _____ () C:\Program Files\Oracle\VirtualBox\x86\VBoxRT-x86.dll
2014-04-14 15:06 - 2014-04-14 15:06 - 00055510 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser._pacparser.pyd
2014-04-14 15:06 - 2014-04-14 15:06 - 00976827 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2189779353-2093667472-534821050-500 - Administrator - Disabled)
BitBox (S-1-5-21-2189779353-2093667472-534821050-1005 - Limited - Enabled)
Daniel (S-1-5-21-2189779353-2093667472-534821050-1000 - Administrator - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-2189779353-2093667472-534821050-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2189779353-2093667472-534821050-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2015 06:28:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 06:23:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 06:15:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 06:10:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 03:11:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service TwonkyServer since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (01/23/2015 03:11:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service TwonkyProxy since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (01/23/2015 01:02:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 00:57:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 00:53:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 00:47:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "Boot (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)


System errors:
=============
Error: (01/23/2015 09:38:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:38:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:37:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:37:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:36:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:36:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:35:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:35:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:34:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126

Error: (01/23/2015 09:34:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%126


Microsoft Office Sessions:
=========================
Error: (01/23/2015 06:28:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 06:23:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 06:15:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 06:10:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 03:11:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service TwonkyServer since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (01/23/2015 03:11:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service TwonkyProxy since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (01/23/2015 01:02:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 00:57:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 00:53:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (01/23/2015 00:47:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Boot (C:)Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 48%
Total physical RAM: 4003 MB
Available physical RAM: 2064.21 MB
Total Pagefile: 8004.19 MB
Available Pagefile: 5735.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.54 GB) (Free:281.38 GB) NTFS
Drive d: (Recover) (Fixed) (Total:37.99 GB) (Free:14.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=657.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
GMER:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-23 22:15:37
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE4O 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\Daniel\AppData\Local\Temp\uxrirpod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 448                                                                                     fffff800031bc000 26 bytes [41, 0C, 48, 85, C0, 0F, 84, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 475                                                                                     fffff800031bc01b 55 bytes {ADC [RAX], AL; ADD [RAX], AL; JMP 0xfffffffffffab059}

---- User code sections - GMER 2.1 ----

.text     C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe[1720] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                            0000000074c11465 2 bytes [C1, 74]
.text     C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe[1720] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                           0000000074c114bb 2 bytes [C1, 74]
.text     ...                                                                                                                                                    * 2
.text     C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe[2548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                              0000000074c11465 2 bytes [C1, 74]
.text     C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe[2548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                             0000000074c114bb 2 bytes [C1, 74]
.text     ...                                                                                                                                                    * 2
?         C:\Windows\system32\mssprxy.dll [2796] entry point in ".rdata" section                                                                                 00000000745771e6
.text     C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000074c11465 2 bytes [C1, 74]
.text     C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000074c114bb 2 bytes [C1, 74]
.text     ...                                                                                                                                                    * 2
.text     C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                      0000000074c11465 2 bytes [C1, 74]
.text     C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                     0000000074c114bb 2 bytes [C1, 74]
.text     ...                                                                                                                                                    * 2
.text     C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxTrayapp.exe[1268] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                            0000000074c11465 2 bytes [C1, 74]
.text     C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxTrayapp.exe[1268] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                           0000000074c114bb 2 bytes [C1, 74]
.text     ...                                                                                                                                                    * 2

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77370eec45                                                                            
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77379f524e                                                                            
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77379f524e@a04e04e46f3a                                                               0x2D 0x35 0x95 0xA5 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77379f524e@001de967ce75                                                               0x2E 0xA6 0xCC 0xF8 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77379f524e@0022fdd40367                                                               0x8D 0x7E 0x76 0x2B ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77379f524e@a04e043ae46f                                                               0xA0 0xC4 0x95 0x69 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                                                        87474
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77370eec45 (not active ControlSet)                                                        
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77379f524e (not active ControlSet)                                                        
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77379f524e@a04e04e46f3a                                                                   0x2D 0x35 0x95 0xA5 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77379f524e@001de967ce75                                                                   0x2E 0xA6 0xCC 0xF8 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77379f524e@0022fdd40367                                                                   0x8D 0x7E 0x76 0x2B ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77379f524e@a04e043ae46f                                                                   0xA0 0xC4 0x95 0x69 ...

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                                                                                  unknown MBR code

---- EOF - GMER 2.1 ----
         
Was muss ich nun tun?
Über Hilfe bin ich sehr dankbar, da dass alles hier relativ böhmische Dörfer für mich sind...

Grüße

Daniel

Alt 23.01.2015, 23:01   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Hi,

Frage vorab:

Irgendwelche Probleme mit verschlüsselten, nicht mehr zu öffnenden Daten? Wenn nein, alles an sensiblen Daten extern sichern.
__________________

__________________

Alt 24.01.2015, 00:51   #3
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Hi,

keine verschlüsselten Dateien vorhanden, alles Wichtige habe ich auf ne externe Platte gezogen.
__________________

Alt 24.01.2015, 11:03   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.01.2015, 11:31   #5
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Hi,

erstmal ein herzliches Dankeschön für deine prompten Antworten =)

Hier die Log:

Code:
ATTFilter
11:24:28.0811 0x0928  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:24:58.0143 0x0928  ============================================================
11:24:58.0143 0x0928  Current date / time: 2015/01/24 11:24:58.0143
11:24:58.0143 0x0928  SystemInfo:
11:24:58.0143 0x0928  
11:24:58.0143 0x0928  OS Version: 6.1.7601 ServicePack: 1.0
11:24:58.0143 0x0928  Product type: Workstation
11:24:58.0143 0x0928  ComputerName: DANIEL-PC
11:24:58.0144 0x0928  UserName: Daniel
11:24:58.0144 0x0928  Windows directory: C:\Windows
11:24:58.0144 0x0928  System windows directory: C:\Windows
11:24:58.0144 0x0928  Running under WOW64
11:24:58.0144 0x0928  Processor architecture: Intel x64
11:24:58.0144 0x0928  Number of processors: 4
11:24:58.0144 0x0928  Page size: 0x1000
11:24:58.0144 0x0928  Boot type: Normal boot
11:24:58.0144 0x0928  ============================================================
11:24:59.0126 0x0928  KLMD registered as C:\Windows\system32\drivers\85328895.sys
11:25:00.0263 0x0928  System UUID: {00EB5701-1FBD-386B-7182-ECEDA45AB08E}
11:25:00.0909 0x0928  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:25:00.0922 0x0928  ============================================================
11:25:00.0922 0x0928  \Device\Harddisk0\DR0:
11:25:00.0923 0x0928  MBR partitions:
11:25:00.0923 0x0928  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:25:00.0923 0x0928  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x52312800
11:25:00.0947 0x0928  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x52345800, BlocksNum 0x4BFD000
11:25:00.0979 0x0928  ============================================================
11:25:01.0027 0x0928  C: <-> \Device\Harddisk0\DR0\Partition2
11:25:01.0077 0x0928  D: <-> \Device\Harddisk0\DR0\Partition3
11:25:01.0077 0x0928  ============================================================
11:25:01.0077 0x0928  Initialize success
11:25:01.0077 0x0928  ============================================================
11:26:06.0109 0x0718  ============================================================
11:26:06.0109 0x0718  Scan started
11:26:06.0109 0x0718  Mode: Manual; SigCheck; TDLFS; 
11:26:06.0109 0x0718  ============================================================
11:26:06.0109 0x0718  KSN ping started
11:26:09.0801 0x0718  KSN ping finished: true
11:26:12.0276 0x0718  ================ Scan system memory ========================
11:26:12.0276 0x0718  System memory - ok
11:26:12.0279 0x0718  ================ Scan services =============================
11:26:12.0489 0x0718  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:26:12.0614 0x0718  1394ohci - ok
11:26:12.0702 0x0718  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:26:12.0742 0x0718  ACPI - ok
11:26:12.0787 0x0718  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:26:12.0885 0x0718  AcpiPmi - ok
11:26:13.0024 0x0718  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:26:13.0059 0x0718  AdobeARMservice - ok
11:26:13.0226 0x0718  [ 73F937DCC68E13C752D59FE33BE62FC5, 60F6ED81FCB3655372A87311296E79139F9FA41B7A1473F54422EAD2C592C04C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:26:13.0253 0x0718  AdobeFlashPlayerUpdateSvc - ok
11:26:13.0364 0x0718  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:26:13.0409 0x0718  adp94xx - ok
11:26:13.0485 0x0718  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:26:13.0520 0x0718  adpahci - ok
11:26:13.0547 0x0718  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:26:13.0565 0x0718  adpu320 - ok
11:26:13.0599 0x0718  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:26:13.0808 0x0718  AeLookupSvc - ok
11:26:13.0887 0x0718  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
11:26:13.0989 0x0718  AFD - ok
11:26:14.0061 0x0718  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:26:14.0109 0x0718  agp440 - ok
11:26:14.0149 0x0718  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:26:14.0238 0x0718  ALG - ok
11:26:14.0300 0x0718  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:26:14.0333 0x0718  aliide - ok
11:26:14.0376 0x0718  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:26:14.0407 0x0718  amdide - ok
11:26:14.0483 0x0718  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:26:14.0556 0x0718  AmdK8 - ok
11:26:14.0585 0x0718  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:26:14.0650 0x0718  AmdPPM - ok
11:26:14.0696 0x0718  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:26:14.0720 0x0718  amdsata - ok
11:26:14.0753 0x0718  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:26:14.0772 0x0718  amdsbs - ok
11:26:14.0786 0x0718  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:26:14.0801 0x0718  amdxata - ok
11:26:14.0852 0x0718  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
11:26:15.0119 0x0718  AppID - ok
11:26:15.0164 0x0718  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:26:15.0238 0x0718  AppIDSvc - ok
11:26:15.0347 0x0718  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
11:26:15.0454 0x0718  Appinfo - ok
11:26:15.0484 0x0718  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:26:15.0501 0x0718  arc - ok
11:26:15.0529 0x0718  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:26:15.0546 0x0718  arcsas - ok
11:26:15.0700 0x0718  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:26:15.0763 0x0718  aspnet_state - ok
11:26:15.0794 0x0718  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:26:15.0895 0x0718  AsyncMac - ok
11:26:15.0947 0x0718  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:26:15.0961 0x0718  atapi - ok
11:26:16.0039 0x0718  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
11:26:16.0089 0x0718  atksgt - ok
11:26:16.0185 0x0718  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:26:16.0288 0x0718  AudioEndpointBuilder - ok
11:26:16.0365 0x0718  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:26:16.0408 0x0718  AudioSrv - ok
11:26:16.0447 0x0718  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:26:16.0567 0x0718  AxInstSV - ok
11:26:16.0631 0x0718  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:26:16.0720 0x0718  b06bdrv - ok
11:26:16.0776 0x0718  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:26:16.0832 0x0718  b57nd60a - ok
11:26:16.0883 0x0718  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:26:16.0962 0x0718  BDESVC - ok
11:26:17.0004 0x0718  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:26:17.0093 0x0718  Beep - ok
11:26:17.0169 0x0718  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:26:17.0267 0x0718  BFE - ok
11:26:17.0518 0x0718  [ 5B474BB95B8C7B9D15E82390F9A4FE75, F211E0E5286574BD200D8EBC9DD80A23E8323326625038F64354E87B5D542CF1 ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20150106.001\BHDrvx64.sys
11:26:17.0581 0x0718  BHDrvx64 - ok
11:26:17.0892 0x0718  [ 4F3167250B32F5EF02522CF67A31E9F3, A74A7F8AD944E0244075AAEC1DA1F0E729CC66F105A39B5385D003B1B65AAAEF ] BitBoxService   C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
11:26:17.0946 0x0718  BitBoxService - detected UnsignedFile.Multi.Generic ( 1 )
11:26:20.0655 0x0718  Detect skipped due to KSN trusted
11:26:20.0655 0x0718  BitBoxService - ok
11:26:20.0760 0x0718  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:26:20.0934 0x0718  BITS - ok
11:26:20.0975 0x0718  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:26:21.0029 0x0718  blbdrive - ok
11:26:21.0161 0x0718  [ 832314A5AC804DEE429A009A3D41B99B, 8F8D8C376F9FA6459E5856EB7F5575960133AC0B876EEF28DA131BAD71CAB14E ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:26:21.0202 0x0718  Bluetooth Device Monitor - ok
11:26:21.0267 0x0718  [ 35C701C5A286543973F0FC8BC195515E, 6FF6034C72BD1287954D7A27F48957700E20FDF30BF6576A9693164A4E49F78D ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:26:21.0318 0x0718  Bluetooth Media Service - ok
11:26:21.0383 0x0718  [ A475D68B03FEBF6C371F0D9644C2E12D, 6CC4276D104B75DDCC788C1929E6A725EECC73F0AEFE234B5EC7E7852066CDCB ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:26:21.0426 0x0718  Bluetooth OBEX Service - ok
11:26:21.0470 0x0718  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:26:21.0551 0x0718  bowser - ok
11:26:21.0595 0x0718  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:26:21.0668 0x0718  BrFiltLo - ok
11:26:21.0700 0x0718  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:26:21.0736 0x0718  BrFiltUp - ok
11:26:21.0787 0x0718  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:26:21.0864 0x0718  Browser - ok
11:26:21.0932 0x0718  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:26:22.0065 0x0718  Brserid - ok
11:26:22.0122 0x0718  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:26:22.0182 0x0718  BrSerWdm - ok
11:26:22.0228 0x0718  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:26:22.0274 0x0718  BrUsbMdm - ok
11:26:22.0313 0x0718  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:26:22.0348 0x0718  BrUsbSer - ok
11:26:22.0381 0x0718  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:26:22.0462 0x0718  BthEnum - ok
11:26:22.0516 0x0718  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:26:22.0574 0x0718  BTHMODEM - ok
11:26:22.0629 0x0718  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:26:22.0688 0x0718  BthPan - ok
11:26:22.0735 0x0718  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:26:22.0824 0x0718  BTHPORT - ok
11:26:22.0878 0x0718  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:26:22.0965 0x0718  bthserv - ok
11:26:22.0995 0x0718  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:26:23.0035 0x0718  BTHUSB - ok
11:26:23.0090 0x0718  [ BA554BFCBF21201D310738A42C9C19E1, 336925BFEB9ECCE94255F6D46388CED95A207392DE9E6211A5EE28B409C526D9 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
11:26:23.0121 0x0718  btmaux - ok
11:26:23.0162 0x0718  [ 0010A54571F525A97EED8C091E96EAA9, 6BA69BD0BEAFAF0385C53E2FEB3C7E19DA797C4C732F60600243F2B79B6CDC64 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
11:26:23.0236 0x0718  btmhsf - ok
11:26:23.0328 0x0718  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys
11:26:23.0358 0x0718  ccSet_N360 - ok
11:26:23.0406 0x0718  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:26:23.0506 0x0718  cdfs - ok
11:26:23.0572 0x0718  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:26:23.0649 0x0718  cdrom - ok
11:26:23.0729 0x0718  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:26:23.0815 0x0718  CertPropSvc - ok
11:26:23.0855 0x0718  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:26:23.0896 0x0718  circlass - ok
11:26:23.0965 0x0718  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
11:26:23.0999 0x0718  CLFS - ok
11:26:24.0470 0x0718  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
11:26:24.0620 0x0718  ClickToRunSvc - ok
11:26:24.0684 0x0718  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:26:24.0722 0x0718  clr_optimization_v2.0.50727_32 - ok
11:26:24.0769 0x0718  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:26:24.0797 0x0718  clr_optimization_v2.0.50727_64 - ok
11:26:24.0944 0x0718  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:26:25.0127 0x0718  clr_optimization_v4.0.30319_32 - ok
11:26:25.0159 0x0718  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:26:25.0278 0x0718  clr_optimization_v4.0.30319_64 - ok
11:26:25.0328 0x0718  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
11:26:25.0357 0x0718  clwvd - ok
11:26:25.0394 0x0718  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:26:25.0450 0x0718  CmBatt - ok
11:26:25.0486 0x0718  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:26:25.0508 0x0718  cmdide - ok
11:26:25.0599 0x0718  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
11:26:25.0648 0x0718  CNG - ok
11:26:25.0685 0x0718  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:26:25.0699 0x0718  Compbatt - ok
11:26:25.0721 0x0718  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:26:25.0757 0x0718  CompositeBus - ok
11:26:25.0772 0x0718  COMSysApp - ok
11:26:25.0939 0x0718  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:26:25.0979 0x0718  cphs - ok
11:26:26.0022 0x0718  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:26:26.0051 0x0718  crcdisk - ok
11:26:26.0140 0x0718  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:26:26.0205 0x0718  CryptSvc - ok
11:26:26.0422 0x0718  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:26:26.0464 0x0718  cvhsvc - ok
11:26:26.0528 0x0718  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:26:26.0636 0x0718  DcomLaunch - ok
11:26:26.0698 0x0718  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:26:26.0778 0x0718  defragsvc - ok
11:26:26.0815 0x0718  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:26:26.0872 0x0718  DfsC - ok
11:26:26.0920 0x0718  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:26:27.0007 0x0718  Dhcp - ok
11:26:27.0037 0x0718  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:26:27.0119 0x0718  discache - ok
11:26:27.0172 0x0718  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:26:27.0200 0x0718  Disk - ok
11:26:27.0261 0x0718  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:26:27.0353 0x0718  Dnscache - ok
11:26:27.0416 0x0718  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:26:27.0487 0x0718  dot3svc - ok
11:26:27.0541 0x0718  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:26:27.0612 0x0718  Dot4 - ok
11:26:27.0714 0x0718  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:26:27.0741 0x0718  Dot4Print - ok
11:26:27.0782 0x0718  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:26:27.0821 0x0718  dot4usb - ok
11:26:27.0893 0x0718  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:26:27.0950 0x0718  DPS - ok
11:26:28.0039 0x0718  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:26:28.0156 0x0718  drmkaud - ok
11:26:28.0512 0x0718  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:26:28.0556 0x0718  DXGKrnl - ok
11:26:28.0621 0x0718  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:26:28.0713 0x0718  EapHost - ok
11:26:28.0891 0x0718  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:26:29.0066 0x0718  ebdrv - ok
11:26:29.0196 0x0718  [ 47A68B3DBBB34D4FE61DE221A8536627, BC61CE4BD4F3A12C75BA6EB9D239F24CD3F54495DE9D6C901F4DAF5D92E8366B ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:26:29.0224 0x0718  eeCtrl - ok
11:26:29.0288 0x0718  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
11:26:29.0351 0x0718  EFS - ok
11:26:29.0443 0x0718  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:26:29.0526 0x0718  ehRecvr - ok
11:26:29.0551 0x0718  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:26:29.0621 0x0718  ehSched - ok
11:26:29.0686 0x0718  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:26:29.0720 0x0718  elxstor - ok
11:26:29.0776 0x0718  [ B9773081AAF65E6D553496BA0CADCBB3, 3A77A12544755BFA1ABAA6DC53E5F03522627F57EF7092E3CC54C6431C75076A ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:26:29.0791 0x0718  EraserUtilRebootDrv - ok
11:26:29.0809 0x0718  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:26:29.0855 0x0718  ErrDev - ok
11:26:30.0012 0x0718  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:26:30.0090 0x0718  EventSystem - ok
11:26:30.0293 0x0718  [ 54FC81B0162478A72A93DBBEAFB35671, 1C0FA242E81105E2BB839ED32119DAF012FA4A3DB5D0E079350449CBB0CBF033 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:26:30.0350 0x0718  EvtEng - ok
11:26:30.0387 0x0718  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:26:30.0468 0x0718  exfat - ok
11:26:30.0480 0x0718  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:26:30.0540 0x0718  fastfat - ok
11:26:30.0615 0x0718  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:26:30.0696 0x0718  Fax - ok
11:26:30.0746 0x0718  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:26:30.0788 0x0718  fdc - ok
11:26:30.0812 0x0718  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:26:30.0900 0x0718  fdPHost - ok
11:26:30.0904 0x0718  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:26:30.0953 0x0718  FDResPub - ok
11:26:30.0989 0x0718  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:26:31.0004 0x0718  FileInfo - ok
11:26:31.0008 0x0718  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:26:31.0081 0x0718  Filetrace - ok
11:26:31.0124 0x0718  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:26:31.0140 0x0718  flpydisk - ok
11:26:31.0168 0x0718  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:26:31.0190 0x0718  FltMgr - ok
11:26:31.0246 0x0718  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:26:31.0305 0x0718  FontCache - ok
11:26:31.0332 0x0718  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:26:31.0345 0x0718  FontCache3.0.0.0 - ok
11:26:31.0353 0x0718  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:26:31.0367 0x0718  FsDepends - ok
11:26:31.0406 0x0718  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:26:31.0419 0x0718  Fs_Rec - ok
11:26:31.0451 0x0718  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:26:31.0475 0x0718  fvevol - ok
11:26:31.0525 0x0718  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:26:31.0566 0x0718  gagp30kx - ok
11:26:31.0657 0x0718  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:26:31.0741 0x0718  gpsvc - ok
11:26:31.0838 0x0718  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:26:31.0869 0x0718  gupdate - ok
11:26:31.0945 0x0718  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:26:31.0978 0x0718  gupdatem - ok
11:26:32.0009 0x0718  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:26:32.0078 0x0718  hcw85cir - ok
11:26:32.0108 0x0718  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:26:32.0168 0x0718  HdAudAddService - ok
11:26:32.0233 0x0718  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:26:32.0292 0x0718  HDAudBus - ok
11:26:32.0312 0x0718  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:26:32.0352 0x0718  HidBatt - ok
11:26:32.0376 0x0718  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:26:32.0421 0x0718  HidBth - ok
11:26:32.0448 0x0718  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:26:32.0467 0x0718  HidIr - ok
11:26:32.0494 0x0718  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:26:32.0578 0x0718  hidserv - ok
11:26:32.0644 0x0718  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:26:32.0701 0x0718  HidUsb - ok
11:26:32.0865 0x0718  [ DD1257979C6D4627872455267A09FFD2, 3C63CFB678E139431F4A64B196BD7D2DEB76C4293D5E196114D56FFE74874D93 ] HiSuiteOuc64.exe C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
11:26:32.0895 0x0718  HiSuiteOuc64.exe - ok
11:26:32.0929 0x0718  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:26:33.0032 0x0718  hkmsvc - ok
11:26:33.0061 0x0718  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:26:33.0135 0x0718  HomeGroupListener - ok
11:26:33.0177 0x0718  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:26:33.0224 0x0718  HomeGroupProvider - ok
11:26:33.0336 0x0718  [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
11:26:33.0367 0x0718  HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
11:26:36.0061 0x0718  Detect skipped due to KSN trusted
11:26:36.0062 0x0718  HP DS Service - ok
11:26:36.0144 0x0718  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:26:36.0171 0x0718  HpSAMD - ok
11:26:36.0206 0x0718  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:26:36.0294 0x0718  HTTP - ok
11:26:36.0367 0x0718  [ 963CC1755FDA21878EB599DE93392C6E, 5E66A1D4387385980A7C3F5A9912CBF3433D1D4F1CA57B5E30D14B280DF49A1C ] HuaweiHiSuiteService64.exe C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
11:26:36.0402 0x0718  HuaweiHiSuiteService64.exe - ok
11:26:36.0457 0x0718  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:26:36.0472 0x0718  hwpolicy - ok
11:26:36.0522 0x0718  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:26:36.0542 0x0718  i8042prt - ok
11:26:36.0628 0x0718  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:26:36.0661 0x0718  iaStor - ok
11:26:36.0761 0x0718  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:26:36.0790 0x0718  IAStorDataMgrSvc - ok
11:26:36.0849 0x0718  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:26:36.0883 0x0718  iaStorV - ok
11:26:36.0906 0x0718  [ 50B8AB6013EF9970AC85FDBA0F622300, 8E52098830DCF8E35286AFE73047AB00C2F10A139E405A05364F819978F1CBB3 ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:26:36.0941 0x0718  iBtFltCoex - ok
11:26:37.0055 0x0718  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:26:37.0172 0x0718  idsvc - ok
11:26:37.0366 0x0718  [ 77095B7820F1690A5A9DE26AF6819F20, D1A17BB9635F552C8780CE9921091D5FAEAD54DF11C8DB42253A3CE4A8FEA561 ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20150123.001\IDSvia64.sys
11:26:37.0400 0x0718  IDSVia64 - ok
11:26:37.0418 0x0718  IEEtwCollectorService - ok
11:26:37.0682 0x0718  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:26:38.0049 0x0718  igfx - ok
11:26:38.0082 0x0718  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:26:38.0096 0x0718  iirsp - ok
11:26:38.0145 0x0718  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:26:38.0200 0x0718  IKEEXT - ok
11:26:38.0280 0x0718  [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:26:38.0311 0x0718  intaud_WaveExtensible - ok
11:26:38.0444 0x0718  [ 177B4E48C7A288E70779B42AB81D2D06, C62601CD8021FE72D8A76766093E25D4606CAE90C18300429AD552A494F32DFA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:26:38.0543 0x0718  IntcAzAudAddService - ok
11:26:38.0591 0x0718  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:26:38.0666 0x0718  IntcDAud - ok
11:26:38.0701 0x0718  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:26:38.0719 0x0718  intelide - ok
11:26:38.0754 0x0718  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:26:38.0791 0x0718  intelppm - ok
11:26:38.0836 0x0718  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:26:38.0931 0x0718  IPBusEnum - ok
11:26:38.0997 0x0718  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:26:39.0095 0x0718  IpFilterDriver - ok
11:26:39.0166 0x0718  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:26:39.0274 0x0718  iphlpsvc - ok
11:26:39.0303 0x0718  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:26:39.0333 0x0718  IPMIDRV - ok
11:26:39.0354 0x0718  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:26:39.0423 0x0718  IPNAT - ok
11:26:39.0465 0x0718  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:26:39.0505 0x0718  IRENUM - ok
11:26:39.0546 0x0718  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:26:39.0575 0x0718  isapnp - ok
11:26:39.0601 0x0718  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:26:39.0622 0x0718  iScsiPrt - ok
11:26:39.0667 0x0718  [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus          C:\Windows\system32\drivers\iwdbus.sys
11:26:39.0694 0x0718  iwdbus - ok
11:26:39.0737 0x0718  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:26:39.0766 0x0718  kbdclass - ok
11:26:39.0795 0x0718  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:26:39.0844 0x0718  kbdhid - ok
11:26:39.0866 0x0718  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
11:26:39.0882 0x0718  KeyIso - ok
11:26:39.0912 0x0718  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:26:39.0933 0x0718  KSecDD - ok
11:26:39.0962 0x0718  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:26:39.0980 0x0718  KSecPkg - ok
11:26:40.0021 0x0718  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:26:40.0076 0x0718  ksthunk - ok
11:26:40.0104 0x0718  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:26:40.0186 0x0718  KtmRm - ok
11:26:40.0218 0x0718  [ 6DD5383C9413AAE3113FAF89E345663D, 205760D46BF2B7011B7F32E85206C996D6D018D572BC61ED44671E5810144DCA ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
11:26:40.0231 0x0718  L1C - ok
11:26:40.0314 0x0718  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:26:40.0398 0x0718  LanmanServer - ok
11:26:40.0466 0x0718  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:26:40.0548 0x0718  LanmanWorkstation - ok
11:26:40.0611 0x0718  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
11:26:40.0640 0x0718  lirsgt - ok
11:26:40.0679 0x0718  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:26:40.0762 0x0718  lltdio - ok
11:26:40.0791 0x0718  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:26:40.0861 0x0718  lltdsvc - ok
11:26:40.0865 0x0718  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:26:40.0907 0x0718  lmhosts - ok
11:26:40.0954 0x0718  [ 5456DE5A8E11EDBD68BF19C70B0A8F58, 49CD27A3AE33D98FDD30CD28B6F29F165FF305D64ADABA624786E66662D82C87 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:26:40.0976 0x0718  LMS - ok
11:26:41.0010 0x0718  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:26:41.0026 0x0718  LSI_FC - ok
11:26:41.0042 0x0718  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:26:41.0058 0x0718  LSI_SAS - ok
11:26:41.0068 0x0718  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:26:41.0082 0x0718  LSI_SAS2 - ok
11:26:41.0109 0x0718  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:26:41.0125 0x0718  LSI_SCSI - ok
11:26:41.0166 0x0718  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:26:41.0211 0x0718  luafv - ok
11:26:41.0242 0x0718  massfilter - ok
11:26:41.0267 0x0718  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:26:41.0286 0x0718  Mcx2Svc - ok
11:26:41.0309 0x0718  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:26:41.0324 0x0718  megasas - ok
11:26:41.0361 0x0718  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:26:41.0383 0x0718  MegaSR - ok
11:26:41.0400 0x0718  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
11:26:41.0412 0x0718  MEIx64 - ok
11:26:41.0456 0x0718  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:26:41.0543 0x0718  MMCSS - ok
11:26:41.0561 0x0718  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:26:41.0625 0x0718  Modem - ok
11:26:41.0685 0x0718  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:26:41.0734 0x0718  monitor - ok
11:26:41.0776 0x0718  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:26:41.0827 0x0718  mouclass - ok
11:26:41.0888 0x0718  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:26:41.0968 0x0718  mouhid - ok
11:26:42.0013 0x0718  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:26:42.0046 0x0718  mountmgr - ok
11:26:42.0086 0x0718  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:26:42.0112 0x0718  mpio - ok
11:26:42.0150 0x0718  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:26:42.0208 0x0718  mpsdrv - ok
11:26:42.0254 0x0718  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:26:42.0338 0x0718  MpsSvc - ok
11:26:42.0379 0x0718  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:26:42.0427 0x0718  MRxDAV - ok
11:26:42.0471 0x0718  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:26:42.0609 0x0718  mrxsmb - ok
11:26:42.0653 0x0718  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:26:42.0725 0x0718  mrxsmb10 - ok
11:26:42.0760 0x0718  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:26:42.0815 0x0718  mrxsmb20 - ok
11:26:42.0846 0x0718  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:26:42.0875 0x0718  msahci - ok
11:26:42.0914 0x0718  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:26:42.0969 0x0718  msdsm - ok
11:26:42.0996 0x0718  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:26:43.0051 0x0718  MSDTC - ok
11:26:43.0082 0x0718  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:26:43.0141 0x0718  Msfs - ok
11:26:43.0166 0x0718  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:26:43.0227 0x0718  mshidkmdf - ok
11:26:43.0253 0x0718  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:26:43.0265 0x0718  msisadrv - ok
11:26:43.0286 0x0718  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:26:43.0350 0x0718  MSiSCSI - ok
11:26:43.0354 0x0718  msiserver - ok
11:26:43.0387 0x0718  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:26:43.0445 0x0718  MSKSSRV - ok
11:26:43.0448 0x0718  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:26:43.0502 0x0718  MSPCLOCK - ok
11:26:43.0505 0x0718  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:26:43.0630 0x0718  MSPQM - ok
11:26:43.0670 0x0718  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:26:43.0706 0x0718  MsRPC - ok
11:26:43.0733 0x0718  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:26:43.0747 0x0718  mssmbios - ok
11:26:43.0796 0x0718  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:26:43.0909 0x0718  MSTEE - ok
11:26:43.0921 0x0718  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:26:43.0976 0x0718  MTConfig - ok
11:26:44.0009 0x0718  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:26:44.0027 0x0718  Mup - ok
11:26:44.0098 0x0718  [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0, 165EE2AB6F989E8D48AA52121B608510E932106835DA43071CC6476630C012FE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:26:44.0126 0x0718  MyWiFiDHCPDNS - ok
11:26:44.0334 0x0718  [ A0C88349651D9F5421AFD363C27102E8, 71D5F7EDAF47AB1376444CB648BFD86CEA36735EE42A9935BDB876DF8F765F45 ] N360            C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
11:26:44.0366 0x0718  N360 - ok
11:26:44.0411 0x0718  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:26:44.0481 0x0718  napagent - ok
11:26:44.0530 0x0718  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:26:44.0563 0x0718  NativeWifiP - ok
11:26:44.0702 0x0718  [ 54F4B358F41C664CBDE4507D67EED1CD, CDCA0A778AF596933CD7CBF1119FCA551ECC03CBBD4F1E8213C3FD2FECA902F2 ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150123.019\ENG64.SYS
11:26:44.0739 0x0718  NAVENG - ok
11:26:44.0897 0x0718  [ A74D67EEEB3938FD2FA3B65B24C32C44, 4D780B70B57E23A3A155794C4DEEBD856E32D35B789BDF4673AAC8FC3AC4367B ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150123.019\EX64.SYS
11:26:44.0975 0x0718  NAVEX15 - ok
11:26:45.0119 0x0718  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:26:45.0167 0x0718  NDIS - ok
11:26:45.0193 0x0718  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:26:45.0254 0x0718  NdisCap - ok
11:26:45.0293 0x0718  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:26:45.0332 0x0718  NdisTapi - ok
11:26:45.0345 0x0718  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:26:45.0402 0x0718  Ndisuio - ok
11:26:45.0435 0x0718  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:26:45.0496 0x0718  NdisWan - ok
11:26:45.0501 0x0718  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:26:45.0549 0x0718  NDProxy - ok
11:26:45.0601 0x0718  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:26:45.0660 0x0718  NetBIOS - ok
11:26:45.0671 0x0718  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:26:45.0730 0x0718  NetBT - ok
11:26:45.0777 0x0718  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
11:26:45.0795 0x0718  Netlogon - ok
11:26:45.0882 0x0718  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:26:45.0965 0x0718  Netman - ok
11:26:46.0101 0x0718  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:26:46.0211 0x0718  NetMsmqActivator - ok
11:26:46.0238 0x0718  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:26:46.0257 0x0718  NetPipeActivator - ok
11:26:46.0294 0x0718  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:26:46.0367 0x0718  netprofm - ok
11:26:46.0407 0x0718  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:26:46.0424 0x0718  NetTcpActivator - ok
11:26:46.0431 0x0718  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:26:46.0448 0x0718  NetTcpPortSharing - ok
11:26:46.0793 0x0718  [ AC69618DE5BCCE8747C9AB0AAE1003C1, D975963FA338AB58684BE0556633F3A846D5360FAD1A5E11BB7A273474DFB64D ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
11:26:47.0247 0x0718  NETwNs64 - ok
11:26:47.0342 0x0718  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:26:47.0377 0x0718  nfrd960 - ok
11:26:47.0420 0x0718  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:26:47.0501 0x0718  NlaSvc - ok
11:26:47.0539 0x0718  [ 88F2F2CB9FAEE2E14BCCF384F4C88061, FC084F6164B9CC116CE11286F0793EDFC084D7DCF4DB6064A8F3776A5558980D ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
11:26:47.0625 0x0718  nmwcd - ok
11:26:47.0684 0x0718  [ 41C1AC1F3613435EB32D67BCB80A5FA5, 93A313BC4A7FA2FC3372CFBF2D76F417007B4A82455092724D3B0B6FA5A88F23 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
11:26:47.0837 0x0718  nmwcdc - ok
11:26:47.0870 0x0718  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:26:47.0933 0x0718  Npfs - ok
11:26:47.0964 0x0718  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:26:48.0026 0x0718  nsi - ok
11:26:48.0048 0x0718  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:26:48.0142 0x0718  nsiproxy - ok
11:26:48.0310 0x0718  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:26:48.0392 0x0718  Ntfs - ok
11:26:48.0423 0x0718  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:26:48.0482 0x0718  Null - ok
11:26:48.0516 0x0718  [ 01266516E6E88D183A2B58722EEB4443, A49647084161A95DAD1B9D941C6A9AAC3B34CAA2C853D9DD65C046CEB7C6A004 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
11:26:48.0571 0x0718  nusb3hub - ok
11:26:48.0623 0x0718  [ 5EC04F55CC5F165F21752712437DF638, B59907C583E1FD9FA6D4747D696AB0E67A6D01969CC48E687DF6A8D51851847A ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
11:26:48.0677 0x0718  nusb3xhc - ok
11:26:48.0707 0x0718  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:26:48.0733 0x0718  nvraid - ok
11:26:48.0759 0x0718  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:26:48.0776 0x0718  nvstor - ok
11:26:48.0836 0x0718  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:26:48.0854 0x0718  nv_agp - ok
11:26:48.0872 0x0718  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:26:48.0908 0x0718  ohci1394 - ok
11:26:48.0983 0x0718  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:26:49.0015 0x0718  ose - ok
11:26:49.0308 0x0718  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:26:49.0590 0x0718  osppsvc - ok
11:26:49.0646 0x0718  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:26:49.0731 0x0718  p2pimsvc - ok
11:26:49.0806 0x0718  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:26:49.0860 0x0718  p2psvc - ok
11:26:49.0902 0x0718  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:26:49.0965 0x0718  Parport - ok
11:26:50.0010 0x0718  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:26:50.0038 0x0718  partmgr - ok
11:26:50.0062 0x0718  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:26:50.0115 0x0718  PcaSvc - ok
11:26:50.0158 0x0718  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
11:26:50.0186 0x0718  pccsmcfd - ok
11:26:50.0203 0x0718  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:26:50.0225 0x0718  pci - ok
11:26:50.0252 0x0718  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:26:50.0265 0x0718  pciide - ok
11:26:50.0290 0x0718  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:26:50.0312 0x0718  pcmcia - ok
11:26:50.0332 0x0718  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:26:50.0346 0x0718  pcw - ok
11:26:50.0366 0x0718  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:26:50.0441 0x0718  PEAUTH - ok
11:26:50.0549 0x0718  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:26:50.0596 0x0718  PerfHost - ok
11:26:50.0703 0x0718  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:26:50.0894 0x0718  pla - ok
11:26:50.0949 0x0718  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:26:51.0030 0x0718  PlugPlay - ok
11:26:51.0058 0x0718  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:26:51.0121 0x0718  PNRPAutoReg - ok
11:26:51.0164 0x0718  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:26:51.0198 0x0718  PNRPsvc - ok
11:26:51.0276 0x0718  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:26:51.0353 0x0718  PolicyAgent - ok
11:26:51.0391 0x0718  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:26:51.0487 0x0718  Power - ok
11:26:51.0534 0x0718  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:26:51.0591 0x0718  PptpMiniport - ok
11:26:51.0614 0x0718  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:26:51.0631 0x0718  Processor - ok
11:26:51.0667 0x0718  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:26:51.0784 0x0718  ProfSvc - ok
11:26:51.0810 0x0718  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:26:51.0829 0x0718  ProtectedStorage - ok
11:26:51.0865 0x0718  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:26:51.0930 0x0718  Psched - ok
11:26:51.0997 0x0718  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
11:26:52.0022 0x0718  PSI_SVC_2 - ok
11:26:52.0117 0x0718  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:26:52.0178 0x0718  ql2300 - ok
11:26:52.0196 0x0718  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:26:52.0213 0x0718  ql40xx - ok
11:26:52.0250 0x0718  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:26:52.0279 0x0718  QWAVE - ok
11:26:52.0294 0x0718  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:26:52.0333 0x0718  QWAVEdrv - ok
11:26:52.0337 0x0718  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:26:52.0376 0x0718  RasAcd - ok
11:26:52.0435 0x0718  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:26:52.0507 0x0718  RasAgileVpn - ok
11:26:52.0541 0x0718  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:26:52.0631 0x0718  RasAuto - ok
11:26:52.0665 0x0718  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:26:52.0735 0x0718  Rasl2tp - ok
11:26:52.0840 0x0718  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:26:52.0942 0x0718  RasMan - ok
11:26:52.0988 0x0718  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:26:53.0076 0x0718  RasPppoe - ok
11:26:53.0103 0x0718  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:26:53.0160 0x0718  RasSstp - ok
11:26:53.0191 0x0718  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:26:53.0264 0x0718  rdbss - ok
11:26:53.0297 0x0718  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:26:53.0348 0x0718  rdpbus - ok
11:26:53.0374 0x0718  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:26:53.0432 0x0718  RDPCDD - ok
11:26:53.0457 0x0718  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:26:53.0513 0x0718  RDPENCDD - ok
11:26:53.0518 0x0718  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:26:53.0558 0x0718  RDPREFMP - ok
11:26:53.0637 0x0718  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:26:53.0714 0x0718  RdpVideoMiniport - ok
11:26:53.0758 0x0718  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:26:53.0832 0x0718  RDPWD - ok
11:26:53.0872 0x0718  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:26:53.0895 0x0718  rdyboost - ok
11:26:54.0004 0x0718  [ A436F5E7D80BBDBB0826D0F176D5BEA8, 7862CE61F182C7613E34415C01AC1C228F79A45470CFD1D316DF2BD24EE09E3C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:26:54.0045 0x0718  RegSrvc - ok
11:26:54.0063 0x0718  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:26:54.0150 0x0718  RemoteAccess - ok
11:26:54.0184 0x0718  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:26:54.0245 0x0718  RemoteRegistry - ok
11:26:54.0300 0x0718  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:26:54.0360 0x0718  RFCOMM - ok
11:26:54.0469 0x0718  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:26:54.0528 0x0718  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
11:26:57.0233 0x0718  Detect skipped due to KSN trusted
11:26:57.0233 0x0718  RichVideo - ok
11:26:57.0285 0x0718  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:26:57.0370 0x0718  RpcEptMapper - ok
11:26:57.0392 0x0718  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:26:57.0424 0x0718  RpcLocator - ok
11:26:57.0495 0x0718  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:26:57.0556 0x0718  RpcSs - ok
11:26:57.0596 0x0718  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:26:57.0650 0x0718  rspndr - ok
11:26:57.0719 0x0718  [ CE0A1D8A59410E698140821E4E69DA0D, 4AEBF07C4016AF62B1A4F1C838FDC3A272FC643E596A86E4FE3C34F10523E318 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
11:26:57.0747 0x0718  RSUSBVSTOR - ok
11:26:57.0778 0x0718  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
11:26:57.0794 0x0718  SamSs - ok
11:26:57.0831 0x0718  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:26:57.0850 0x0718  sbp2port - ok
11:26:57.0889 0x0718  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:26:57.0951 0x0718  SCardSvr - ok
11:26:57.0975 0x0718  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:26:58.0027 0x0718  scfilter - ok
11:26:58.0110 0x0718  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:26:58.0204 0x0718  Schedule - ok
11:26:58.0264 0x0718  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:26:58.0334 0x0718  SCPolicySvc - ok
11:26:58.0365 0x0718  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:26:58.0450 0x0718  SDRSVC - ok
11:26:58.0500 0x0718  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:26:58.0547 0x0718  secdrv - ok
11:26:58.0571 0x0718  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:26:58.0634 0x0718  seclogon - ok
11:26:58.0664 0x0718  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:26:58.0727 0x0718  SENS - ok
11:26:58.0755 0x0718  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:26:58.0826 0x0718  SensrSvc - ok
11:26:58.0871 0x0718  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:26:58.0927 0x0718  Serenum - ok
11:26:58.0958 0x0718  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
11:26:59.0000 0x0718  Serial - ok
11:26:59.0025 0x0718  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:26:59.0076 0x0718  sermouse - ok
11:26:59.0179 0x0718  [ 8C1F87F5FDD92229D1754B98F073913F, DF97A2B8C337E80998E93934CC616AD46A8853232AEB6EF456ABC5C174A3C301 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:26:59.0242 0x0718  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
11:27:02.0002 0x0718  Detect skipped due to KSN trusted
11:27:02.0003 0x0718  ServiceLayer - ok
11:27:02.0051 0x0718  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:27:02.0138 0x0718  SessionEnv - ok
11:27:02.0172 0x0718  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:27:02.0232 0x0718  sffdisk - ok
11:27:02.0271 0x0718  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:27:02.0307 0x0718  sffp_mmc - ok
11:27:02.0328 0x0718  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:27:02.0368 0x0718  sffp_sd - ok
11:27:02.0392 0x0718  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:27:02.0424 0x0718  sfloppy - ok
11:27:02.0514 0x0718  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
11:27:02.0556 0x0718  Sftfs - ok
11:27:02.0636 0x0718  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:27:02.0670 0x0718  sftlist - ok
11:27:02.0788 0x0718  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:27:02.0841 0x0718  Sftplay - ok
11:27:02.0876 0x0718  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:27:02.0889 0x0718  Sftredir - ok
11:27:02.0931 0x0718  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
11:27:02.0945 0x0718  Sftvol - ok
11:27:02.0973 0x0718  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:27:02.0992 0x0718  sftvsa - ok
11:27:03.0068 0x0718  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:27:03.0165 0x0718  SharedAccess - ok
11:27:03.0207 0x0718  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:27:03.0274 0x0718  ShellHWDetection - ok
11:27:03.0318 0x0718  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:27:03.0347 0x0718  SiSRaid2 - ok
11:27:03.0380 0x0718  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:27:03.0416 0x0718  SiSRaid4 - ok
11:27:03.0469 0x0718  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:27:03.0528 0x0718  Smb - ok
11:27:03.0576 0x0718  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:27:03.0649 0x0718  SNMPTRAP - ok
11:27:03.0688 0x0718  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:27:03.0716 0x0718  spldr - ok
11:27:03.0768 0x0718  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:27:03.0843 0x0718  Spooler - ok
11:27:04.0010 0x0718  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:27:04.0231 0x0718  sppsvc - ok
11:27:04.0244 0x0718  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:27:04.0285 0x0718  sppuinotify - ok
11:27:04.0423 0x0718  [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS
11:27:04.0462 0x0718  SRTSP - ok
11:27:04.0498 0x0718  [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS
11:27:04.0510 0x0718  SRTSPX - ok
11:27:04.0552 0x0718  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:27:04.0597 0x0718  srv - ok
11:27:04.0629 0x0718  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:27:04.0658 0x0718  srv2 - ok
11:27:04.0676 0x0718  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:27:04.0717 0x0718  srvnet - ok
11:27:04.0790 0x0718  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:27:04.0865 0x0718  SSDPSRV - ok
11:27:04.0872 0x0718  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:27:04.0919 0x0718  SstpSvc - ok
11:27:04.0957 0x0718  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:27:04.0988 0x0718  stexstor - ok
11:27:05.0029 0x0718  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
11:27:05.0106 0x0718  StillCam - ok
11:27:05.0184 0x0718  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:27:05.0256 0x0718  stisvc - ok
11:27:05.0298 0x0718  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:27:05.0335 0x0718  swenum - ok
11:27:05.0396 0x0718  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:27:05.0457 0x0718  swprv - ok
11:27:05.0530 0x0718  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\N360x64\1506000.020\SYMDS64.SYS
11:27:05.0582 0x0718  SymDS - ok
11:27:05.0720 0x0718  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\Windows\system32\drivers\N360x64\1506000.020\SYMEFA64.SYS
11:27:05.0769 0x0718  SymEFA - ok
11:27:05.0818 0x0718  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:27:05.0837 0x0718  SymEvent - ok
11:27:05.0901 0x0718  [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON         C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS
11:27:05.0947 0x0718  SymIRON - ok
11:27:06.0017 0x0718  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS
11:27:06.0050 0x0718  SymNetS - ok
11:27:06.0149 0x0718  [ B3AD15FA10EBEAFC1275F34050E4E230, 23FE8863FD6BD69FAB40880D21678AF6B696DD3E1C014C3B7DE21D371EA628A6 ] SynTP           C:\Windows\system32\drivers\SynTP.sys
11:27:06.0212 0x0718  SynTP - ok
11:27:06.0375 0x0718  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:27:06.0516 0x0718  SysMain - ok
11:27:06.0577 0x0718  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:27:06.0675 0x0718  TabletInputService - ok
11:27:06.0726 0x0718  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:27:06.0811 0x0718  TapiSrv - ok
11:27:06.0831 0x0718  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:27:06.0892 0x0718  TBS - ok
11:27:07.0031 0x0718  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:27:07.0104 0x0718  Tcpip - ok
11:27:07.0224 0x0718  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:27:07.0290 0x0718  TCPIP6 - ok
11:27:07.0330 0x0718  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:27:07.0364 0x0718  tcpipreg - ok
11:27:07.0391 0x0718  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:27:07.0472 0x0718  TDPIPE - ok
11:27:07.0513 0x0718  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:27:07.0580 0x0718  TDTCP - ok
11:27:07.0637 0x0718  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:27:07.0735 0x0718  tdx - ok
11:27:07.0800 0x0718  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:27:07.0835 0x0718  TermDD - ok
11:27:07.0912 0x0718  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:27:07.0989 0x0718  TermService - ok
11:27:08.0006 0x0718  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:27:08.0050 0x0718  Themes - ok
11:27:08.0088 0x0718  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:27:08.0144 0x0718  THREADORDER - ok
11:27:08.0167 0x0718  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:27:08.0210 0x0718  TrkWks - ok
11:27:08.0259 0x0718  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:27:08.0338 0x0718  TrustedInstaller - ok
11:27:08.0366 0x0718  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:27:08.0401 0x0718  tssecsrv - ok
11:27:08.0451 0x0718  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:27:08.0546 0x0718  TsUsbFlt - ok
11:27:08.0578 0x0718  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:27:08.0610 0x0718  TsUsbGD - ok
11:27:08.0672 0x0718  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:27:08.0795 0x0718  tunnel - ok
11:27:08.0848 0x0718  TwonkyWebDav - ok
11:27:08.0882 0x0718  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:27:08.0916 0x0718  uagp35 - ok
11:27:08.0947 0x0718  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:27:09.0058 0x0718  udfs - ok
11:27:09.0083 0x0718  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:27:09.0196 0x0718  UI0Detect - ok
11:27:09.0243 0x0718  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:27:09.0268 0x0718  uliagpkx - ok
11:27:09.0305 0x0718  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:27:09.0345 0x0718  umbus - ok
11:27:09.0386 0x0718  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:27:09.0445 0x0718  UmPass - ok
11:27:09.0646 0x0718  [ D87FB12563F65088B1904871D86E5164, 5B8D42EFE897342EF501A93AAF264BDA8C1350C08DFD3EF11FC12016BD4676C2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:27:09.0741 0x0718  UNS - ok
11:27:09.0775 0x0718  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:27:09.0826 0x0718  upnphost - ok
11:27:09.0872 0x0718  [ FBD861E69E1F583BEC906FCD04E4F84E, 8261CCB0D26B146692D1B4986FD5E15C5E9181C23F6837E9736102ADFAE9CD6A ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:27:09.0922 0x0718  upperdev - ok
11:27:09.0957 0x0718  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:27:10.0064 0x0718  usbccgp - ok
11:27:10.0125 0x0718  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:27:10.0213 0x0718  usbcir - ok
11:27:10.0251 0x0718  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:27:10.0335 0x0718  usbehci - ok
11:27:10.0411 0x0718  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:27:10.0520 0x0718  usbhub - ok
11:27:10.0560 0x0718  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:27:10.0589 0x0718  usbohci - ok
11:27:10.0611 0x0718  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:27:10.0671 0x0718  usbprint - ok
11:27:10.0733 0x0718  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:27:10.0802 0x0718  usbscan - ok
11:27:10.0849 0x0718  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
11:27:10.0884 0x0718  usbser - ok
11:27:10.0958 0x0718  [ 8844CB19A37B65E27049D4A7786726A9, 4D772174A320F02E2F87BDF8C6EBBFDE04C9763D3C21FE9557DE938521508A59 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
11:27:11.0002 0x0718  UsbserFilt - ok
11:27:11.0039 0x0718  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:27:11.0116 0x0718  USBSTOR - ok
11:27:11.0158 0x0718  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:27:11.0234 0x0718  usbuhci - ok
11:27:11.0323 0x0718  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:27:11.0360 0x0718  usbvideo - ok
11:27:11.0388 0x0718  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:27:11.0452 0x0718  UxSms - ok
11:27:11.0467 0x0718  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
11:27:11.0483 0x0718  VaultSvc - ok
11:27:11.0599 0x0718  [ 0EB68D00C7D3825EBCB8C47018FE2A93, 6A5E675A76AA86ED3C21247D54D4B767BA44D6785DE83FB7946EAD893A9FD5DF ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
11:27:11.0643 0x0718  VBoxDrv - ok
11:27:11.0723 0x0718  [ 80E2B225D444AB13665CADB5C84515EE, 3F1A0EC22256B2ACA57174BA4F838BC4683271C73A5B90A82016397844617E4B ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
11:27:11.0764 0x0718  VBoxNetFlt - ok
11:27:11.0827 0x0718  [ 82902F80FADDC9BE4AFDAE63430827EE, DEED31F02F68B3E3A9414147F71373F73B195205FAEC3606B5540AE29762A3D1 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:27:11.0879 0x0718  VBoxUSBMon - ok
11:27:11.0916 0x0718  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:27:11.0934 0x0718  vdrvroot - ok
11:27:11.0982 0x0718  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:27:12.0040 0x0718  vds - ok
11:27:12.0071 0x0718  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:27:12.0090 0x0718  vga - ok
11:27:12.0103 0x0718  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:27:12.0167 0x0718  VgaSave - ok
11:27:12.0242 0x0718  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:27:12.0286 0x0718  vhdmp - ok
11:27:12.0306 0x0718  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:27:12.0319 0x0718  viaide - ok
11:27:12.0362 0x0718  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:27:12.0376 0x0718  volmgr - ok
11:27:12.0416 0x0718  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:27:12.0439 0x0718  volmgrx - ok
11:27:12.0465 0x0718  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:27:12.0487 0x0718  volsnap - ok
11:27:12.0577 0x0718  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:27:12.0612 0x0718  vsmraid - ok
11:27:12.0691 0x0718  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:27:12.0787 0x0718  VSS - ok
11:27:12.0807 0x0718  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:27:12.0847 0x0718  vwifibus - ok
11:27:12.0852 0x0718  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:27:12.0879 0x0718  vwififlt - ok
11:27:12.0907 0x0718  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:27:12.0974 0x0718  vwifimp - ok
11:27:13.0022 0x0718  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:27:13.0131 0x0718  W32Time - ok
11:27:13.0171 0x0718  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:27:13.0209 0x0718  WacomPen - ok
11:27:13.0256 0x0718  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:27:13.0318 0x0718  WANARP - ok
11:27:13.0369 0x0718  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:27:13.0436 0x0718  Wanarpv6 - ok
11:27:13.0479 0x0718  [ 878C947C69EE89E4DBFF9DBD6155C15D, C2F56C0C9A979E9BFC27B7524E3DF654FB4FFF45E640D45913B6F5AEEEA4D91C ] watchmi         C:\Program Files (x86)\watchmi\TvdService.exe
11:27:13.0512 0x0718  watchmi - detected UnsignedFile.Multi.Generic ( 1 )
11:27:16.0284 0x0718  Detect skipped due to KSN trusted
11:27:16.0284 0x0718  watchmi - ok
11:27:16.0424 0x0718  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:27:16.0540 0x0718  wbengine - ok
11:27:16.0570 0x0718  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:27:16.0616 0x0718  WbioSrvc - ok
11:27:16.0630 0x0718  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:27:16.0671 0x0718  wcncsvc - ok
11:27:16.0705 0x0718  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:27:16.0770 0x0718  WcsPlugInService - ok
11:27:16.0793 0x0718  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:27:16.0806 0x0718  Wd - ok
11:27:16.0875 0x0718  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:27:16.0914 0x0718  Wdf01000 - ok
11:27:16.0943 0x0718  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:27:17.0023 0x0718  WdiServiceHost - ok
11:27:17.0029 0x0718  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:27:17.0057 0x0718  WdiSystemHost - ok
11:27:17.0130 0x0718  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:27:17.0189 0x0718  WebClient - ok
11:27:17.0215 0x0718  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:27:17.0263 0x0718  Wecsvc - ok
11:27:17.0281 0x0718  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:27:17.0346 0x0718  wercplsupport - ok
11:27:17.0401 0x0718  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:27:17.0501 0x0718  WerSvc - ok
11:27:17.0540 0x0718  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:27:17.0580 0x0718  WfpLwf - ok
11:27:17.0584 0x0718  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:27:17.0597 0x0718  WIMMount - ok
11:27:17.0613 0x0718  WinDefend - ok
11:27:17.0627 0x0718  WinHttpAutoProxySvc - ok
11:27:17.0691 0x0718  Winmgmt - ok
11:27:17.0864 0x0718  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
11:27:18.0006 0x0718  WinRM - ok
11:27:18.0068 0x0718  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:27:18.0093 0x0718  WinUsb - ok
11:27:18.0150 0x0718  [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc        C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
11:27:18.0181 0x0718  WisLMSvc - ok
11:27:18.0237 0x0718  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:27:18.0304 0x0718  Wlansvc - ok
11:27:18.0355 0x0718  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:27:18.0387 0x0718  wlcrasvc - ok
11:27:18.0585 0x0718  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:27:18.0692 0x0718  wlidsvc - ok
11:27:18.0728 0x0718  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:27:18.0776 0x0718  WmiAcpi - ok
11:27:18.0852 0x0718  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:27:18.0910 0x0718  wmiApSrv - ok
11:27:18.0936 0x0718  WMPNetworkSvc - ok
11:27:19.0083 0x0718  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
11:27:19.0127 0x0718  WMZuneComm - ok
11:27:19.0158 0x0718  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:27:19.0185 0x0718  WPCSvc - ok
11:27:19.0191 0x0718  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:27:19.0231 0x0718  WPDBusEnum - ok
11:27:19.0253 0x0718  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:27:19.0311 0x0718  ws2ifsl - ok
11:27:19.0344 0x0718  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:27:19.0420 0x0718  wscsvc - ok
11:27:19.0424 0x0718  WSearch - ok
11:27:19.0581 0x0718  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:27:19.0673 0x0718  wuauserv - ok
11:27:19.0703 0x0718  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:27:19.0814 0x0718  WudfPf - ok
11:27:19.0859 0x0718  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:27:19.0909 0x0718  WUDFRd - ok
11:27:19.0938 0x0718  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:27:19.0973 0x0718  wudfsvc - ok
11:27:20.0018 0x0718  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:27:20.0135 0x0718  WwanSvc - ok
11:27:20.0160 0x0718  ZTEusbmdm6k - ok
11:27:20.0177 0x0718  ZTEusbnmea - ok
11:27:20.0181 0x0718  ZTEusbser6k - ok
11:27:20.0541 0x0718  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
11:27:20.0945 0x0718  ZuneNetworkSvc - ok
11:27:21.0044 0x0718  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
11:27:21.0087 0x0718  ZuneWlanCfgSvc - ok
11:27:21.0133 0x0718  ================ Scan global ===============================
11:27:21.0158 0x0718  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:27:21.0186 0x0718  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:27:21.0202 0x0718  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:27:21.0237 0x0718  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:27:21.0260 0x0718  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:27:21.0271 0x0718  [ Global ] - ok
11:27:21.0272 0x0718  ================ Scan MBR ==================================
11:27:21.0283 0x0718  [ 00ACD19771F4FBCB23501EAABEDD150B ] \Device\Harddisk0\DR0
11:27:23.0938 0x0718  \Device\Harddisk0\DR0 - ok
11:27:23.0939 0x0718  ================ Scan VBR ==================================
11:27:23.0943 0x0718  [ 45D301204970D5D3FB7F1F70D6DE7A2D ] \Device\Harddisk0\DR0\Partition1
11:27:23.0946 0x0718  \Device\Harddisk0\DR0\Partition1 - ok
11:27:23.0950 0x0718  [ EFECC37C035946EE925F9500D4ED86BE ] \Device\Harddisk0\DR0\Partition2
11:27:23.0952 0x0718  \Device\Harddisk0\DR0\Partition2 - ok
11:27:23.0970 0x0718  [ C8DC8DB7D345F0619074647D17D13FE5 ] \Device\Harddisk0\DR0\Partition3
11:27:23.0972 0x0718  \Device\Harddisk0\DR0\Partition3 - ok
11:27:23.0972 0x0718  ================ Scan generic autorun ======================
11:27:24.0442 0x0718  [ 09C1D09B5B270FB39845D4EE89699D7D, A6BB15188601F57931E9693EA199D35D0FFF163C888CD335DABB263C998EADD3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:27:24.0933 0x0718  RtHDVCpl - ok
11:27:25.0072 0x0718  [ 7586ACA6DBFBDCD5EBC1776486D53AA4, 1DA51BE57CB6DDCB9DAEA337802DEEE729D56C2548B2BB8909D7FA007A68BBFB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:27:25.0149 0x0718  RtHDVBg - ok
11:27:25.0152 0x0718  SynTPEnh - ok
11:27:25.0237 0x0718  [ 6A94CD69E9C2BD1864096AB0B16660E6, E22F3C432F104AD25512D1F97526D772D50BE0FC7910FFF12335F4ECC0EEE184 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
11:27:25.0307 0x0718  IntelPAN - ok
11:27:25.0310 0x0718  BTMTrayAgent - ok
11:27:25.0340 0x0718  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
11:27:25.0356 0x0718  IgfxTray - ok
11:27:25.0416 0x0718  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
11:27:25.0460 0x0718  HotKeysCmds - ok
11:27:25.0502 0x0718  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
11:27:25.0527 0x0718  Persistence - ok
11:27:25.0553 0x0718  [ 9BE365E0380829A96B11237B91356CAF, 92E6858275354E1B455AE2EB11F8FDEBE00DB874083B2BD64CCB49B89301AAB0 ] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
11:27:25.0568 0x0718  HotkeyApp - ok
11:27:25.0588 0x0718  [ DFA1067EA4157BCCCFD48F052066A076, 5E5B60C20CFF1F3F9D45588B0E0AEB59C3F4C11089CCB52AA92890773BAA081F ] C:\Program Files (x86)\Launch Manager\OSD.exe
11:27:25.0608 0x0718  LMgrVolOSD - ok
11:27:25.0608 0x0718  LMgrOSD - ok
11:27:25.0635 0x0718  [ 94D2739E7F421BC0EE0B32387B78B619, D7835E81FD08EBBFBDF44712D48CBF4311A89FF505ADD4DF4ECC46A2ECCD6F1B ] C:\Program Files (x86)\Launch Manager\Wbutton.exe
11:27:25.0659 0x0718  Wbutton - ok
11:27:25.0702 0x0718  [ AE797B72D85E87D403FC11135507922C, F4FC1E5B9EA2DAB6CDF7FDEE279F7902D3A7832A8EE8CADEDE71E6A2F11FA938 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
11:27:25.0724 0x0718  NUSB3MON - ok
11:27:25.0775 0x0718  [ 14017E1CE1583C2C26F69C5BC3D4DBD0, 1D17EC0FF6DF5AF44C82EA6C6806CC940121BC93439D87C5442D7EEEFFA39E3A ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
11:27:25.0806 0x0718  Dolby Advanced Audio v2 - ok
11:27:25.0889 0x0718  [ 16D4D2AB28EDD90AEE06826B3ADF50AB, EE8E54702B22E7F1DB8DE7296132C3473DD9D18B9E9C47414F315173E0A26E16 ] C:\Program Files (x86)\PDF24\pdf24.exe
11:27:25.0928 0x0718  PDFPrint - ok
11:27:26.0057 0x0718  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:27:26.0169 0x0718  Sidebar - ok
11:27:26.0196 0x0718  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:27:26.0249 0x0718  mctadmin - ok
11:27:26.0310 0x0718  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:27:26.0361 0x0718  Sidebar - ok
11:27:26.0373 0x0718  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:27:26.0395 0x0718  mctadmin - ok
11:27:26.0499 0x0718  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
11:27:26.0574 0x0718  Sidebar - ok
11:27:26.0674 0x0718  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
11:27:26.0736 0x0718  Sidebar - ok
11:27:26.0763 0x0718  swg - ok
11:27:26.0764 0x0718  Waiting for KSN requests completion. In queue: 169
11:27:27.0765 0x0718  Waiting for KSN requests completion. In queue: 18
11:27:28.0765 0x0718  Waiting for KSN requests completion. In queue: 18
11:28:29.0856 0x0718  Win FW state via NFP2: enabled
11:28:32.0781 0x0718  ============================================================
11:28:32.0781 0x0718  Scan finished
11:28:32.0781 0x0718  ============================================================
11:28:32.0802 0x0424  Detected object count: 0
11:28:32.0802 0x0424  Actual detected object count: 0
         
Grüße,

Daniel


Alt 24.01.2015, 15:58   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Windows 7: Trojan.Ransomlock.G

Alt 24.01.2015, 17:29   #7
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Hi,

so, da hats glaub ich ein paar Probleme gegeben.

Nach dem Start von ComboFix wurde zuerst im blauen Fenster " System file is infected !! Attempting to restore "C:\Windows\system32\Drivers\Volsnap.sys" " angezeigt.

Es erschien ein Fenster: "Error! - File not found: C:\32788R22FWJFW\ERDNT.E_E This File is part of the restoration programm ERDNT. Without this file later restoration of the registry ca only be done manually, by using another OS to copy back the files.", welches nur durch OK zu bestätigen war.

Während des Scan-Vorgangs musste ich immer wieder die Meldung: "NIRKMD konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang" durch klick auf OK bestätigen, damit es überhaupt weiter ging.

Nach dem Scan folgte der Hinweis: "Warning! - Current registry file not found: \Device\HarddiskVolume1\Boot\BCD Restore this file ?" welchen ich mit klick auf JA bestätigte.

Nach dem Neustart wieder der Hinweis auf "NircmdB.exe konnte nicht gefunden werden..."

Seit dem Neustart ist mein Desktophintergrund schwarz, auf dem Desktop habe ich eine neue .txt-File mit dem Titel "catchme" gefunden. Inhalt: "driver loading error"

Hier nun die Log von ComboFix:

[CODE]
Combofix Logfile:
Code:
ATTFilter
ComboFix 15-01-22.02 - Daniel 24.01.2015  16:40:12.1.4 - x86
ausgeführt von:: c:\users\Daniel\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\TEMP
c:\windows\msdownld.tmp
.
.
.
c:\windows\system32\sfcfiles.dll . . . fehlt!!
.
c:\windows\system32\drivers\null.sys . . . fehlt!!
.
c:\windows\system32\drivers\afd.sys . . . fehlt!!
.
c:\windows\system32\drivers\ndis.sys . . . fehlt!!
.
c:\windows\system32\drivers\ndisuio.sys . . . fehlt!!
.
c:\windows\system32\drivers\netbios.sys . . . fehlt!!
.
c:\windows\system32\drivers\usbehci.sys . . . fehlt!!
.
c:\windows\system32\drivers\intelppm.sys . . . fehlt!!
.
c:\windows\system32\drivers\tcpip.sys . . . fehlt!!
.
c:\windows\system32\drivers\netbt.sys . . . fehlt!!
.
c:\windows\system32\drivers\asyncmac.sys . . . fehlt!!
.
c:\windows\system32\drivers\cdrom.sys . . . fehlt!!
.
c:\windows\system32\drivers\Serial.sys . . . fehlt!!
.
c:\windows\system32\drivers\ndproxy.sys . . . fehlt!!
.
c:\windows\system32\drivers\ws2ifsl.sys . . . fehlt!!
.
c:\windows\system32\drivers\i8042prt.sys . . . fehlt!!
.
c:\windows\system32\drivers\ipsec.sys . . . fehlt!!
.
c:\windows\system32\drivers\psched.sys . . . fehlt!!
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_MSiSCSI
-------\Service_SessionEnv
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-12-24 bis 2015-01-24  ))))))))))))))))))))))))))))))
.
.
2015-01-23 20:27 . 2015-01-23 20:38	--------	d-----w-	C:\FRST
2015-01-23 19:22 . 2015-01-23 19:22	--------	d-----w-	c:\programdata\Malwarebytes
2015-01-23 19:22 . 2015-01-24 00:46	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-23 19:22 . 2015-01-23 19:22	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-23 19:21 . 2015-01-23 19:21	97496	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-01-23 14:17 . 2015-01-23 14:17	--------	d-----w-	c:\users\Daniel\AppData\Roaming\Sirrix AG
2015-01-23 14:14 . 2015-01-23 14:14	--------	d-----w-	c:\programdata\Sirrix AG
2015-01-23 14:14 . 2015-01-23 14:14	--------	d-----w-	c:\program files (x86)\Sirrix AG
2015-01-23 14:13 . 2014-12-12 15:02	915864	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2015-01-23 14:12 . 2014-12-12 15:01	127408	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2015-01-23 08:55 . 2015-01-23 08:55	--------	d-----w-	c:\users\Daniel\AppData\Local\{20A8770E-0FBF-41E8-B5D8-CFFA66E715B2}
2015-01-22 14:53 . 2015-01-22 14:53	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-01-22 09:24 . 2015-01-22 09:27	--------	d-----w-	c:\program files (x86)\HP
2015-01-22 09:21 . 2015-01-22 09:27	--------	d-----w-	c:\programdata\HP
2015-01-22 09:20 . 2013-06-17 22:51	957264	----a-w-	c:\windows\system32\hpptsplj127128_x64.dll
2015-01-22 09:20 . 2013-06-17 22:51	528208	----a-w-	c:\windows\system32\hpwia2_lj127128.dll
2015-01-22 09:20 . 2013-04-05 14:31	557088	----a-w-	c:\windows\system32\hpzjcd01.dll
2015-01-22 09:20 . 2010-10-21 21:15	217656	----a-w-	c:\windows\system32\hppscancoins64.dll
2015-01-22 09:11 . 2015-01-22 09:11	--------	d-----w-	c:\users\Daniel\AppData\Local\{44E5E5D6-85B1-4796-8B29-A0F2F3B36007}
2015-01-21 14:48 . 2015-01-21 14:48	--------	d-----w-	c:\users\Daniel\AppData\Local\{4AE162B5-2750-4114-8628-0E86C313F9EF}
2015-01-19 09:52 . 2015-01-19 09:52	--------	d-----w-	c:\users\Daniel\AppData\Local\{C4A40AE1-BDC3-4AB0-AD65-ADF45611B221}
2015-01-15 10:50 . 2015-01-15 10:50	--------	d-----w-	c:\users\Daniel\AppData\Local\{CC82E834-C910-4FA2-8BE8-F251745AE941}
2015-01-14 22:32 . 2015-01-14 22:32	--------	d-----w-	c:\users\Daniel\AppData\Local\{2A5A4728-C75A-4EA3-92F6-76FD84CC244D}
2015-01-13 21:33 . 2014-12-19 03:06	210432	----a-w-	c:\windows\system32\profsvc.dll
2015-01-13 21:33 . 2014-12-06 04:17	303616	----a-w-	c:\windows\system32\nlasvc.dll
2015-01-13 21:33 . 2014-12-19 01:46	141312	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2015-01-13 21:33 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-01-13 21:32 . 2014-12-12 05:35	5553592	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-01-13 21:32 . 2014-12-12 05:31	503808	----a-w-	c:\windows\system32\srcore.dll
2015-01-13 21:32 . 2014-12-12 05:31	50176	----a-w-	c:\windows\system32\srclient.dll
2015-01-13 21:32 . 2014-12-12 05:31	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-01-12 20:52 . 2015-01-12 20:52	--------	d-----w-	c:\users\Daniel\AppData\Local\{94723EA0-90D9-4F98-A0A6-B39D5A2A1EC6}
2015-01-11 16:54 . 2015-01-11 16:55	--------	d-----w-	c:\users\Daniel\AppData\Local\{9426922B-ACF5-4E99-88F6-AE9A081B3AF9}
2015-01-10 17:39 . 2015-01-10 17:39	--------	d-----w-	c:\users\Daniel\AppData\Local\{91A5E764-6CCD-48C9-A258-A9D24A40C7C1}
2015-01-09 08:28 . 2015-01-09 08:28	--------	d-----w-	c:\users\Daniel\AppData\Local\{88D53900-6BC6-45F7-BF33-7012E1C1E8A0}
2015-01-08 10:05 . 2015-01-08 10:06	--------	d-----w-	c:\users\Daniel\AppData\Local\{5BA64583-D02A-4030-A14A-9039C90B03E8}
2015-01-07 12:53 . 2015-01-07 12:53	--------	d-----w-	c:\users\Daniel\AppData\Local\{C196F29C-E44D-48E8-A367-C1881E9CB2DB}
2015-01-06 23:32 . 2015-01-06 23:33	--------	d-----w-	c:\users\Daniel\AppData\Local\{D6BD04B0-2D5F-4DB8-8619-6426FD751969}
2015-01-05 18:43 . 2015-01-05 18:43	--------	d-----w-	c:\users\Daniel\AppData\Local\{97A40121-44E3-49B3-A4A4-7536DD2A8C49}
2015-01-02 17:37 . 2015-01-02 17:37	--------	d-----w-	c:\users\Daniel\AppData\Local\{41BCEA74-E660-4966-AD5B-98DA2FA1C735}
2014-12-31 11:35 . 2014-12-31 11:36	--------	d-----w-	c:\users\Daniel\AppData\Local\{23A1CEB4-F60D-4728-97A0-28B4C8B70139}
2014-12-30 13:13 . 2014-12-30 13:13	--------	d-----w-	c:\users\Daniel\AppData\Local\{3455279E-BD6B-4F01-B494-68A6CD59205E}
2014-12-30 12:51 . 2014-12-30 12:51	--------	d-----w-	c:\users\Daniel\AppData\Local\{3844E661-41BB-4995-815F-23D80BC408F8}
2014-12-29 19:45 . 2014-12-29 19:45	--------	d-----w-	c:\users\Daniel\AppData\Local\{79D8113A-247D-4E04-8380-F5210D67EFEC}
2014-12-28 18:45 . 2015-01-08 10:00	--------	d-----w-	c:\users\Daniel\Neuer Ordner (2)...#
2014-12-28 18:04 . 2014-12-28 18:04	--------	d-----w-	c:\users\Daniel\AppData\Local\{09E89F87-7D96-4935-B012-880D49A393BE}
2014-12-25 16:21 . 2014-12-25 16:22	--------	d-----w-	c:\users\Daniel\AppData\Local\{96ECD87B-FF83-4E11-B991-6E377A1202A8}
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-13 05:09 . 2014-12-18 14:26	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-12 15:01 . 2014-12-12 15:01	156224	----a-w-	c:\windows\system32\drivers\VBoxNetFlt.sys
2014-12-12 15:01 . 2014-12-12 15:01	203592	----a-w-	c:\windows\system32\VBoxNetFltNobj.dll
2014-12-04 02:50 . 2014-12-09 20:44	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-09 20:44	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-09 20:44	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-09 20:44	830976	----a-w-	c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-09 20:44	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-09 20:44	227328	----a-w-	c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-09 20:44	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-09 20:44	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-11-22 03:06 . 2014-12-09 20:43	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-09 20:43	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-09 20:43	66560	----a-w-	c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-09 20:43	580096	----a-w-	c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-09 20:43	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:48 . 2014-12-09 20:43	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-11-22 02:35 . 2014-12-09 20:43	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-09 20:43	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-09 20:43	6039552	----a-w-	c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-09 20:43	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:14 . 2014-12-09 20:43	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:47 . 2014-12-09 20:43	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-09 20:43	2125312	----a-w-	c:\windows\system32\inetcpl.cpl
2014-11-22 01:28 . 2014-12-09 20:43	2358272	----a-w-	c:\windows\system32\wininet.dll
2014-11-11 03:09 . 2014-12-09 20:43	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 15:54	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 15:54	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 01:46 . 2014-12-09 20:43	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-09 20:41	2048	----a-w-	c:\windows\system32\tzres.dll
2014-11-04 09:35 . 2013-05-10 11:25	590536	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-10-30 02:03 . 2014-12-09 20:42	165888	----a-w-	c:\windows\system32\charmap.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
.
.
.
[7] 2010-11-21 03:24 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6140] . . c:\windows\SysWOW64\mfc40u.dll
[7] 2010-11-21 03:24 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll
.
[7] 2014-12-12 . 2F9871CD1A994180A1DC4F959010AF8A . 3977656 . . [6.1.7601.22908] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22908_none_6ed028552b7725be\ntkrnlpa.exe
[7] 2014-12-12 . 2AF481C03C0383ADE09FFEDA0C583140 . 3971512 . . [6.1.7601.18700] . . c:\windows\SysWOW64\ntkrnlpa.exe
[7] 2014-12-12 . 2AF481C03C0383ADE09FFEDA0C583140 . 3971512 . . [6.1.7601.18700] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18700_none_6e3e87541260be15\ntkrnlpa.exe
[7] 2014-03-04 . FB18FE03DEC1297107946C4D597797C3 . 3974080 . . [6.1.7601.22616] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22616_none_6ec352232b81178c\ntkrnlpa.exe
[7] 2014-03-04 . 4D59F470985D08139E42D15842816C47 . 3969984 . . [6.1.7601.18409] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18409_none_6e47843c1258aaaf\ntkrnlpa.exe
[7] 2013-08-29 . EB6B2FB5EE07337C8B4F3A16CBC18BE3 . 3973568 . . [6.1.7601.22436] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22436_none_6eadae7f2b915520\ntkrnlpa.exe
[7] 2013-08-29 . 482C8CD985C727C7C78A5E9B320947F0 . 3969472 . . [6.1.7601.18247] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18247_none_6e1a402c127aed77\ntkrnlpa.exe
[7] 2013-08-02 . 0F3ACFF7F3D87C319F7894EF7155609B . 3973056 . . [6.1.7601.22411] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22411_none_6ebe4ce52b859e8b\ntkrnlpa.exe
[7] 2013-08-02 . 1A9E4EE88B31750E5CA207424143F99C . 3968960 . . [6.1.7601.18229] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18229_none_6e31e0981268e843\ntkrnlpa.exe
[7] 2013-07-09 . DD5F17D44E9966E7EA447AE8C4D12D6C . 3968960 . . [6.1.7601.18205] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18205_none_6e437f48125c4b05\ntkrnlpa.exe
[7] 2013-07-08 . 16A6C242C9B4DCA5A0B0FB7A95A75D70 . 3973056 . . [6.1.7601.22379] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22379_none_6e856dc72baf13c2\ntkrnlpa.exe
[7] 2013-03-19 . 88355CFE81D381F93C74716DAA803587 . 3968856 . . [6.1.7601.18113] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_6e36ace212663721\ntkrnlpa.exe
[7] 2013-03-19 . 3DFCBEEE97DF8BBAA749CAACFC9C43E1 . 3972440 . . [6.1.7601.22280] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_6e71995b2bbf4e7d\ntkrnlpa.exe
[7] 2013-01-05 . 660100CB90F344040EF57F52FC0681C3 . 3967848 . . [6.1.7601.18044] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_6e173b82127da724\ntkrnlpa.exe
[7] 2013-01-05 . 8E43161944CE6E3A1F2B2618B992A8CE . 3971928 . . [6.1.7601.22210] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_6ebd48cf2b868ae6\ntkrnlpa.exe
[7] 2012-08-30 . 7E1EC00B7D0D33A67DFC563574EEFF93 . 3968880 . . [6.1.7601.17944] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntkrnlpa.exe
[7] 2012-08-30 . 770FEEA2823E463D68E170D7EA6FAEBA . 3972464 . . [6.1.7601.22103] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntkrnlpa.exe
[7] 2012-05-04 . 4A56DB06360F59130CAED69FA7526F0A . 3968368 . . [6.1.7601.17835] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntkrnlpa.exe
[7] 2012-05-04 . AFF886D9D718D3747E5031816C0DA7D2 . 3971952 . . [6.1.7601.21987] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntkrnlpa.exe
[7] 2012-03-31 . 8F6D5704D7522AAB8B4B82C0D35D9184 . 3968368 . . [6.1.7601.17803] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntkrnlpa.exe
[7] 2012-03-31 . 93358348D0B79812CAAA83A1377E4449 . 3971952 . . [6.1.7601.21955] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntkrnlpa.exe
[7] 2012-03-06 . 43711ABF8AE553A7B5FFFF61E60C419D . 3968368 . . [6.1.7601.17790] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntkrnlpa.exe
[7] 2012-03-06 . 07B026E7A2C873D09F0073141EE2099E . 3972464 . . [6.1.7601.21936] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntkrnlpa.exe
[7] 2011-11-19 . 31C59B0CA08B1203E35D2BA19319279E . 3968368 . . [6.1.7601.17727] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntkrnlpa.exe
[7] 2011-11-19 . 2EDA0DCCF5F00CDB91A9ECBE45CB0B3D . 3971440 . . [6.1.7601.21863] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntkrnlpa.exe
[7] 2011-06-23 . 3624D782F8B061B6FBA3A35E2FE53CFD . 3967872 . . [6.1.7601.21755] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntkrnlpa.exe
[7] 2011-06-23 . A4A8EF2ACE5FA5863AA0B04C9BBFECA7 . 3967872 . . [6.1.7601.17640] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntkrnlpa.exe
[7] 2011-04-09 . 102A6182087B18C795664BCD22EB52E9 . 3967872 . . [6.1.7601.17592] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntkrnlpa.exe
[7] 2011-04-09 . 9CF7F5D025183FA10E130445BC071B70 . 3967872 . . [6.1.7601.21701] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntkrnlpa.exe
[7] 2010-11-21 . 144BD78C6103C8616DE047B3532142DB . 3966848 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntkrnlpa.exe
.
[7] 2010-11-21 03:24 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] . . c:\windows\SysWOW64\olepro32.dll
[7] 2010-11-21 03:24 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll
.
c:\windows\System32\drivers\atapi.sys ... Fehlt !!
c:\windows\System32\drivers\asyncmac.sys ... Fehlt !!
c:\windows\System32\drivers\beep.sys ... Fehlt !!
c:\windows\System32\drivers\kbdclass.sys ... Fehlt !!
c:\windows\System32\drivers\ndis.sys ... Fehlt !!
c:\windows\System32\drivers\ntfs.sys ... Fehlt !!
c:\windows\System32\drivers\null.sys ... Fehlt !!
c:\windows\System32\drivers\tcpip.sys ... Fehlt !!
c:\windows\System32\browser.dll ... Fehlt !!
c:\windows\System32\lsass.exe ... Fehlt !!
c:\windows\System32\netman.dll ... Fehlt !!
c:\windows\System32\qmgr.dll ... Fehlt !!
c:\windows\System32\rpcss.dll ... Fehlt !!
c:\windows\System32\services.exe ... Fehlt !!
c:\windows\System32\spoolsv.exe ... Fehlt !!
c:\windows\System32\winlogon.exe ... Fehlt !!
c:\windows\System32\wuauclt.exe ... Fehlt !!
c:\windows\System32\drivers\ipsec.sys ... Fehlt !!
c:\windows\System32\eventlog.dll ... Fehlt !!
c:\windows\System32\sfcfiles.dll ... Fehlt !!
c:\windows\System32\drivers\ipsec.sys ... Fehlt !!
c:\windows\System32\regsvc.dll ... Fehlt !!
c:\windows\System32\schedsvc.dll ... Fehlt !!
c:\windows\System32\ssdpsrv.dll ... Fehlt !!
c:\windows\System32\termsrv.dll ... Fehlt !!
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-01 18:33	222832	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-01 18:33	222832	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-01 18:33	222832	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 00:41	1729744	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 00:41	1729744	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 00:41	1729744	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2012-01-04 08:58	442880	----a-w-	c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2010-12-15 207400]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-07-04 191528]
.
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
B3AEC8EA5.lnk - c:\windows\system32\rundll32.exe  c:\progra~3\5AE8CEA3B.cpp,work [2009-7-14 45568]
WISO Mein Steuer-Sparbuch heute.lnk - c:\program files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe [2014-3-15 1427736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R0 amdxata;amdxata;c:\windows\System32\drivers\amdxata.sys [20.05.2011 22:46 27008]
R0 CLFS;Gemeinsames Protokoll (CLFS);c:\windows\System32\clfs.sys [14.07.2009 00:19 367696]
R0 CNG;CNG;c:\windows\System32\drivers\cng.sys [13.11.2013 16:57 458712]
R0 FileInfo;File Information FS MiniFilter;c:\windows\System32\drivers\fileinfo.sys [14.07.2009 00:34 70224]
R0 fvevol;Filtertreiber der Bitlocker-Laufwerkverschlüsselung;c:\windows\System32\drivers\fvevol.sys [10.04.2013 18:18 223752]
R0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [21.11.2010 04:24 14720]
R0 KSecPkg;KSecPkg;c:\windows\System32\drivers\ksecpkg.sys [11.11.2014 22:15 155064]
R0 msisadrv;msisadrv;c:\windows\System32\drivers\msisadrv.sys [14.07.2009 00:19 15424]
R0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [14.07.2009 00:19 50768]
R0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [21.11.2010 04:24 213888]
R0 spldr;Security Processor Loader Driver;c:\windows\System32\drivers\spldr.sys [13.07.2009 21:27 19008]
R0 SymDS;Symantec Data Store;c:\windows\System32\drivers\N360x64\1506000.020\symds64.sys [07.10.2014 06:41 493656]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\N360x64\1506000.020\symefa64.sys [07.10.2014 06:41 1148120]
R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;c:\windows\System32\drivers\vdrvroot.sys [14.07.2009 01:01 36432]
R0 volmgr;Volume Manager Driver;c:\windows\System32\drivers\volmgr.sys [21.11.2010 04:23 71552]
R0 volmgrx;Dynamischer Volume-Manager;c:\windows\System32\drivers\volmgrx.sys [21.11.2010 04:24 363392]
R1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [06.01.2015 20:15 1622744]
R1 blbdrive;blbdrive;c:\windows\System32\drivers\blbdrive.sys [14.07.2009 00:35 45056]
R1 ccSet_N360;N360 Settings Manager;c:\windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys [07.10.2014 06:41 162392]
R1 DfsC;DFS Namespace Client Driver;c:\windows\System32\drivers\dfsc.sys [21.11.2010 04:24 102400]
R1 discache;System Attribute Cache;c:\windows\System32\drivers\discache.sys [14.07.2009 00:37 40448]
R1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20150123.001\IDSviA64.sys [24.01.2015 01:18 668888]
R1 nsiproxy;NSI proxy service driver.;c:\windows\System32\drivers\nsiproxy.sys [14.07.2009 00:21 24576]
R1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\System32\drivers\RDPENCDD.sys [14.07.2009 01:16 7680]
R1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\System32\drivers\RDPREFMP.sys [14.07.2009 01:16 8192]
R1 SymIRON;Symantec Iron Driver;c:\windows\System32\drivers\N360x64\1506000.020\ironx64.sys [07.10.2014 06:41 266968]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\drivers\N360x64\1506000.020\symnets.sys [07.10.2014 06:41 593112]
R1 tdx;NetIO-Legacy-TDI-Supporttreiber;c:\windows\System32\drivers\tdx.sys [09.12.2014 21:43 119296]
R1 VBoxDrv;VirtualBox Service;c:\windows\System32\drivers\VBoxDrv.sys [23.01.2015 15:13 915864]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\System32\drivers\VBoxUSBMon.sys [23.01.2015 15:12 127408]
R1 Wanarpv6;Remotezugriff-IPv6-ARP-Treiber;c:\windows\System32\drivers\wanarp.sys [21.11.2010 04:24 88576]
R1 WfpLwf;WFP Lightweight Filter;c:\windows\System32\drivers\wfplwf.sys [14.07.2009 01:09 12800]
R2 AudioEndpointBuilder;Windows-Audio-Endpunkterstellung;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R2 BFE;Basisfiltermodul;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [14.07.2009 00:31 27136]
R2 BitBoxService;Browser in the Box Service ;c:\program files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [19.12.2014 14:21 738304]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [11.02.2011 20:39 907600]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [11.02.2011 20:40 997712]
R2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\officeclicktorun.exe [16.03.2014 06:44 2449592]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [22.04.2013 09:02 822504]
R2 DPS;Diagnoserichtliniendienst;c:\windows\System32\svchost.exe -k LocalServiceNoNetwork [14.07.2009 00:31 27136]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
R2 gpsvc;Gruppenrichtlinienclient;c:\windows\system32\svchost.exe -k GPSvcGroup [14.07.2009 00:31 27136]
R2 HiSuiteOuc64.exe;HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe [12.12.2014 19:24 138272]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe [12.12.2014 19:24 219680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [21.05.2011 00:22 13592]
R2 IKEEXT;IKE- und AuthIP IPsec-Schlüsselerstellungsmodule;c:\windows\system32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
R2 IPBusEnum;PnP-X-IP-Busenumerator;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R2 iphlpsvc;IP-Hilfsdienst;c:\windows\System32\svchost.exe -k NetSvcs [14.07.2009 00:31 27136]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\System32\drivers\lltdio.sys [14.07.2009 01:08 60928]
R2 luafv;UAC-Dateivirtualisierung;c:\windows\System32\drivers\luafv.sys [14.07.2009 00:26 113152]
R2 MMCSS;Multimediaklassenplaner;c:\windows\system32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
R2 MpsSvc;Windows-Firewall;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [14.07.2009 00:31 27136]
R2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.6.0.32\n360.exe [07.10.2014 06:41 265040]
R2 NlaSvc;NLA (Network Location Awareness);c:\windows\System32\svchost.exe -k NetworkService [14.07.2009 00:31 27136]
R2 nsi;Netzwerkspeicher-Schnittstellendienst;c:\windows\system32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
R2 PcaSvc;Programmkompatibilitäts-Assistent-Dienst;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R2 PEAUTH;PEAUTH;c:\windows\System32\drivers\PEAuth.sys [14.07.2009 00:51 651264]
R2 Power;Stromversorgung;c:\windows\system32\svchost.exe -k DcomLaunch [14.07.2009 00:31 27136]
R2 ProfSvc;Benutzerprofildienst;c:\windows\system32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
R2 RpcEptMapper;RPC-Endpunktzuordnung;c:\windows\system32\svchost.exe -k RPCSS [14.07.2009 00:31 27136]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [26.06.2013 18:21 523944]
R2 SysMain;Superfetch;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\System32\drivers\tcpipreg.sys [14.11.2012 18:06 45568]
R2 TwonkyWebDav;TwonkyWebDav;c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -start --> c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -start [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [21.05.2011 00:10 2656280]
R2 UxSms;Sitzungs-Manager für Desktopfenster-Manager;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [06.12.2010 11:52 62464]
R2 Wlansvc;Automatische WLAN-Konfiguration;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R3 Appinfo;Anwendungsinformationen;c:\windows\system32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [11.02.2011 20:39 1304912]
R3 bowser;Browsersupporttreiber;c:\windows\System32\drivers\bowser.sys [20.05.2011 22:42 90624]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\System32\drivers\clwvd.sys [15.04.2011 00:16 31088]
R3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\System32\drivers\CompositeBus.sys [21.11.2010 04:23 38912]
R3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [13.08.2014 04:16 985536]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12.12.2014 12:49 142640]
R3 fdPHost;Funktionssuchanbieter-Host;c:\windows\system32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
R3 FDResPub;Funktionssuche-Ressourcenveröffentlichung;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [14.07.2009 00:31 27136]
R3 HomeGroupListener;Heimnetzgruppen-Listener;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R3 HomeGroupProvider;Heimnetzgruppen-Anbieter;c:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [14.07.2009 00:31 27136]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\System32\drivers\IntcDAud.sys [28.05.2011 11:39 317440]
R3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys [17.05.2011 17:27 25496]
R3 KeyIso;CNG-Schlüsselisolation;c:\windows\System32\lsass.exe [15.05.2014 17:25 31232]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\System32\drivers\L1C62x64.sys [20.05.2011 19:17 77424]
R3 monitor;Microsoft Monitor-Klassenfunktionstreiber-Dienst;c:\windows\System32\drivers\monitor.sys [14.07.2009 00:38 30208]
R3 mpsdrv;Windows-Firewallautorisierungstreiber;c:\windows\System32\drivers\mpsdrv.sys [14.07.2009 01:08 77312]
R3 mrxsmb10;SMB 1.x-Miniredirector;c:\windows\System32\drivers\mrxsmb10.sys [11.08.2011 18:20 288768]
R3 mrxsmb20;SMB 2.0-Miniredirector;c:\windows\System32\drivers\mrxsmb20.sys [02.08.2011 16:04 128000]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\System32\drivers\nwifi.sys [14.07.2009 01:07 318976]
R3 netprofm;Netzwerklistendienst;c:\windows\System32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\System32\drivers\nusb3hub.sys [13.04.2011 17:30 87552]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\System32\drivers\nusb3xhc.sys [13.04.2011 17:30 207872]
R3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\System32\drivers\agilevpn.sys [14.07.2009 01:10 60416]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\drivers\RtsUVStor.sys [23.05.2011 16:16 311400]
R3 Sftfs;Sftfs;c:\windows\System32\drivers\Sftfslh.sys [26.06.2013 18:21 767144]
R3 Sftplay;Sftplay;c:\windows\System32\drivers\Sftplaylh.sys [26.06.2013 18:21 273576]
R3 Sftredir;Sftredir;c:\windows\System32\drivers\Sftredirlh.sys [26.06.2013 18:21 28840]
R3 Sftvol;Sftvol;c:\windows\System32\drivers\Sftvollh.sys [26.06.2013 18:21 23208]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [26.06.2013 18:21 207528]
R3 srv2;Server-SMB-Treiber 2.xxx;c:\windows\System32\drivers\srv2.sys [02.08.2011 16:04 410112]
R3 srvnet;srvnet;c:\windows\System32\drivers\srvnet.sys [02.08.2011 16:04 168448]
R3 tunnel;Microsoft-Tunnelminiport-Adaptertreiber;c:\windows\System32\drivers\tunnel.sys [21.11.2010 04:24 125440]
R3 umbus;UMBusenumerator-Treiber;c:\windows\System32\drivers\umbus.sys [21.11.2010 04:23 48640]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\System32\drivers\VBoxNetFlt.sys [12.12.2014 16:01 156224]
R3 vwifibus;Virtual WiFi Bus Driver;c:\windows\System32\drivers\vwifibus.sys [14.07.2009 01:07 24576]
R3 WdiServiceHost;Diagnosediensthost;c:\windows\System32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
R3 WdiSystemHost;Diagnosesystemhost;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
R3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe [23.05.2011 16:15 118560]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [11.09.2013 19:39 124088]
S2 sppsvc;Software Protection;c:\windows\System32\sppsvc.exe [21.11.2010 04:23 3524608]
S3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\System32\drivers\1394ohci.sys [21.11.2010 04:23 229888]
S3 AcpiPmi;ACPI Power Meter Driver;c:\windows\System32\drivers\acpipmi.sys [21.11.2010 04:23 12800]
S3 adp94xx;adp94xx;c:\windows\System32\drivers\adp94xx.sys [10.06.2009 21:36 491088]
S3 adpahci;adpahci;c:\windows\System32\drivers\adpahci.sys [13.07.2009 22:59 339536]
S3 amdsata;amdsata;c:\windows\System32\drivers\amdsata.sys [20.05.2011 22:46 107904]
S3 amdsbs;amdsbs;c:\windows\System32\drivers\amdsbs.sys [10.06.2009 21:37 194128]
S3 AppID;Anwendungs-ID-Treiber;c:\windows\System32\drivers\appid.sys [21.11.2010 04:24 61440]
S3 AppIDSvc;Anwendungsidentität;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [14.07.2009 00:31 27136]
S3 arcsas;arcsas;c:\windows\System32\drivers\arcsas.sys [13.07.2009 22:59 97856]
S3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\System32\drivers\bxvbda.sys [10.06.2009 21:34 468480]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60a.sys [10.06.2009 21:34 270848]
S3 BDESVC;BitLocker-Laufwerkverschlüsselungsdienst;c:\windows\System32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\System32\drivers\BrFiltLo.sys [14.07.2009 02:19 18432]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\System32\drivers\BrFiltUp.sys [14.07.2009 02:20 8704]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\drivers\BrSerId.sys [14.07.2009 02:19 286720]
S3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\drivers\BrSerWdm.sys [14.07.2009 02:20 47104]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\drivers\BrUsbMdm.sys [14.07.2009 02:20 14976]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\System32\drivers\btmaux.sys [24.01.2011 10:24 58128]
S3 btmhsf;btmhsf;c:\windows\System32\drivers\btmhsf.sys [24.01.2011 09:56 274944]
S3 CertPropSvc;Zertifikatverteilung;c:\windows\system32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
S3 circlass;Consumer IR Devices;c:\windows\System32\drivers\circlass.sys [14.07.2009 01:06 45568]
S3 defragsvc;Defragmentierung;c:\windows\system32\svchost.exe -k defragsvc [14.07.2009 00:31 27136]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\System32\drivers\evbda.sys [10.06.2009 21:34 3286016]
S3 elxstor;elxstor;c:\windows\System32\drivers\elxstor.sys [10.06.2009 21:36 530496]
S3 Filetrace;Filetrace;c:\windows\System32\drivers\filetrace.sys [14.07.2009 00:25 34304]
S3 FsDepends;File System Dependency Minifilter;c:\windows\System32\drivers\fsdepends.sys [14.07.2009 00:26 55376]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\System32\drivers\hcw85cir.sys [13.07.2009 23:53 31232]
S3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [17.10.2011 15:51 13824]
S3 HpSAMD;HpSAMD;c:\windows\System32\drivers\HpSAMD.sys [21.11.2010 04:23 78720]
S3 iaStorV;iaStorV;c:\windows\System32\drivers\iaStorV.sys [20.05.2011 22:46 410496]
S3 iBtFltCoex;iBtFltCoex;c:\windows\System32\drivers\iBtFltCoex.sys [24.01.2011 10:22 59904]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\System32\ieetwcollector.exe [09.12.2014 21:43 114688]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\System32\drivers\intelaud.sys [17.05.2011 17:27 34200]
S3 IPMIDRV;IPMIDRV;c:\windows\System32\drivers\IPMIDrv.sys [21.11.2010 04:23 78848]
S3 iScsiPrt;iScsiPort-Treiber;c:\windows\System32\drivers\msiscsi.sys [09.04.2014 15:30 274880]
S3 KtmRm;KtmRm für Distributed Transaction Coordinator;c:\windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [14.07.2009 00:31 27136]
S3 lltdsvc;Verbindungsschicht-Topologieerkennungs-Zuordnungsprogramm;c:\windows\System32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
S3 LSI_FC;LSI_FC;c:\windows\System32\drivers\lsi_fc.sys [13.07.2009 22:59 114752]
S3 LSI_SAS;LSI_SAS;c:\windows\System32\drivers\lsi_sas.sys [13.07.2009 22:59 106560]
S3 LSI_SAS2;LSI_SAS2;c:\windows\System32\drivers\lsi_sas2.sys [13.07.2009 22:59 65600]
S3 LSI_SCSI;LSI_SCSI;c:\windows\System32\drivers\lsi_scsi.sys [13.07.2009 22:59 115776]
S3 megasas;megasas;c:\windows\System32\drivers\megasas.sys [10.06.2009 21:37 35392]
S3 mpio;mpio;c:\windows\System32\drivers\mpio.sys [21.11.2010 04:23 155008]
S3 msahci;msahci;c:\windows\System32\drivers\msahci.sys [21.11.2010 04:23 31104]
S3 msdsm;msdsm;c:\windows\System32\drivers\msdsm.sys [21.11.2010 04:23 140672]
S3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [14.07.2009 01:06 8192]
S3 MsRPC;MsRPC;c:\windows\System32\drivers\msrpc.sys [21.11.2010 04:24 366976]
S3 MTConfig;Microsoft Input Configuration Driver;c:\windows\System32\drivers\MTConfig.sys [14.07.2009 01:02 15360]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [02.05.2011 22:13 340240]
S3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\System32\drivers\ndiscap.sys [14.07.2009 01:08 35328]
S3 nfrd960;nfrd960;c:\windows\System32\drivers\nfrd960.sys [13.07.2009 22:59 51264]
S3 nvstor;nvstor;c:\windows\System32\drivers\nvstor.sys [20.05.2011 22:46 166272]
S3 PerfHost;Leistungsindikator-DLL-Host;c:\windows\SysWOW64\perfhost.exe [14.07.2009 00:11 20992]
S3 pla;Leistungsprotokolle und -warnungen;c:\windows\System32\svchost.exe -k LocalServiceNoNetwork [14.07.2009 00:31 27136]
S3 PNRPAutoReg;PNRP-Computernamenveröffentlichungs-Dienst;c:\windows\System32\svchost.exe -k LocalServicePeerNet [14.07.2009 00:31 27136]
S3 ql2300;ql2300;c:\windows\System32\drivers\ql2300.sys [10.06.2009 21:37 1524816]
S3 ql40xx;ql40xx;c:\windows\System32\drivers\ql40xx.sys [13.07.2009 22:59 128592]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\System32\drivers\rdpbus.sys [14.07.2009 01:17 24064]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\System32\drivers\rdpvideominiport.sys [23.11.2012 20:11 19456]
S3 scfilter;Filtertreiber für Smartcards der Plug & Play-Klasse;c:\windows\System32\drivers\scfilter.sys [21.11.2010 04:24 29696]
S3 SCPolicySvc;Richtlinie zum Entfernen der Scmartcard;c:\windows\system32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
S3 SDRSVC;Windows-Sicherung;c:\windows\system32\svchost.exe -k SDRSVC [14.07.2009 00:31 27136]
S3 SensrSvc;Adaptive Helligkeit;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [14.07.2009 00:31 27136]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\System32\drivers\sffp_mmc.sys [14.07.2009 01:01 13824]
S3 SiSRaid4;SiSRaid4;c:\windows\System32\drivers\sisraid4.sys [13.07.2009 22:59 80464]
S3 Smb;Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung);c:\windows\System32\drivers\smb.sys [14.07.2009 01:09 93184]
S3 sppuinotify;SPP-Benachrichtigungsdienst;c:\windows\system32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
S3 stexstor;stexstor;c:\windows\System32\drivers\stexstor.sys [13.07.2009 22:59 24656]
S3 TabletInputService;Tablet PC-Eingabedienst;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
S3 TBS;TPM-Basisdienste;c:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [14.07.2009 00:31 27136]
S3 THREADORDER;Server für Threadsortierung;c:\windows\system32\svchost.exe -k LocalService [14.07.2009 00:31 27136]
S3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [21.11.2010 04:24 194048]
S3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\System32\drivers\tssecsrv.sys [16.10.2014 16:46 39936]
S3 TsUsbFlt;TsUsbFlt;c:\windows\System32\drivers\TsUsbFlt.sys [21.03.2014 18:44 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\System32\drivers\TsUsbGD.sys [23.11.2012 20:11 30208]
S3 UI0Detect;Erkennung interaktiver Dienste;c:\windows\System32\UI0Detect.exe [14.07.2009 00:52 40960]
S3 uliagpkx;Uli AGP Bus Filter;c:\windows\System32\drivers\ULIAGPKX.SYS [14.07.2009 00:38 64592]
S3 usbcir;eHome-Infrarotempfänger (USBCIR);c:\windows\System32\drivers\usbcir.sys [11.10.2013 18:13 100864]
S3 VaultSvc;Anmeldeinformationsverwaltung;c:\windows\System32\lsass.exe [15.05.2014 17:25 31232]
S3 vhdmp;vhdmp;c:\windows\System32\drivers\vhdmp.sys [21.11.2010 04:23 215936]
S3 vsmraid;vsmraid;c:\windows\System32\drivers\vsmraid.sys [10.06.2009 21:37 161872]
S3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\System32\drivers\wacompen.sys [14.07.2009 01:02 27776]
S3 wbengine;Blockebenen-Sicherungsmodul;c:\windows\System32\wbengine.exe [21.11.2010 04:25 1504256]
S3 WbioSrvc;Windows-Biometriedienst;c:\windows\system32\svchost.exe -k WbioSvcGroup [14.07.2009 00:31 27136]
S3 wcncsvc;Windows-Sofortverbindung - Konfigurationsregistrierungsstelle;c:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [14.07.2009 00:31 27136]
S3 WcsPlugInService;Windows-Farbsystem;c:\windows\system32\svchost.exe -k wcssvc [14.07.2009 00:31 27136]
S3 Wd;Wd;c:\windows\System32\drivers\wd.sys [14.07.2009 00:19 21056]
S3 Wecsvc;Windows-Ereignissammlung;c:\windows\system32\svchost.exe -k NetworkService [14.07.2009 00:31 27136]
S3 wercplsupport;Unterstützung in der Systemsteuerung unter Lösungen für Probleme;c:\windows\System32\svchost.exe -k netsvcs [14.07.2009 00:31 27136]
S3 WerSvc;Windows-Fehlerberichterstattungsdienst;c:\windows\System32\svchost.exe -k WerSvcGroup [14.07.2009 00:31 27136]
S3 WIMMount;WIMMount;c:\windows\System32\drivers\wimmount.sys [14.07.2009 00:29 22096]
S3 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [14.07.2009 00:31 27136]
S3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [14.07.2009 00:31 27136]
S3 WPDBusEnum;Enumeratordienst für tragbare Geräte;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [14.07.2009 00:31 27136]
S3 WwanSvc;WWAN - automatische Konfiguration;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [14.07.2009 00:31 27136]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [14.08.2014 05:41 90776]
S4 Mcx2Svc;Media Center Extender-Dienst;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [14.07.2009 00:31 27136]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [23.09.2010 02:10 57184]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch	REG_MULTI_SZ   	Power PlugPlay DcomLaunch
wcssvc	REG_MULTI_SZ   	WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
FastUserSwitchingCompatibility
Ias
Irmon
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
SENS
Sharedaccess
SRService
Tapisrv
Wmi
WmdmPmSp
TermService
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
.
Rebuilding ... You need to reboot your machine for this to take effect.
.
eventsystem
iprip
netman
wzcsvc
ip6fwhlp
WmdmPmSN
UxTuneUp
Appinfo
BDESVC
Browser
EapHost
hkmsvc
IKEEXT
MMCSS
ProfSvc
Schedule
seclogon
Themes
wercplsupport
Winmgmt
wuauserv
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
2009-07-14 01:14	278528	----a-w-	c:\windows\System32\unregmp2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
2009-07-14 01:14	44544	----a-w-	c:\windows\SysWOW64\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-23 13:40	1086280	----a-w-	c:\program files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 08:16]
.
2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 11:36]
.
2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 11:36]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
.
.
------- Dateityp-Verknüpfung -------
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-LMgrOSD - c:\program files (x86)\Launch Manager\OSDCtrl.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
HKLM_ActiveSetup-{44BBA840-CC51-11CF-AAFA-00AA00B6015C} - c:\program files (x86)\Windows Mail\WinMail.exe OCInstallUserConfigOE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:02
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:02
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:02
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:02
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:02
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:02
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:02
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:03
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:03
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:03
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-24 17:03
Windows 6.1.7601 Service Pack 1 WOW64 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\CMI-CreateHive{BD6FA63F-599C-4F99-99DE-A05742AA2377}\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\CMI-CreateHive{BD6FA63F-599C-4F99-99DE-A05742AA2377}\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\CMI-CreateHive{BD6FA63F-599C-4F99-99DE-A05742AA2377}\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\CMI-CreateHive{BD6FA63F-599C-4F99-99DE-A05742AA2377}\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\CMI-CreateHive{BD6FA63F-599C-4F99-99DE-A05742AA2377}\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-24  17:12:22 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-01-24 16:12
.
Vor Suchlauf: 12 Verzeichnis(se), 300.906.815.488 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 300.208.865.280 Bytes frei
.
- - End Of File - - 2149333A563AF1FA621DE5FFB26A6921
         
--- --- ---


Grüße,

Daniel

Alt 24.01.2015, 20:50   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Combofix löschen und neu laden, nochmal laufen lassen. Sicherstellen dass Norton aus ist, zur Not deinstallieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.01.2015, 21:36   #9
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Hi,

habe Norton deinstalliert. Der Scan lief dann ohne Meckereien durch.

Hier die Log:

Code:
ATTFilter
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-01 18:33	222832	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-01 18:33	222832	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-01 18:33	222832	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 00:41	1729744	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 00:41	1729744	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 00:41	1729744	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2010-12-15 207400]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-07-04 191528]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
.
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
B3AEC8EA5.lnk - c:\windows\system32\rundll32.exe  c:\progra~3\5AE8CEA3B.cpp,work [2009-7-14 45568]
WISO Mein Steuer-Sparbuch heute.lnk - c:\program files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe [2014-3-15 1427736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 BitBoxService;Browser in the Box Service ;c:\program files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe;c:\program files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HiSuiteOuc64.exe;HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe [x]
S2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TwonkyWebDav;TwonkyWebDav;c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe;c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe;c:\program files (x86)\watchmi\TvdService.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
eventsystem
iprip
netman
wzcsvc
ip6fwhlp
WmdmPmSN
UxTuneUp
Appinfo
BDESVC
Browser
EapHost
hkmsvc
IKEEXT
MMCSS
ProfSvc
seclogon
Themes
wercplsupport
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-23 13:40	1086280	----a-w-	c:\program files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 08:16]
.
2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 11:36]
.
2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 11:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-01 18:33	261744	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-01 18:33	261744	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-01 18:33	261744	----a-w-	c:\users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 08:07	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 08:07	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 08:07	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11785832]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-28 2207848]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-02-11 10361616]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ALDI SÜD Mah Jong - c:\windows\system32\Uninstall ALDI SÜD Mah Jong.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2189779353-2093667472-534821050-1000\Software\SecuROM\License information*]
"datasecu"=hex:67,76,3c,74,55,a5,34,7b,1d,02,26,4a,f1,e5,18,6a,0d,68,5d,a9,00,
   a2,6e,f7,16,e2,b5,32,53,a0,8f,e0,09,b7,6d,de,3e,d6,73,22,cb,73,b9,11,70,54,\
"rkeysecu"=hex:de,b6,88,f1,4a,ef,9e,a7,7b,a7,e0,ef,c4,ac,6c,b4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-24  21:33:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-01-24 20:33
ComboFix2.txt  2015-01-24 16:12
.
Vor Suchlauf: 17 Verzeichnis(se), 301.450.100.736 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 301.256.556.544 Bytes frei
.
- - End Of File - - 3D37EA9001A6A4247C5B7C2E5770AA48
         

Alt 25.01.2015, 08:58   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Das ist aber nicht das komplette Log
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.01.2015, 09:04   #11
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



hi,

hab ich mir schon gedacht. Mir ist auch aufgefallen, dass scheinbar am Anfang (?) was fehlt... Ist aber tatsächlich der gesamte Inhalt der Log-File.

Ich neheme an: ComboFix löschen, neu laden und nochmal laufen lassen ?

Alt 25.01.2015, 09:09   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Nee.

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.01.2015, 16:16   #13
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



Hi,

hier die neuen Logs:

MBAM:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.01.2015
Suchlauf-Zeit: 09:29:03
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.25.06
Rootkit Datenbank: v2015.01.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Daniel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 381403
Verstrichene Zeit: 53 Min, 24 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.Softonic.A, HKU\S-1-5-21-2189779353-2093667472-534821050-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, In Quarantäne, [e4b650aba6e360d6d544166a1ae9a957], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2189779353-2093667472-534821050-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [b5e5f10a4346f640475a17bf679d35cb], 

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2189779353-2093667472-534821050-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0OtGtAtH1S1G1XtGtDtH1GtGyEtH1X2U1P1GtFtB0D, In Quarantäne, [b5e5f10a4346f640475a17bf679d35cb]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

AdwCleaner:

Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 15:38:12
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Daniel - DANIEL-PC
# Gestartet von : C:\Users\Daniel\Desktop\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Device
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\FileViewPro
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\DesktopIconForAmazon

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v40.0.2214.91


*************************

AdwCleaner[R0].txt - [1644 octets] - [25/01/2015 15:25:12]
AdwCleaner[S0].txt - [1515 octets] - [25/01/2015 15:38:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1575 octets] ##########
         
JRT Teil 1:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Daniel on 25.01.2015 at 15:50:15,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{001BFDF0-EC74-4E77-883C-1359DAE8C84E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{003CE381-CE33-42A4-85E3-7C349C293119}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{004D85AF-635A-48E9-9BF6-AD14E1DF894A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{005FA9C1-99F0-4613-9788-D395C4C9E88F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{00A70E9E-D6B5-4C7F-A3B8-541C378EAD48}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{00AB1D4F-F394-435E-AF57-452CC22231DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{012E3772-8F61-4CB2-B87E-A8BF534344B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0130F0E8-284F-4083-A332-46C2A9F5EF10}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{013DD1A2-67B4-48BF-BD1E-AC001198A700}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0162BE60-4925-4BA2-8324-759DD0C22A7D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{01656465-AEC0-4BB9-81EF-70379460AF4A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{01876128-25D0-47F3-B1F9-BE6991A70306}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{01E20707-0B08-4120-BB54-8DD6B896B022}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{021E610D-B884-4363-A3E5-6E388268F06F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0251776E-B871-4BF0-94E7-EA7D238BE85D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{026C1A3D-E1C2-4E69-BC29-D9F94625E271}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{02AF7EE4-5AFC-4EB7-A35B-172521B9DCD7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{032D429C-9656-4DD0-B176-A4FBDD29507F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{03482A2F-B7D3-44E8-8FCF-38E41578A285}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0349A131-1FCF-4BC7-A080-4DA921A9831C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{03938D58-DFB4-4B5D-B770-867FD730C730}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{03BB60ED-E685-443F-A7A1-351B1FC9F5C9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{03DEF5E9-ABC9-4EF4-9B07-450A5E8AEEFB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0450C402-A9FB-40F1-B30E-983E3F8CE635}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0463D3B7-F5E9-4A3F-A186-F360F9A5C587}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{046E514D-6A27-4416-B7DF-0C42CE45BFBC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{04B25DFA-288D-4C8F-B455-279E8D5B7DBE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{04B39EF4-29B0-46ED-84C6-D07718AFFF44}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{04B880BD-BB3C-4512-93AA-5B99ADEE3DC1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{04CCB583-5E5A-44FE-B5FD-A5D07AD24178}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{04E7B499-F1FE-47A9-B24B-A75880292796}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{052331EE-7103-4F25-8788-87096A3901DB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{052C2FB5-5C59-47D2-A030-AFC2F2564D43}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0580AA0B-2D65-48CE-8827-97220BA84989}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{05A5241A-301B-430A-AC44-666A00768DC7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{05B8B0AD-ADBC-4322-A41E-FBFA2D51DE06}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{05B8C9B2-61F2-4C33-85CD-DE961088C52C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{05D13AA2-0985-47B0-91B0-2DE9428ED299}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{06387E5D-0929-42F3-83D9-86B9774BFB89}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{067A33D8-8165-40F3-B524-EC3807E2397E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{06BDD988-6353-4D2B-AD14-6A45F2473389}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{06C62ABF-EAF6-412C-8633-F2CE9E7CA50F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{06CC9E3E-0ACC-450C-8EC5-2F107C200337}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{06FDB1E8-2571-49D7-B1B5-7E79BA29495A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{07007E80-5FEB-4250-B79E-C354092D2877}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0719FB96-BEC7-4B1E-8FB3-4916123C6937}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{072F9B56-001B-4C1E-AF13-E160EA942359}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0788CA89-E56F-4C5B-95C4-17BEDF80E28F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0790E6CA-9B58-448B-A418-68301AF111B4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{07930435-E600-4A5B-B1F5-5EC7F77D5569}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{07D85EAD-EDED-4933-8634-F9E0CA5F8A8C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0802C0FF-51AA-4659-9550-6641410C5BA5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{08166DC2-C094-49FE-9B59-79C28CDD4868}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{083FBE1D-0E97-4EBD-87CC-E79566A6BD80}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{085BE0D5-B5D6-452B-9F4E-AB2BE4AF823A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{089024ED-8F4F-4A3B-8AE6-4EBACED2A5A3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{08D42BE9-45EF-4B69-AC19-4C6EBBF0DFBD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0937F92F-CD9A-4854-BEFD-7DA52323A460}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{098F2EDA-FBDC-410F-9027-A63BC762DEB9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{09B2C252-BEF4-4783-96D0-68E9389E79B8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{09D5B1A1-0463-4551-A371-B771A674FD25}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{09E89F87-7D96-4935-B012-880D49A393BE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{09FF7F12-66E3-433D-86D1-EC496EB77FE7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0A0FDE6A-6092-4762-B8AA-497F64BAADBB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0A37959B-3580-4509-8ED4-64052338C3E2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0A44D600-9304-4DE8-89F2-53AA41F28C89}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0ADBAC64-12C5-42AB-B1E4-38122E4E9E8A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0B065EBF-8D74-49CE-A32F-F6CF8A19F16F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0B659E89-5B33-476A-A862-B2168301781B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0BC9C6D6-3EED-4BA2-8360-6F86F2D27BDD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0BCAA1E7-480E-4728-8D5C-8268A9533425}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0BCD3654-248F-4980-9063-8108E5CA3746}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0BF1BA02-7BB2-43A6-A9FA-880F3E6DEFCB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0CB264EB-762E-4883-AF30-36479EE5E96D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0CB36B76-C850-4B2E-B518-A4CCB22610CD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0CDD94D8-FAAC-42E1-8747-83709019A96B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0CDF5B19-B980-4568-837B-F7A7B4D8E738}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0D1599A7-86C9-47E4-913B-A0C3F823D865}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0D250FF1-DB18-42C1-AFFF-1FC72FD47CB8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0D27E9AB-7B9B-418A-A750-62AA25008205}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0D78888E-AAD6-4EC5-B9CA-1B5BB52C2AF8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0D7AA9EB-3723-4D35-A4CB-AD4AE542237A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0D7ABEC9-6E51-4AA3-9A8F-A2B5B9AAE4A4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0DA0C8E6-2D9D-4E2C-A55B-21D97E7DC3AC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0DC9A2D8-EC94-49E6-86D2-5BCE3D9C7028}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0DD7EC0D-2ADF-4BFD-8B1C-891E8424DCFC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0DFD0C64-C120-4D31-BB12-CF2CB4FBDCF6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0E41C724-BC2F-4F72-A3C4-56738DA31A60}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0E522F1D-9687-458D-AA71-E0ED2535B120}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0E564868-7831-40A7-8FEE-719074CAB9D9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0F1ABB6E-06CC-488E-87A6-F29EEBF94D9C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0F5F9AA8-C057-4C2E-B9E3-66300DEB0C74}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0F7E0932-9D9A-4145-8505-B7FF6F987A5C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0F81F31B-490B-423E-8F1C-0AB8E920876E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0FD39D95-A17F-4C81-A519-965B684F5773}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0FE3EDF3-08CC-45BB-B4DD-D45999869C62}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{0FFC034C-C89D-425F-BC44-C44C445F2735}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1042C97A-80B2-4F6C-A21E-1C9143357620}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{106735F1-FB50-4217-8169-A7E416682D56}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{10760A05-FC02-4876-BC39-EB64ADF7A8A7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{10840064-04C0-4307-B0DC-05F29CCE2CEC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{10FC4E08-1B96-4D77-93E6-111F9604C2E7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{110FF5E3-A39C-44BF-B28D-4DACCEDDD126}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1185A24C-813A-4D33-B844-99D0E927E055}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{11CFF605-8D9A-4734-AC86-6C058BA38DDC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{125764FC-F759-4E0C-86ED-9F2A395C0B48}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{126E46C1-793C-4042-8F27-16B6475E16AB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1291C523-7AC4-46BA-8755-6832C4CF835A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{12A30E62-C61D-42A3-807A-67719328EA3B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{12E0BA07-AA6E-4CAA-B416-048CFE4CA3F5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{12F2C0ED-0A48-4188-9745-75E4C29CB3F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{132E777B-5A1C-4D6A-BE72-05B455D93D45}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1332AFF3-610B-4EE2-9631-EBA410319BD9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{133477ED-4D98-444A-98DE-17723A917A1A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{137B119B-376A-4343-A655-1F0B8153A9BB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{13923D88-6AD6-4BCF-8C29-8A7A118C5224}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{13C3F27E-3C30-4045-AEFE-D3A2F3B83DF0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{14757C37-1565-4D69-B624-50C3DD4F21A9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{148C461D-ED24-46B1-B53B-1D72353C38EB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1493ADEF-BA9E-494D-B885-5F6E7124F3B2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1593D056-2C78-4B6F-8CF4-4E30A73DF000}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{159C21E9-F6CD-4860-85A6-5D26F26AB04E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{15CA1C1B-F2AF-42E0-A8F2-DD02D9D50FE3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1600B75D-2318-4286-B12E-CABD8C3A5AE7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1614D831-FCF0-4D42-B8D5-9B06062FDCF6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1643EC7A-A42F-4E7C-B89E-967BB408DE69}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1646BD3C-50FB-42A6-913E-9A546BDB84A3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1654DAE7-0048-4109-AFAE-DA433E33C936}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{167C89D0-5498-498E-8733-8D6207783D67}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1717D616-9B59-41B5-B264-74E78CE04BD2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{171CBE21-1F73-4045-B81A-979C0F0A1A4B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1728C8B8-6161-405F-8AF7-3715E8DB9650}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{176950E3-CDFF-4F98-ABE9-23CA3E07FBC1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{177B031E-6FB7-4B33-B938-BBD233E49173}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{177D8505-CB11-45A9-9A21-16EDA8C51276}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{17B07B24-943E-44F9-B544-153E50FA669B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{17B4DE87-4967-4683-9825-D617E446CDE0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{180CAE33-BE1A-413A-8920-0AB07632ECB5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{182366A8-ADFB-455E-936F-5E6C2B64B689}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1868863C-FE59-4EBA-8BA2-C5777FC49D2C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{187D84E8-2884-4F36-988C-432FF546A619}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{188CF73A-60AF-40FB-B96B-A0EA671B17F6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1898F646-293E-49C0-9C13-423D734AE7DA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{18A60786-E872-4363-97AD-1296E9B5BC7C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{18ABADA9-BFD6-434C-8AB3-28BE4A933E60}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{18C0C6BE-A84B-445C-8E7A-9E10BEC2C2DA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{18CF9DEC-B382-4D05-B689-D10505554124}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1916FA67-E045-478F-A915-133D05076461}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{191FAEA6-B93B-40D7-9961-DB53668E58D5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{19404135-030E-4254-AB6E-42C44FC4B922}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{199663FE-5E3C-44F6-B77A-DEB10E3A90CA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{19A48775-C384-4594-A706-E8FAD9874BC8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{19D4918C-4E8D-4B6D-905E-82F27BE1D569}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{19E73EEF-E254-44C1-9D89-9D72BDCBBD2A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1A14B63D-C754-4968-8D98-89E91DDE0C09}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1A2707AA-DE6A-4B54-9121-74F4E144F21A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1A513DB3-F3CC-4700-B82C-572A56F604CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1A835813-9959-4E0F-A57B-978954F82DEC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1AB37606-4F04-40C2-976E-7A4B4F04904B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1AD2E705-D41C-4F94-BEAA-ABD42D968310}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1B246034-9485-41D7-8933-0135F02DED7D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1B476D09-5D3E-4B76-AD1C-E485A7D7217E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1B6AFC9E-FF79-4B7A-900F-3E1121EEE633}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1B794BFB-CC8F-4EDC-B15F-C384404FA2D3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1BFF4B68-E306-4BA7-896C-28FACB030ECC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1C0A4D8A-9EE1-4E06-AAD4-333F71A4C060}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1C395F34-05B0-457C-B41F-A72F8759DF79}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1C495710-5B5D-49AD-8D44-1269CB8447B7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1C89453D-BC10-474F-AA9C-21B75982E866}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1CA3FEB2-A6DA-4069-9AB1-787215DA4350}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1CB975BD-2D0B-45F5-9CF3-877788098733}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1CC54CA4-17CF-4878-A024-8A866EC896BA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1CDEF252-CCEA-4695-8889-999A06D63967}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1D452175-1F46-4B2C-B59D-796FA8BF37B6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1D61667E-56E8-41EE-9658-3D15E0D253AB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1D871688-F0CB-4182-9C9F-77E6D8146261}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1DBAFEFC-B624-474B-A20F-647C44C957D9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1DDCD5F1-E94F-4BA7-AAC3-CA8BC58263C7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1E037F4E-5A8B-43D9-9914-DCD87149C21B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1E19D203-D171-41A6-A904-493AE90E2D91}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1E417131-41EC-4135-A395-AC73B5C36480}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1E4DD8EE-79FD-40B7-AB30-31551F24701D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1E59E4B8-03C6-4773-80CA-B278DD130F3C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1ED5BAAB-38A6-40B2-9B70-12F47F0FD69D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1F0D1E5A-96A8-4E45-80E5-D556151103D3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1F2A85CD-A400-427A-9182-F6935F675A8D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1F90010B-94C5-4D0B-B6EB-91D3069AC946}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1FA51E89-0683-4F27-BF71-02152BD455C2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1FAD901C-9C74-4F04-9EEC-424C15D3CD63}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1FDB5A40-B064-4DE2-A628-2ADE655423ED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{1FEFD7A8-D341-4A0A-AF1D-E0420BDE08FF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{207A660B-76F7-4971-A656-70D32A82172A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2084707E-958B-49CD-9D6F-35DEDA9BDB84}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{20A8770E-0FBF-41E8-B5D8-CFFA66E715B2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{20B8DD13-C810-492B-B6C5-10C442DE07C4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{20BDB3F9-D055-41DD-8F9C-FA0DD18BCC43}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{20C04B4F-2394-4D4D-A6F5-21CB1D1B24E6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{20D1AE5F-D5AA-44FC-A3BC-8B3B6EA21878}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{20DC9DAB-0323-4C09-BB60-A2237841D7CA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{20EA1029-CDDC-463F-9AEB-A1D6CC773467}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{211EF4B1-2AC1-46A3-9FE5-5BCF582F05D6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2133A334-D4DC-4871-975B-A89A021360CB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{213F7DE7-4E24-4658-A087-7C0102835E78}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{21779FFB-219D-4202-AFBD-9C1D8C379D55}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{21B121B2-1E23-411B-AB26-B9DCCF6A7866}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{21B60B2E-91A4-4C7A-BCD3-1AAF95A3B916}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{21DCB2D6-6A0B-42CD-A970-CA5F9CE7EB26}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{22409E31-EFE5-48D3-891C-275C2B798C31}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2298F2B1-6628-482C-B76E-4B1F177B80BB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{22A2F7C0-A76C-46D6-A788-5DE8265B5403}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{22B76C68-1989-40AA-8699-F795D6335575}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{22E6FF06-BCF4-478E-94E9-BA20B593DDC5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{233233E9-ED89-485C-A089-A30D5DB36DE9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2343DDC0-B844-4417-8183-9F793396E2F2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{234DBBA9-5658-430D-881C-BFBE4F50D478}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{236E3955-8587-49CC-A9BE-7C5B130A07B4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{23A1CEB4-F60D-4728-97A0-28B4C8B70139}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{23BFD9AE-7AF1-4E8C-9EDB-1FB7C3D06680}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{23E8781E-34B9-4E93-8BDF-4098D14A32A4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{23F70C40-9129-4372-A435-78AFD091D9CD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{240580B4-9FF1-425C-A191-4C3499562705}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{242FC85D-9378-415B-98BE-9B235D95DE84}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{243208EF-1248-4E15-80FA-C4177FBFB62B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{243F85AB-CD81-4125-9215-8A27CF949A8C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{24438A79-1A8B-45D4-A75F-B84DCBE93EFE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2444230C-80E8-4FD6-AFDF-767ACBE3EC88}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{24476D6F-6C22-4819-AB5F-A5333E4218CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{24555A44-8636-4034-911F-4811C8D54633}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{248182BC-59B4-4876-B9F0-9F34A94756FD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{24C04CB9-0896-4D2A-8746-88A9C74D43C4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{24C1EA81-F3A8-4BE0-AE04-F37FDC1352A3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{250823EB-0730-4856-8EF2-675F72A311B0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{250C5FC6-C871-4A8E-97AE-7F156C950886}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{253730D2-5C8F-4103-9132-1AE2816DA3E0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{25432611-F2F9-470A-918D-D6D6F49257C6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2585166A-9B6D-450C-A27C-2AE9E03B6F6D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{25935BFF-A3BF-48F5-9069-B3376860A9CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{260BA326-C2E7-46AD-916D-F3FF1C3418E7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{261D3973-5246-4DA6-A123-C238289F8D5B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{26218420-F27A-4C4B-8CB7-CAE6DC0BCB97}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{26591206-5757-4836-A8CD-DD5501475334}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{266A4A4B-3E8D-4A72-AB4C-6F807202FA18}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2679CE69-D6EC-41AC-B4E9-B4C915E89DA1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{269AE4DA-3A97-4FCF-B05A-E198F3C5BBB9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{26C73FF8-45DF-4EF5-97A3-3EBA6BB39FB9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{26D68344-2122-47F9-98BC-992671BFE5FB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{26E1E160-BD5F-4BE9-8E28-FAE1AA4CB39D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{27136C7D-7528-4DF0-8BAF-3485342238D6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{272923BA-FB31-4864-A558-C183AC50E779}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{273BDCA4-E083-490A-A083-F5700A4A8998}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{279F095E-749A-4D92-8FF4-FAE3ECD15550}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{27ABFAD5-E3F7-4586-B0D6-CA6F84D2478E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2810CC3A-2261-41E7-9B1D-696DE0F28FC0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{281D2E9F-EA88-47CA-BADC-321667341C93}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{287C953D-56BD-4785-AA15-AE7F2DD74A82}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{293CF305-AA79-4921-B023-D2998A6838BC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{295EAF55-D3A7-4383-9875-1577F76B583B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{297F9897-E9AB-4EBD-80BC-B08C40BD7939}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{29851763-5660-4B78-8C0C-F777282C8A3F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{29C4738B-368D-4E6E-B01E-8A281CFEAEE4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{29CCACCD-1CC4-417D-ABCE-527DFBCEA055}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{29DBE1B9-32D1-41D0-B0CF-98EE22B99550}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{29E098F8-986B-430F-B5ED-CEE138C44FD8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2A2D6BFD-D3AE-4906-BC31-3124EF2D962D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2A34F499-CE02-411B-A8E2-110193FE78C5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2A389A8F-D43A-4E8F-92AE-4CD25CD3A660}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2A5A4728-C75A-4EA3-92F6-76FD84CC244D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2A96446B-B898-49EC-8768-F58A19EA767A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2A9991F1-03AE-4C19-A77F-4235439103C5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2AA8C173-7CA6-45DF-8883-1BF75D6244EF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2AABADEF-1092-4D7D-B906-E16643C9B174}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2AF62974-8FAC-465C-9C8C-8F1057750CBC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2B12D6AA-6602-4111-B4BE-BC16F075BA0F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2B17D9C4-018C-492B-A700-B13C39163A31}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2B27B2B5-344A-44F4-9756-1E177B4AED9E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2B6E735C-6130-4F56-96B3-0BAF39454C48}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2B8FDDB9-4FBF-40D4-B2BC-39E33089E768}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2BB80D4E-1470-4508-B08F-39D8867A081D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2BBCC039-5ACA-4ADB-92AA-343B93676733}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2BBFF693-DA7C-439E-9248-F15ED45337E7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2BC28336-D8C3-4A0F-A516-D08BA172EA07}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2BDCD6FA-EECE-4B0A-9859-E58A21F83A95}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2C1DFAD4-D343-4278-BCC8-F83AB0C014E0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2C389E35-5EF8-479B-94D5-9075C75A0F03}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2C4AD83C-8E58-490F-A0A5-DE52215DE8FA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2C61D405-44E0-4FDA-89B5-D4A1C0BB453C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2C65A058-25FF-4699-A1FE-4AA257EB96FF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2CC4B30F-1087-43A1-9DA0-45E99545A81C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2CFBC13A-B593-4E5C-AD40-6E5D5A6DF1C3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2D238868-D76C-4817-BD3F-B48F0FD5A89A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2D31ECE0-6101-4DC1-AF5F-FDDA8F0B7697}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2D45F179-CAD1-41EC-94F5-9875AA024B46}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2D74E816-F653-45FE-A88B-2B06576BD8AE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2D91DC35-A642-49AE-8E29-F47621A823ED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2DC1B66C-35A6-4258-AA48-CD97F45859DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2DCECF51-D63A-42F1-9033-8D1E2BEA52E9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2DD110FD-4F7D-4C2D-B77C-7CE2A2A02C89}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2DEEA958-0030-4754-8E4A-6E2BBEC7CC72}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2E1793B2-FDBA-4A9D-A68B-E904BA645061}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2E8BF824-640F-4ADB-B8AA-1FC8CB834680}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2EE5B56D-7B7F-4424-93D8-CAA387822E5E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2F46CFEA-1F48-4457-9C43-8F59304DFA99}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2F74CF11-ED1D-4AF5-87C6-6FD2F181479F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2F8732BB-F4CC-487C-9402-AD94DE00AFCC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2F9FAB96-8D77-4DC2-90BB-D13D6BE1310C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2FAA9B91-5EA5-452C-8ACE-09878041CA08}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2FCFB5E2-9601-4474-A1D4-5F6E96EE9AC6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2FD5EE80-559F-45B7-9DBD-7C6DDD51F4D4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{2FD93030-33FC-468E-9E8F-3D999E53D339}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{30082DB7-E4A4-458E-BEFD-A75DFDE27E4E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{301023E2-E3B4-44B8-B8D0-70B9CF996C20}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3085986C-AAAC-46C5-8C1D-F97648D6614B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{30898F5D-6CDD-40DE-A457-61E9B425DA71}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{30ADB014-D1DA-4F24-9A08-C4E0B084D901}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{30B89428-B2DC-408F-BB9D-0CA544F93550}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{30BA5620-5CE8-4B1B-ABE4-F8C3E85BECB8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{30D464A1-8FDF-4EF3-B62C-0C7BC606154E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{312C99DF-3ED3-455D-95CF-D0C12B2F0A9A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{31808E87-CB7C-448E-9922-FE940E237908}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{31C8A2E2-C124-4D2C-9057-65564CD41599}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{31CAED0F-C585-4915-B449-545DA6C920A9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{31DC3C75-9BAD-40BC-AD0C-5699ED217866}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3240CBA0-6EE3-46BF-B666-241F51BC55A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{325A5009-6B26-4568-9B1A-209DBCD5BD8D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{327D6D63-6F39-44EB-B6D7-EF067987D240}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{32B76103-362A-4DE8-A3D4-5B379BE27CF2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{33069834-D717-4F2D-96D1-E634F56762C9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3312A018-A50C-4C2E-9B7E-81FF42DA04D7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3318E0A1-6F6A-4082-8CC4-2F25385D9099}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{332D42CA-CDD7-4496-A932-3E3CDD50C7BD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{333BAE58-861F-49A0-A240-86A3F90C09FF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{333E9241-2C75-438F-9BC2-B7EA12A228B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3376CDFE-5BFD-4AF8-A4C5-86E7632A425A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3380D7CA-134D-44BF-8F23-C80E96ABA95A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{338C597A-BBE0-4535-9011-11252EA61569}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{338D7581-C3AD-4411-98E2-BB773ABFA545}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{33C5080F-F5AE-4F06-A383-EB5AAEB14E35}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3407AFC3-9FE3-4605-82DD-784AE304F1B4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{342BF1F9-9C55-47FA-857C-3A30183EBC44}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{342F2DA2-FC00-4423-9C3E-EB61C8457EFB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{34329C32-0715-43B1-9E62-A0351E29ABA6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{343AA480-E4D0-47FF-9717-53E6C0A69C3E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3455279E-BD6B-4F01-B494-68A6CD59205E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{34580ABD-3EE6-4234-83DA-14FDF085F4F0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{349B35E7-267B-4922-AA25-F3D0B9D3EA4E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{352860D2-C641-4D30-BA63-DA8DDA7E6B1E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{35439D8C-24D7-428D-BF4D-2BD5362DE0F2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{354A1D2C-46B1-4D99-8675-4AE5AF0001B0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3576BE20-6E42-40C5-BC48-970C10D457F0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{35896142-D989-4B80-8397-52A7F6D6AC6C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{36237665-98E8-454A-83A2-D066608BEF60}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{369F0D32-A945-4B75-B1CD-59CA7C5F1E7C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{36ECE63E-2A26-41BD-B7F0-3BE1CC19F5E3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3727DF40-CDF0-4009-866F-90D2AC41849C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3733B192-9C0B-47D3-BA5C-7F3B6DCFC703}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3740D2D2-07F9-4A4D-B570-A3D119586BC9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{374821A6-9095-4FB9-BB7C-2CB04EC4D878}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3782BB38-123A-48E5-BABB-3E8B902CC0B6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{37AD54B8-7E61-4BF2-AC82-9CE56E3F2D1F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{37C83478-132E-4239-B4FE-EC78B8469941}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{37EE8D18-A0E5-4EC5-B0B0-24A5D339D36D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{380FFF8F-EF22-46E3-AE1C-E98E6FDDCAC5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{382FA924-BE87-48BC-9EAD-AFC9C2AEF4DA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3844E661-41BB-4995-815F-23D80BC408F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{38485FC4-2697-447B-A7BB-A64C17834D6B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{387BA846-9D1F-4579-8B06-CFA788CDAC8B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{38CC1481-8692-4A59-94EF-263F4B6B67F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{38E78AFA-F750-4ECE-9119-1345AE65E72B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3904FFC3-4539-4538-93A7-9D674872A33A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3920BEA2-BEB0-4D35-B8D4-CE5B791345B9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{392DB97D-5EF7-48A6-8B42-CB502FC922F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{39769D53-3920-44FC-B79C-6F5CC33B6625}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{39A77117-DE68-4ABD-8D64-0314009089C9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{39ACF1CE-5D6A-4444-8CD5-07B8E9A43EA3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{39D21BAA-75B8-4DAD-B0D1-E522B3C01332}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3A804D7A-0B55-490F-87C2-311DE1230446}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3A8C2A7A-C478-452B-A1DD-10BFB2EF655E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3AD45C9C-C9DA-4ED2-87FA-678F39CAFF5B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3AE21AA8-5603-49CA-A177-B7A11D7CC0E1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3AF19658-347E-4CC5-A646-C7C6B414BB76}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3B32C174-07FC-4C2E-8AB7-C16AA4F20DD3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3B337182-7A4A-43CE-846B-E4BBC053A66B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3B752D07-D694-4D1C-A1C3-4CF6A2D8DDA8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3B894C40-82EB-4F6C-909F-CB389C892654}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3BF4F0A6-D468-4D93-88AF-6905AABB4FDE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3C8DE99D-8001-460D-85C1-734F3FF7ED1C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3C9D7E0E-7EEB-4BE0-840D-351D26413872}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3CB15B3E-DD86-4946-9606-79EE23ACA62C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3D16645B-E512-4DBA-AE50-635FEAA14C97}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3D2DB242-9DAB-477B-A646-B6E289966E94}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3D5529BE-E6E2-467F-8213-1D498EF91308}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3D9C0053-B848-4271-9D86-85C74AB0A7C1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3DCE922E-6B7A-40A8-994B-BF45B883C663}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3DEE174A-0A9C-406F-A769-9D59B22483F9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3E7E8C9A-6D75-4C83-9353-E94DD19FD52E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3EA1A97A-9487-4058-95F0-299E3C828DC7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3EB517CE-E6F1-44EE-B732-B62F7955FEF1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3F09B1E8-1C90-4649-8D3F-8D9C40715534}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3F51BA7A-849B-4E4A-8F24-EC157FE7E5B0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3F68B149-1802-41DF-BA8F-2B1268B4809D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3F9163A4-7FFF-486F-8A2E-5B40E06EE34B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3FAFD80C-FE5C-41ED-950F-B8AAE1C2E76C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3FB52EF2-145B-4992-9F51-667A06D6DC3B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{40225403-F194-4C45-8FCD-0CBBF80A90DD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{40233460-A379-4AE9-A975-A18C5CCBD76D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{402B7D93-9937-4B47-B4C8-210006C294B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{403BCDEB-0A6C-4514-8DE4-DA22B9CD93B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{40638EDB-D465-48C2-AB1B-184B80C5C426}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4082E5EF-EF0B-4F68-BA54-E4E2E9847F73}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{40A4F60B-7D4C-4991-BB56-74CB9643F8BF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{40CE61A4-01CA-4C21-827B-8A101D9619C2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{40E43755-F571-4281-98FA-69D468B62212}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{410CCD9F-81E5-4C79-90CC-62B4D21552DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4112F112-1AA1-4A81-8274-2398C8DD07BD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{41178C2F-C27B-4E69-890F-BFF6F1F6ADA4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4127D322-B28E-462E-99CD-3BB03788E66F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{41A04E05-D042-44BE-B7F5-AA7D32D87B64}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{41A0CD2C-1A20-447D-BB12-232E832B55FF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{41AE5A3B-D794-47DD-9291-189EEAA7E380}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{41BCEA74-E660-4966-AD5B-98DA2FA1C735}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{41F8EFB7-FBCB-423A-B23A-6EBFA7C2B98B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{423CF8E5-C131-4C39-AC1A-2A1622EB89DA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4257A680-3CD4-4217-89AD-70D07ACB0144}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4290E446-3F01-40F7-8197-61A4F92A725A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{42CC4C81-C193-4169-A9FA-34C36DE9A84E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{43066A34-1A69-488A-B9BA-E30F5FD34D5B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{436B3063-85F7-4EF8-BF6D-A73A5B4ED879}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{43716A5A-AEE3-40AE-840C-BDC1DB937E5D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{43C34003-B5CF-40AE-A2FA-14EF0B3D4B3E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{44027C83-FF99-4BF7-B2E6-4DA3E0E45575}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4422B61E-153F-439E-9869-77EA45B0F251}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{44306A00-F89C-494E-AFBF-B50DBB7B450A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4434D573-D5B3-4E7C-8E9D-53A4DB329DD8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{443F4B99-0B86-481E-A2D0-8AD3461E7F47}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{44502FDE-FBBD-4835-AACA-C4CD30F253F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{446B3000-75A9-4E32-917C-3230A09ADE96}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4470E9B7-DDF6-41B6-962A-00C810B365E4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4480D926-26E1-48C7-888A-999ABC2352F3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4491EDDE-B66A-46B7-8492-05F68912BED5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{44E5E5D6-85B1-4796-8B29-A0F2F3B36007}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{454EF10D-2D94-469F-9DA2-B7F20A902027}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{456D517A-C066-4A3F-B157-404E1895628B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{45D6CEF8-F0EE-4CB7-B00E-E3BDE363717C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{45E85FCE-D043-4C0F-927F-E7D72B6FF526}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{460BB33C-005D-402C-B0F3-80B291D8C88B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{46220142-151B-4ADC-89D2-071A62CCF39B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{462234A8-B02B-441F-A169-8C8D086F7ACF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4642B7EA-C37F-418C-801C-6983D8DBD135}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{46564E2A-FBF5-4B1F-8F7B-9EC724BD46E6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4665C441-0293-450E-8391-E1231346FE91}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{46EFD4B6-2EDE-4609-A4C7-6B91107AC924}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4703DD73-4285-485D-BFE3-D9FFF867CDC1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{47053F9A-2703-494E-9DA7-D00E957293A6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{470CD630-6397-43CC-BC9B-6F335697BAA3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{470D9C3E-0545-44E7-8F6A-6CF8D1DB32E8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{47462D20-557B-4293-9326-E721B60A0B3A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4782A257-1040-49AA-9CF0-C709C47195BC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{478FE69E-56D2-4963-B60A-4CB6901BDC56}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{479DAF90-A75B-4292-AC77-D791E2BA13D0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{479F8767-CEC6-4F40-9038-1200C8508791}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4832EFF7-58CE-4A4F-A448-126A39BB1F55}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{48EB7BD8-DF55-4517-B40E-32905BDC1846}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{491F9331-A208-4137-BECE-598CBC2D1B76}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{49333A87-6825-4966-A6D3-5D68D746B4AD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{49575F7A-96A7-4C10-BE48-5109B9542026}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4981571D-8577-4EC6-997F-88E0241A301F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{49D0900F-D22C-4D7D-B5B0-697DC7B55A16}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{49D2E0D9-FEB9-45C4-82D4-1D7C1EE593F9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A005680-FE4D-4275-A563-5254FE0888F3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A057B63-7209-419D-A24D-B60F35877303}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A1E129E-AA9B-4124-9A28-7E8B41239F6F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A1E5383-09C8-42BC-9D44-5BB96D021A4E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A246F8F-473A-4050-8507-070DAABAE1CF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A30394F-6CF8-4F9E-9025-A1F4EE94522E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A32C9C0-59F7-4196-9750-ED408637BFBA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A49804B-0E40-4CA5-B8B1-93288F6B4C12}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A75B184-3AE7-46B3-AE37-F0A85E4BD98D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A76C586-715B-494D-93FF-C631E9C533FF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A7D326D-2C0C-400D-81C9-68D5EC93F775}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4A8969F7-E282-49C7-A3C4-B76ABE01122D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4AD9469A-2CCC-44D7-88F9-665187163509}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4AE162B5-2750-4114-8628-0E86C313F9EF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4AFD6391-70EF-41C3-A336-9F6D37B83590}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4B49B112-30E0-4579-ACBE-79934564370C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4B6252EA-DDAD-4F2D-A09A-498E735E945C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4B94B3D4-C676-4F92-9BF6-DE1B7040D36A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4BFAEFD5-8B09-4DD5-A654-D33BC314858B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4C4BCC19-438C-47BE-80CA-804591B17623}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4C5CBF4C-CEA3-4FB9-8201-ADAF46305949}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4C5E5237-2A32-4E15-A8B7-E602C0ACD433}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4C6F16E9-76C8-4B8C-876D-18FF037E8186}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4CB6BB27-AE42-4684-A2B4-975F539535F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4D4E16F9-4A47-4E01-800C-29D65C7EC045}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4D57F85D-0640-4123-98F8-6AB4E697E0C4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4D580C9A-CF97-4893-91FD-13562421FA19}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4D82774A-0424-41F7-96E7-781328D74B10}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4DB36169-ABCA-48C0-8770-047068035FE3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4DB3C56E-82C6-4074-8E34-DFAF5C2B5882}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4E093BCB-54B8-44F0-B548-B40339C8B05F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4E4A191F-9FF9-4137-BA0B-9399B1537DDC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4EA3180C-27A2-46B3-BE05-BA1B5A5CDAE4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4EACA1F2-B11C-4678-B254-332854CBA30D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4ED3517C-019C-484C-95EB-87621DF709A3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4ED89E9F-84CF-4520-B8DF-124C3C45A7BD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4F6A5A3C-8245-4737-A8A2-3B4B77C176E8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4F82D361-C39A-4E05-A6D8-4081280FFB64}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4F8762D2-3BF4-4443-8957-3F4844977F73}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4F996421-7B36-444B-8531-6AA1B1A5BB1F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4FBB0C30-8993-408C-B449-E458CBFFE2B4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4FC0D64A-5553-4415-B7D7-BF710E9C1ABA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4FEF7B10-D046-49B8-B736-DCEE7023AB31}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4FEFAB75-BD6A-4738-8977-7C14A479D6BE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{4FFC94B2-B342-4422-9BA1-DFEEEC3843CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{500D3064-8230-4632-A0AD-05CB0E7608B9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5033799C-1B85-4903-B792-FD036C50A804}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5039D780-F981-47DA-AB42-870D9780B3FD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{50938E00-5678-4AAD-9676-985ECEB06CEA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{50AC5362-CE55-45ED-B8E2-4E18DD7FC9D3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{50CB0EFE-A7CE-4DB1-9AB2-D7F9CB597C86}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{50E8304B-6E05-4A06-8B82-2CA4E7E83E92}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{511C96D3-A439-40A3-A329-649133D7722A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{51232696-1292-4B6E-B6F1-6F473B18DF2F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{51452D4C-A0B9-42A1-A249-FE8F5CE651DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{51AB56B4-D477-4039-AA28-2ED6B34EB0DF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{52055637-A541-4ABC-BAD2-502F547E52BC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{523841D9-0C70-4AEC-B06A-6B1B2B2D817C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{525C9062-9291-4AE6-842F-E03A82AEE5BD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5264B5DD-6EB3-408C-AD24-E541CA3A124A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{52A26B63-332A-4399-B16F-4F9E0B1070F2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5306D86C-4BA7-4B6C-A5FA-8BDB78B489BF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5319D012-9B4F-41FD-80A7-8B6EE70B1429}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{531F3A57-9DF0-4D43-B174-FBE337C9AAFB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53268CC9-DC4C-4542-B787-CD6D6CF9DED1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{532A86E6-707C-45D4-AA26-9CB1EDB37955}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{534C19DE-29B8-47B4-920D-B2BF1FFDB496}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53A7E05E-51D7-4C34-BA54-50A23E62A0B1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53C33CA0-6545-4A50-9C07-C9C571597FCD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53D2ABEC-305A-4A3D-82BC-EC8277AD5BCD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53D68911-5B14-49F5-9780-C3E5A57B2C65}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53ED6850-332C-41C6-AD67-CC4E9CE544BE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53F64B35-FE66-440E-9565-CCDB11BE8105}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{53F9AE2E-83DB-4F5D-9B24-5AE9C9A0CF85}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5400CCF7-3641-4EC8-B67E-78ED1ADCBA31}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{54016819-C73F-4A6F-B857-81E9A87265BD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{540A7301-A9EB-4D53-845B-1D47F76E873B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{54125019-28AA-4BA0-8AAB-B84BA5223B84}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5477F75A-7EE1-4BCE-A487-5AF13CC5ACEF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{547933E3-779E-459B-A177-AD9A31FE72A9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5491839C-596A-413D-A9D5-11F5DC7CC87B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{54F2385C-F893-429A-A0F7-3B623B01773E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5507AC08-FD74-42EC-8D37-A18197ECA0A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{552B46C0-AA77-4F2B-87DE-17B285DEDE94}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{553C60BC-4BB1-4DBC-AF90-CD29EAF916E2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{55CDE327-896C-471E-BA1A-B3D0D9A4CA61}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{55CDEB9B-F529-46E9-907C-D28213E7300F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{55E56D51-48EA-4809-B506-36EC5E5DCF7C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{55E9DC93-D0F1-4D2B-AA67-F357B41C2BF3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{56123CD7-DA35-4672-91A2-428B12306895}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{565DA949-B486-4214-BFAA-9B73762B3DA3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{567442A9-B19B-45D4-911A-3252982B125F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{567C40F7-45DE-4606-915F-EA1A1D04B32A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{56A069F8-2F12-4CC1-BAA3-B40FB0D43113}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{56AAEA4B-433D-47B1-8A0D-04F35DB4A8CC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5729B3AE-0033-4271-820C-2B60F103B341}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5743FB47-F488-404B-944A-B60C2A818D9C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{576F1A29-D301-438C-9DAE-692610FE7DA3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{57CEBBFA-73FF-48FE-A682-782CA888D8A3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{57D35937-1D94-434C-B484-994154F798E0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{57FB6C4D-6F69-4CAD-AB92-954C09179EE3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{582C0F91-299C-4C7F-845E-6AFAD814EF84}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{585E5AE4-7095-49F4-B2EB-128D89741972}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5861BCDD-BFE3-4FDE-AD85-4C31D9580264}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{586B903E-E83B-4EC2-9D39-8E4D6433A331}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{58AF706C-0338-4614-8456-50266AB61E1D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{58EBFB5D-A92D-41D1-B1B2-4DB83F304203}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5908BEBB-2ACE-44E1-B461-1971480F4324}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{59361792-9683-422C-A873-3D21712ECE4E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{597974EF-F175-4A3B-890D-77A287F7E509}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{598C1C1E-7D8A-48BA-92C3-1328BD76EF4F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{599A964E-558F-450D-A726-A73C96B09BE6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{59C30623-34F0-4857-A963-3629B9688D82}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{59D307C7-4079-4C98-89B5-A6AB9CAB96AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{59E2B29C-F2E8-4DBC-9C14-02A3BDA9FA4A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5A03D1E1-3E65-45E2-B25F-85B8DCB2E494}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5A1459D9-330F-4717-8D93-B5AC640D0EFB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5A177212-D6F8-45C0-8891-C0F0B6980B5C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5A8682B0-F20B-4EE4-A36F-BCEC06CC388D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5AA3BEDB-2D1A-406E-BE9E-FED848CEBD5F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5AAAFBFB-0BD4-4AE5-8332-B2A25CBA872F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5B0906B8-6A28-4162-ADB9-E83C539C7FD6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5B098FD4-DFF2-4FCE-8582-85288450ACB0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5B3D59D9-34DB-4454-A5C5-1B3ECE8CCB29}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5B63A639-7D0B-49D9-8FBB-40CD5397821D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5B6A69B2-F1A8-41F5-AC88-D441ACF75D03}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5B705D4F-9408-4B8A-9C42-B9E3441B0C83}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5BA64583-D02A-4030-A14A-9039C90B03E8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5C1F324C-401E-453B-9296-53029F2689C7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5CB8C374-FFA6-4F05-AEA0-4635C3F81FD9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5CC55B72-48AC-40CD-9C17-307878E19577}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5D30B220-8393-46B7-A2C3-17571694258C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5D3F2B3A-CE4E-422D-B91A-C942CF596636}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5D3F3046-ED22-431D-AE93-EF88B52C1DAD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5D7B7477-C643-4A69-A890-3D8133E3197D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5DC8BF5A-5810-4781-AA41-7CB5E685E2A0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5DDEB1B4-CF35-422D-8D7A-A72E147349FF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5DFAA833-36A4-4E89-8FE5-8C3B51BF5626}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5E5C1ACC-F3F5-4FE7-BA2A-C47529E37971}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5E6BD8A1-9168-4E2A-A051-3CF0ABA847FA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5E72BF07-691F-49F0-9D2C-A52DDA28B029}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5E95E45E-943B-4A92-9397-33025A881E2C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5E9A2D9D-44CE-45F3-AB92-B49AC08B9850}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5EAD1DC5-8B4F-48D9-8B90-61E2C266761C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5EBD6E4F-ADC5-433B-AB37-030AA98733EF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5EC51D32-8301-4BF0-9D61-CE14BB1D8EF1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5ED6C842-98B7-44F4-A9D7-4F0A777478E5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5EEC5B9F-5F9F-491C-8554-2C4672054C7A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5F07666B-2DA4-4BF6-BEC1-1CFEC34C8B8D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5F0C67C1-1BF4-4A40-B16B-73EE447BB39C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5F27AF35-F29A-47CF-8238-70A0018F3A5C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5F4DE021-7D7A-4516-A49D-AC9082DCED96}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5F5A6B55-546A-4FD3-8EB9-5A54EA50AB03}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5F621466-6E24-4565-ACBA-743C5C849D47}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5FA197CA-0E2E-489B-AA5C-BD2020A1FF05}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5FC48E6D-4E52-4C0E-ACA0-110FEB92CC09}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5FCC353B-CE97-4A47-87D6-E39C3A562B17}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{5FE2A03E-C09F-472D-A19C-82C8E2292373}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{60790EC1-DBD1-48DA-B4E2-7815D74F2146}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6087394B-9221-4837-BBEE-D44F78A1335C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6099640A-EF7D-43FB-B016-688D9334AB33}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{60E14845-8B61-45E2-AEEF-B5A995B20741}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{60F674FF-21CB-489F-BCF4-9200AEFF3099}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{60FF64B2-B729-4445-8BEB-9B6F1D9E351E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{610E8301-62DE-44C4-9F32-1713DF5698A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{611FCF2F-1BA3-4EB8-AF63-A5013B4DD5DA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6162BB89-63C0-4407-865E-CE067F5E7EF4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{61973FBB-F3FC-4A87-929D-2B8B1B75D6C4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{61E66285-AEB0-4B32-8789-BA893E74678F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{61ED86B4-CDD4-43D8-8EB9-63CE55213157}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{62107E4B-73BC-4994-A92C-33BF864E52CA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{621B7BB8-13C4-4329-BEBC-977ACED1C67C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{623B98B7-BCDE-48CC-B9B4-A1B1C944746A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{626670DB-0349-482D-A9DE-6DC786D69952}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{62B0A7BC-594E-4089-BCB4-709A26D561EE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{62B89060-F68B-4417-8F5E-8C21E951A1DD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{62BF4EB1-15A4-4AD1-B139-7A317892E319}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{62F36437-9EF2-498C-A047-102F06BD91AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{62F5EA6C-2F88-4327-85F4-D2CB20AA61F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{63016D79-2012-4AC2-88F3-9D3C32D5C382}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{631DCF96-EC97-4718-ADC0-83E86381E31C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{633BB7FA-9EF3-4A10-9652-BD202AA5DA53}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6345B8C8-B78F-4635-9DB7-EFE4FB446611}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{634AAF53-8B0E-49FB-8F82-633A8CBCD0B9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{63586F36-5FDC-469D-A56F-B483DC9E8EE4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{63A6BA93-F48F-4AD9-A1EB-E651ACAA7AB7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6429CDF6-3DB2-438C-9E48-417C639D73A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6459BEA0-DCE9-4F1C-A1E7-A9E14877C29B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6467DDD8-F229-4C91-94BE-24417576C4F4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{64B99D84-48AF-4FEE-8A9C-3A7C873518A2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{64CB0C2A-6067-48B0-8722-5C2E776AF323}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{64E67F6F-FEF2-402E-8506-04BAFFBFFE85}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{650E690D-80B6-42A1-AE9A-E6CBE8CE6F42}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6531196F-C819-4738-A0A9-FF334D6798E9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6535CA0F-C3BE-4BED-8B76-7531378D6A60}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{65406041-9808-4F47-BE0A-E651CAB3C554}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{654EA14D-889A-4930-953A-75CC35B8577D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{657BFD9E-E3C3-4E4E-B74F-FAADD775DBDE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6586E41C-06DF-49D5-80A2-BE8315654923}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{65A86490-EDDE-4110-8DA8-2E9CDFAE76C6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{65F4B830-B533-4610-9AB7-F8627004B323}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6647DF5E-05FD-43FF-B0C9-636A7B155F96}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{669E1B24-5A42-4C45-AFFB-8327A5B967E1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{669FC613-4C13-4091-82A9-176B9555A114}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{66B9A826-72A5-4B97-8E32-4CD2AB7A766B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{66BF1BF2-D1E6-4F41-9F60-D42219228797}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{66FA801F-85FA-4861-AD0D-C1DD87B07B3B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{67371B4D-801A-4999-9CAD-3DD92B55BC70}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6737E989-A814-48F8-9D96-002893EBB9AB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{67464F96-DC9E-4BE3-BA27-A8CE0B7A633A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{674A1395-D1F9-4963-859F-B6D2197D72C9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{679176A7-5592-422E-81FF-4B8095FC2844}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6851BBA2-FB65-4DE0-B274-699C7E54938A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{68A7F9FE-C63B-44EE-9966-30F457446D6C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{68E23631-A881-4AAA-A336-6D6D8A609BAE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{692DA1C4-531F-40A6-BA96-607D5EC0E393}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69777905-5281-4F09-A2A8-994EE5B6CC55}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69825FE1-2876-4AAC-8E56-6D1927736288}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69920257-B5CE-4DA2-BBAF-7BCC7296761E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69AA5329-AA69-4D26-B8BA-8EE15A30B85F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69AB2B86-DA30-4FDB-92DB-BAE5BC2B8993}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69E3F009-CCA7-476C-BB41-89AD153A776C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69ECF446-3629-4189-B983-66A6C3B9D639}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{69F6317B-C65F-47D9-ADE8-D05BF4E1611E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6A03D347-0262-4DF8-AA33-DE10FA7B35F7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6A4141A2-7890-4ED0-B1D3-4A10FDA876A5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6A566C59-C29A-4CE6-844F-183A3B8995A6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6A74AD77-DC82-4AED-A24F-9DEA1DA72E7B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6A7FD392-1E77-4FB3-83CB-4044C8D3DF23}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6A842934-F267-41D1-B4AC-11E848AB73F4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6AA58BEB-C59C-4124-A15D-0898689A5139}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6AE08422-413C-4B8D-986B-B7679B4E0062}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6B170AE7-A711-4532-B9C5-641641A15530}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6B3217F0-4DFA-43B0-BD8C-21641964A77B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6B8A661D-6246-4705-B912-809315E6F661}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6B95BCF7-1068-4AE2-BF28-A432FCCFBFD5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6BB1369B-7CE9-4A17-9D3A-ECCCBE8971F4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6BB2ED28-AB8C-4CB4-A35F-299C946DFE56}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6BC4C605-A85A-4E07-BC6E-6B08F5088E35}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6C303618-59E0-4A2C-A2B5-314DA1754902}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6C7427B6-C570-4F09-A413-CDAC61DDFDCA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6C74B0F1-89E9-4FD2-A1BE-D8B0F9D8043C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6C7E5FB5-6860-4FAF-A6C0-75C69C5D591F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6C93571D-FB7A-4869-8BFD-523CD7340AE6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6C938258-BB4A-457A-8B8F-6DA27DCB3132}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6CEFECE1-1F55-46DE-B50D-1C9066C35902}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6CF4FDE5-CFAF-43B5-B062-88AA7E3FFC6B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6D0CC042-6593-4107-A252-38F60A4398F9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6D20B786-9AF4-4F8B-8562-A738D1757C4F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6D588EBE-C93E-44DF-943D-872F1F720F5E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6D712134-FA63-4152-86F9-58CE2656DAD6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6D8D4304-C4DF-43F1-997B-F9E4063E09A0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6D8D9AF8-CAF6-4027-BD42-CA2FFE5D6D1A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6DA47DA3-4AC7-4423-B550-516A7A396E84}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6DCC0F1E-A177-4199-80F2-CF6263E9A6F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6E1DA1E2-7D2B-41A6-9469-5B5F7F127046}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6E52F572-451C-40A4-883B-B66F2587B5FB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6E57F876-08D2-4988-B2EE-B5B5A7465379}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6EAB3079-95D4-4040-9A88-2B371A126CB4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6EC684EC-D0AA-4090-B31C-1B7E5D4E6122}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6ED643EE-7CE2-446F-B578-5C33612D5429}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6F204B91-6530-4948-B27C-FE760BF67FEA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6F85166E-BE5A-49D5-AF27-FCD36D0E6963}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6F9A9754-5388-467A-816B-822FADAF1087}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6FA18E19-A8AA-43B1-8982-7EE8C1EA02DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6FBE19EA-8075-4708-AEBC-BBF8AA75D9F4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6FC56CD7-5071-4E3F-B4D4-F930E58C612A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6FCEE1D7-9368-4F32-AF47-0F08C710AD46}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{6FE5FD22-AEAC-4487-8002-CC80681F6F9B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{70978393-5485-4359-A41B-177F90202153}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{70F46D29-4D3C-40B9-84EE-A1745F339D57}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{70FA5158-F2FA-4623-BA33-09BBF076A779}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{710FA52F-0880-4DDC-90B2-783A961C5565}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7134C9EA-E15B-4B63-93D9-D534F25A106B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{719E63B8-0191-4898-A43D-5C71CC01D894}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{71BED244-407D-44A8-9F60-8393E7B2B1DF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{71D4A1A8-0610-4732-AD9D-69965F245070}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{71F26D4B-A217-4F15-836A-B7A7F910D4FC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7209B54B-B475-44A3-90CA-FFBDC698359D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7219BBB7-1086-4CCC-A2BC-91074BA42082}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{721AC16C-A3EB-4606-A9B5-A1C3B48EEBD4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{72380B18-AC87-4169-9EA5-558101E06559}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{726D1193-5A71-4A77-8A7D-C2739C50D0FD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{72F13AD6-46A3-436F-860D-658109AC07B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{72FF1CAE-6004-4D0C-BE3C-4768010092B8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{73151597-565F-42B0-AAD5-EA687D835E7E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7357BAFB-0386-4BBD-8B57-BACCB0731EB5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{73689052-5D1E-4541-9785-9C5AA6C9911E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{73A482CE-8C49-4C40-BDD1-922C1ED571FC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{73D2AEAC-4EE9-4658-A6EB-A054973BCF87}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{73ED92C4-4FA9-4C51-A7E1-A0480A509F7C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{741F0EFF-8F57-46EF-B105-985F957C6F0A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7420465D-B9BF-4759-9833-D914911E007F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{74341501-B6DE-4E8D-B26E-8F5F686781D0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{74479018-EFD1-4ADC-9F30-A14B534C4DBD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7449E0F9-DA55-4AAD-94C4-AB872B2F793C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7451030C-DECA-44F6-B40D-9C2D24899854}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{74BBB550-7D96-48C3-9365-4004ABFF8040}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{74BC27B8-3A6C-480A-80F7-DA0F7F831C39}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{74E08AB2-F61E-4E64-9804-FF0BFC83EA98}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{74E22047-4CED-4A5B-AFBA-907A9C42F1C9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{74E368CC-03BE-4846-A05B-D8E56B318521}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{750B2134-BC03-4DD2-A255-2437E448CD10}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{75385297-3770-41FA-9238-C25C882ED150}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{754320B7-1D95-4E5D-95AD-C6F25577148D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{754CE4CC-D5F6-4589-A01A-58DD6BE27A03}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{756068A3-99A6-4679-9A06-66BB02FF996C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{75631BAC-C129-4E4F-8C72-AAE078D84974}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{75C9866C-1EED-4092-9F9F-1D68B349EDA1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{76153DA0-B6F9-433E-8016-BE72D9B2289C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{76186180-7689-4138-8425-867ADEED6B0C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{761A7059-5456-4BA4-A267-BAA69A85603B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{761BA3EF-12E0-4DC9-9DE2-84876EA1FFB1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{764AE988-8E93-41C8-8595-E7CD3D0D31C7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{76681B35-13BA-444D-AFBF-F5552EF8061D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{767DBCC0-4FFE-4D04-A00C-6B1C1AC34DDD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{76B08AF1-45A3-495F-BC23-5623FAD55C5B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{76FCCF19-B287-49F0-B68F-8F72DCB9E5C4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{775A3A12-007E-46EF-BCA8-C6757795BB4C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{77676581-0A47-4997-A713-E2B0BAE22852}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{77776207-2FBA-4260-8B71-566659471343}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7793960A-4E49-441C-BEC9-A647BB0E14B5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{781306DD-28A1-4653-AE6B-4D57AAF89814}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{786191C4-3E10-4F4E-867E-779F013BB1D9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{78D13FDE-07C2-4068-8EBF-CFB6B1CD8456}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7906C72B-0712-4A0A-9460-886AEB972CD4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{791D7A7B-8D6F-4838-83CA-E2AE3FF6F78F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{791E38D7-1A65-4845-8599-7C6479E56227}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7972A901-29D4-48AB-A6E4-5FC97DB3ACEE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7973249A-E6E7-4103-B7CB-5EF69E832675}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{797683AC-80BC-460F-B5AF-1CB9315EF28E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{797E0D45-EF9A-491D-9548-4A6749C9E7EE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{79A710DC-C185-4191-8020-D6BFB685BFD1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{79D8113A-247D-4E04-8380-F5210D67EFEC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7A55877F-DF4D-4845-A50E-8F3E16834009}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7A648272-8042-406C-906B-237D88904740}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7A8E510A-3D9B-4085-B67C-D7C2924FCC48}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7ABDBA55-BADE-46FC-A935-3656BB296250}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7ABED713-7C59-45EE-9BDD-D0891564DFA1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7AD12B74-1CED-422C-83B3-E1FFC7FB5126}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7AE65770-3594-4F12-BF9E-6FDBB3BC3C05}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7AFA4786-762E-43A0-BC0A-EE6ADD2B90F9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7B1ADCB1-FEE6-4061-8E75-7F2DA40622F5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7B1B5D53-CEB3-4FBC-BF25-FBFE969D638D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7B2400AB-D95F-4043-8EE3-6C8DE994D0A2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7B7334AC-45A1-483E-86D3-F5D6214BC0B0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7BDAFB8F-CE98-4867-AE27-732A63095966}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7BF9FA7A-2743-40BF-BD11-18D8B160E131}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7C1F83EC-3922-412E-8BDA-375886BD56D8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7C74D69C-CEF9-4635-B3B9-9D1047FEEBFE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7CD8CA09-65A9-4755-AE35-90831F1165ED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7D2391F2-9625-4078-B775-B3AAF4C1A93C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7D5F1F71-2A13-491C-8C77-BEB1F3666287}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7D9CECE6-7116-453B-B3D2-A9B8C32F7F45}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7DAF0EEF-D9B2-4763-B4CE-B0478C877038}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7DDB2E6E-33CE-4E44-867F-5118269BB0F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E06E572-4DC3-45F5-8B3B-05E4C3827EB5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E09C80B-051A-4E99-A11A-9B08EA2C4283}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E14E9BD-3AE5-4CDF-9021-0C4DF94F32C1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E1DEB21-730B-4CD3-AEF7-774A805E42B6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E5479FF-266D-4CD4-8801-5C57488D1B62}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E5FE984-203B-4704-9417-EAB9D825A2BB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E659E2F-D0F1-46A7-B38D-9DC1AAF454D5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E685304-C0A9-48C9-843E-1D5CF8A3E0CD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E6AB2E1-8133-432D-82AF-A0F4DF4B4374}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7E7E4021-7147-4BC0-9A9E-72C4CBE23613}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7EA689E4-EAC6-4A6C-A9F3-189F7A565DED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7EEE8547-307A-41D4-9323-D4968527861F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7F502D74-0D51-404E-A0FE-4BFBD1DE27F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7F80E162-7040-4272-AA62-F7147D0C905E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7F86BF96-24D4-43EA-8F50-575EEE8410AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7F91F162-B980-409F-B0C8-AA05917F89F9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7F96B885-33B2-4280-BFBB-7E81CE9EA0F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7FB622A1-94CE-4E19-9632-126674AF504A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7FE6C907-C8C5-43E2-80FE-C93594B0898B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{800058E9-13A1-49FA-A9A0-251F1D8CE58B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80541E0F-506B-4B41-A75C-A706C1C8D492}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{807A80A7-261C-43EC-BFC7-DB458510C6E6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8087083B-4A89-4F2C-B1E5-368F876766D3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80966A7D-7C92-4C1A-AEF3-94ABC0FD944D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80A25D54-06CB-45DE-814D-7DA510E7DD14}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80A80C6A-AFD9-406F-AE22-5AC396DFE0E7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80BA09BF-6EA9-4B71-9C54-7579B75AB59F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80C01A8E-B132-4818-A30B-9285DBFBFFE9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80DF5C8F-FF76-41E3-9F6C-C79C1BD2BFA5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80E72533-901C-4313-B8DD-454F806AF9A5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{80F22E29-05BE-4850-A6DA-1F602470BAB2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{81063F5B-F5C7-4DD3-98AA-77F8A6BB4C83}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{810D21CD-9CAD-4CCB-99AA-12B4AD800090}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8148235F-AF42-49C7-BDA0-67E4E3F93CFF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{815E637B-EAC6-4D49-B3D9-A0AAF096F952}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{817CA446-AC13-4D7C-AB7A-5E70DAFA63C5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{819C3D9F-F050-4DD2-859B-7CFE161A912B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{81ADA557-A5B0-4801-A51A-9431EB0DF996}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{81B7E643-8DB4-4BCC-BF32-8B389CDAA32E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{81D5DC05-2B6D-4786-B89E-454056180879}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{820F3484-33AA-4925-B3CB-B29ACBBFF885}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8230E4B5-E00A-42ED-997C-257D0D12995F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{82885C6B-A1C7-48A7-80CE-2CC4E3BE2E96}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{828EB5CD-23C1-4252-A3FE-426D61F2A7AB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{829621F6-C368-4BF1-80D3-C3161DD3B2E5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{82ACDA49-6CF0-4BDC-859C-B136F91B4217}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{830CD6DC-AED4-428F-8CAF-93FB32EBA6E0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{830DDE24-2329-49EA-B8FA-2A440FB8C931}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{83125D23-FF09-4EC7-B9EB-A24DA3EB45A5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8318A64A-DAFA-46CD-B0A8-79455D8FB05A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{833DEC58-098F-47AF-98CE-69748DDF41C6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{83A0FA1F-581B-4462-8C03-5F8541057955}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{83AFE527-0F3C-461C-91C5-A50E952045A4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{83D0C665-6811-4B08-8414-F5067766A9A0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{83E49BD8-9066-4263-AC81-1D115A46B9F3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{83E79D2D-3420-444C-8177-5C6354AB8BFB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8414FBF0-87A4-45E5-9655-4E310FA30CA9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84A045D6-9C09-4244-B86C-9F6692DBC1BB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84B8BBEE-5942-40C7-8168-7C2F222F5B65}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84BA4650-62BE-4F18-B4D5-9AE793735F4B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84BAC630-B5EE-4544-ADDA-0926B9E4EE71}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84C22515-FD39-4D2E-9D6A-04CDC8E92FD2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84C762E4-05ED-4C8A-AA28-C6F442233389}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84C96E8D-AAA5-48C3-8C51-654026C5547B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{84EEA32A-1984-4F3D-9284-1E2C9479FCA0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{85158A9B-2A19-4CC8-9EF8-12C4581A430D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{851BD1EB-2559-4FBA-BCE2-AF6A5461707C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{854D2F51-AFA9-46DA-A937-48EB8C5A0974}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{854D3E16-542C-4F69-AF47-8796C97075DB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{856E8CE6-0AE0-4475-B5FE-A143316B2B4A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8573CF2F-1095-4842-ACAF-EAFED0DA9E81}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{85778085-0FD6-4A33-96F3-F4B075F9DA3F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8596D39D-C2BE-4BE0-829F-8C3FAE8C6BAC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{85B629AB-46D0-4642-BB06-A41B8229604C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{85D392DC-6248-468D-A017-491E316A7357}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8655C4B2-E3CA-4E96-945C-5DCDC0D46812}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{865B09CA-73C9-449D-9AD6-7D3BB1768441}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8676DF76-4492-47F7-B8E2-11B4541CA453}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{86888237-66BE-44F6-893B-789ADB6B3D87}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{86DCE807-2333-4F40-9E4A-4D58DE281FE4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{875236BF-73A6-4716-8B00-604A4DDC3A54}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{87784735-9992-43D9-9573-FFDC725792CF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{87939B2D-B14D-4AC1-8FA5-52484DC6C792}
         

Alt 25.01.2015, 16:18   #14
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



JRT Teil 2:

Code:
ATTFilter
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{87A1D638-5A03-4480-9E2C-8DE6200550F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{87C49F70-5967-4954-AF2A-A6466E925A57}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{87C5127E-8AB3-4ED0-B4CF-5A5FB042EA90}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{87DA922A-9968-4582-90FD-463E8F42C9C3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8807B810-DEF4-4ED3-90E1-DB07042878B9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{88086EB0-EFF1-4047-885A-5E10AF7AAD87}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8840E46C-CB6D-4537-AA1C-8A9F294B0A8A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{884D01E7-F6A2-4B8F-AA21-DA0D0F325E58}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8852B9AF-0849-4311-ABC9-C7590A1C729A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{88D53900-6BC6-45F7-BF33-7012E1C1E8A0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8918AE92-051F-431D-A4A0-6F237C73E89E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{891CF3C7-AA0C-4DEB-AB33-99F74E81A6EC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{89255CFB-91B8-43EB-8528-609D064B517B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8939ADB4-9F8A-4308-942A-0B1AA521770D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{895BBA04-15DB-4897-8980-142F329E5D02}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{897DCEC0-C4C7-4FC5-9E1C-E07C45A6B6F7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{89B85691-1CB7-4F39-B24F-32B9206C408C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{89BA100A-C97B-4D82-8C65-B955005D03E7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8A0AAAA2-7B64-490E-BB11-3A01A19A79C3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8A276360-E868-4613-8175-445CA8471EF0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8A2BA58C-6A34-43C7-AD0C-5E39F1FF84D0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8A31126D-2DF5-4CB8-AF02-D7FA9239FB30}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8A40BF54-67E3-4E39-A530-3ADF647BFA65}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8A8D60F4-30EB-4CCB-B5A7-7C04FE32A6E3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8AA373EE-79F2-45B6-BB46-6B7BE3F401AE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8B109A19-1E78-47DB-90CB-414BAC259F57}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8B83603A-D582-45C5-A221-906F075870EF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8B99D7FC-B923-46A8-A774-87A57A1F7C68}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8BB31B24-D727-4839-8B16-8D87FC4D0DA0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8C08D85E-91FE-4067-9B8C-6F1ABCC0C063}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8C73097E-1D3F-43DF-B6E7-68BFA134F540}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8C76012E-8035-4689-8DBC-B3B71313AFAA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8C792330-194D-4C20-B54D-6E40BB63BACC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8C810C5D-3171-46E0-AE18-27C429EEA2B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8C8A80D5-8895-46EE-80B6-6925B31265C5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8CB03304-950B-4C39-B17F-F401F06C0726}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8CBA1705-01B0-41D6-8AC2-8000CB2CB793}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8D18FDE5-71E4-42E8-A1CF-30C53AD0DD06}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8D30B60C-31EE-4F26-9215-84239D8CF73F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8D631095-98F6-4CC5-B880-DA4220673BFC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8D8D78D0-467D-4BEC-9CCD-DCDD31F5E1B2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8DBD7EA3-0415-4795-8DF7-531F25E0AF59}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8DC97972-64C4-4E06-8256-22783054D180}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8DDC9859-FA13-47D6-B758-BF71A83B50AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8DEFE42D-75C5-4886-A611-F2EBC5DE2822}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8DF19389-C363-466A-961F-4AF31DD408C1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8E004E6E-1C81-457F-A62F-3D928C69E001}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8E5C5D94-08DF-4461-B442-B0BD59879A84}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8E649EE2-337D-426B-B6B4-48CA3DFCECD3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8EC8B823-4BF6-49ED-AE6F-10DCC7F83B07}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8ECF4F55-DC6B-463D-953C-C3E5A14037C7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8F4BAEE5-6F6D-4FEB-8772-BFA01CF433A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8F5080E7-8F40-48DA-8FD9-8AA05BBD3A6E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8F808C8C-3092-43CF-8946-7218F64BAEC8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8F9F6A74-6B50-4C43-A706-B920E5EDF351}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8FB2293C-9560-4F8E-8963-4AF0DABEB784}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8FDBABC1-A00E-4F5A-A63D-91603211710A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{8FE2F5BA-E471-42E6-8421-A3876FA1930C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{900A195C-66BF-4330-9436-65FB0B2FE177}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{90258F03-5F9E-4D78-9862-47974CACC722}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{906A703D-E831-4432-9CA0-3661362B7AEC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9085D669-7984-4CDD-BF58-9E9EB87D199D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{909F6E72-1046-4856-91A3-B3FE391103A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{90B475D4-3EFE-407C-8DC0-D38337D5FFDA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{90C6AF6E-7758-43DC-96CA-F76289240CFE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{90DF56B6-2522-41D6-AFD9-04675AEBE5D0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{90E03630-514A-4634-919B-5CEE39C8BDCC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{90F2DDED-60FA-4C94-AE38-F9C49BF9BD48}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{911F8486-771E-45DB-82AF-91CF033AECC4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9150AC8B-5495-4CDF-93ED-46CD6C3F0B60}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{915929EE-1F2A-4B61-8134-4E6B01B97EB2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{917D4BAB-FF80-442F-8BCA-E1BFAA995875}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{918A92D6-E8F9-4382-AB1B-8DBE361F209E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{91A5E764-6CCD-48C9-A258-A9D24A40C7C1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{91DB09AD-4EB9-40F9-B99B-DF6FCBA0983C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{91F02632-5B8F-4D66-9A78-7FCADCC80647}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{91F1619B-2F68-458B-A184-FBAD538299D4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9225635C-A8B6-40DD-8704-E4010448197D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{924DCF83-941A-4AC1-9D29-2DFB5A754F00}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{926CDB13-7C2B-47D0-AE3A-78582BA81E1F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{92713D76-3704-4652-8B4E-7D1F1C5A76C8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{92E006DA-1245-445F-B550-D8D991BFDAD9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{92FA37D9-9669-4E94-A8A0-BBC79D0C9C21}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{93450D24-2FD9-4B22-B871-94693BBE412F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{93529A98-0C3D-4927-B40A-9FB70D51C5B0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{937445F5-9DFB-4328-8747-3B7D15C44DC8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{938D7105-B1F8-41C2-8957-8E758FF5D696}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{93A4F9E9-07DD-4826-ADC9-6D37F26F784A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{93B1C65E-FB53-418B-8FA0-4CA2EC66C084}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{93B4CE6C-F7B5-42D1-8CCC-70DF483C4CB5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{93F33300-ACBD-4091-A74F-5594B2ECAA8C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9426922B-ACF5-4E99-88F6-AE9A081B3AF9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{94456F00-B69A-4C6A-8995-B919922B907F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{94538A42-9186-48C9-80BC-7E097688F159}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{94723EA0-90D9-4F98-A0A6-B39D5A2A1EC6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{94DC2A77-E98F-4438-B8F2-68F214C70EFE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{94F055F6-499B-48AA-AD6E-DB031284934F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{95299386-D521-41EE-A1CD-97536A604910}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{954FD5AF-AE87-4387-B979-1E9ECBC2DC88}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9575E058-CDD6-4D1D-A583-CE0A6CFA214A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{957E8D4E-0549-4F0D-82BA-6124BEDB4D85}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{95BA273D-7A12-476A-B36E-497751740405}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{95CAB7AD-954C-4532-9A2E-057FE199653C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{95F6D1CC-77E9-4AA1-B389-9300D3828EF8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9635CC25-20F0-4A22-9833-B94E7F7A2A61}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{964B24CB-3667-43DC-9BD1-23A476DC088B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9691FFAD-9EB2-414C-969A-20A728F147AE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{96A457E1-7FDF-4C4F-A477-F42FC0394B9D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{96ECD87B-FF83-4E11-B991-6E377A1202A8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{970384AD-40C9-4F00-9C75-CF5F6C71F8F5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9776CE19-18E6-416B-B96B-A7891A875526}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{97A40121-44E3-49B3-A4A4-7536DD2A8C49}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{97D48CE3-009C-406B-B276-204123CA6E11}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{97F7AA56-1471-4276-9806-0566E9A443C7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{980133ED-EB05-4F77-94AF-A28BD4A9519A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{98051EF3-BABC-411E-BEBE-7574B47F90F0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9838A265-9019-4A98-A1D3-3F17FB2C473C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{98845F92-C831-4FCE-AB78-356A103B7EE8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{988AFA44-5A03-4856-8438-B5AD68464434}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{98F97972-8DC3-4F25-8754-229EAAEE19B8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{990DBA1E-85D8-46E7-A2F7-12D016A8E8CF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{990EF7B8-46C7-4B58-A7FC-CDCD0771C891}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{991BE04C-7A23-4B32-ACA3-AAEF49E88466}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{992DB1D1-C48B-4311-8545-CAA864515D72}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{99503CC1-33F5-438F-A586-B084B9365B06}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{99564FB4-CE5E-4F77-A61A-39B97BF51FA0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{995E6774-081F-4E01-8398-C591FD396A9A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9973CB4B-34E4-4604-904E-6B91779AEA9F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{99937D65-454B-4873-AAB9-2ACF7710B94C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{99D494F7-7721-4AE9-B25E-C96EF248FCFA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{99E09DC8-A591-42E6-B8D2-C7FEB7765B40}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{99E1997D-8E34-485B-9CDA-51FDAE829CF2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9A19B8B9-D8A0-417B-AB1F-184CA8F34CC8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9A597151-ED14-4F9E-B01C-13D98F1470D5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9A881B79-530E-48B3-B227-DB7A1940D6A7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9AC20EA1-D5D8-4D7D-9882-CA1EB908A408}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9AE08A09-8AC5-4C62-B98B-21DE4D24E63F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9AF6273A-5A29-46FE-88AD-1715EED5E6B5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9B0C7C0C-28B6-43AF-8C38-FF2277C6B624}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9B272627-9B2C-4362-9DD8-33FD1F62FBB3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9B53520B-5361-45E5-B362-D7FEE61B54C6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9B5B7DA9-FBFC-4B6F-82F1-C63295C4DD6B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9B9E95F4-D788-4AD0-A0B6-2840CA13062E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9BB44389-2BFB-4515-BDFC-2B888C6E9EFB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9BF1D6CC-D673-4D62-8E6B-793C4EA9897B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9C00EE87-535B-4EF6-A26A-BC090B3D8A33}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9C074466-1A5C-468F-A948-7E5631F5B784}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9C0CD938-26AC-441D-84F4-14C49E3813DB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9C10539C-0287-4672-B28F-7F0EDCD8F7EF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9C139CC2-ECF3-497F-BBA6-A28AFA6AE3B9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9C6CB7EE-3F6A-4574-B230-47AAAAB57A6A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9CC1C055-7F21-410C-965B-E35E5E9039A7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9CC8DB7C-885A-4AFF-9C88-63A30B69942D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9D15DE68-9242-4320-ABF3-41132448AA08}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9D3CDA23-221F-4ED3-9184-A6D623731058}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9DC0C5BB-BB0B-4CDF-A136-32E5ADF4EA5F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9DE43BB0-D1C7-420A-B705-E6163180B5BE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9E1C31B8-F0C1-4FB8-B8DD-2CA924F01EAC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9E60E85C-E7CF-4025-B3A2-E5C98EBC5381}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9E70FEAF-2C2F-4CEB-B5D6-B8D267BD855B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9E764153-54C5-4CA1-B22E-5656C7FA6A3B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9EAA49B8-D799-42BD-9156-125FAF8619E0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9EB8ADCB-C097-45E5-97B3-16F19A43C795}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9EC6206A-CFE1-47AE-B38D-9668C9B623C6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9ED54399-6B13-4FB7-B8B0-D648A50016EB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9EDD8947-DE3C-41B4-8892-548CFA1B2640}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9F00D55B-079A-4FCE-A375-3DD80C0EE8F2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9F2DB4BC-3F53-40D1-AD34-955BFEF8A9DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9F33EFD5-5648-4E4E-B6BA-C810BC9110D6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9F7113B5-E373-493B-BC0D-2908B965827A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9F7B55AE-7541-4A75-8E5A-D03EB85ED1AC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9FB55EE5-5D89-4DB0-A40E-636CD1875584}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9FE1A8D9-CCEF-4333-984C-9ADFCA32E7BC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{9FFE5A16-D9DB-488E-816B-663CAEE2F8C3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A055D2A2-B1AD-40ED-B9AB-557632DC6DD1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A056AC89-76C6-4A7D-9264-4A0E395D0598}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A0DD6A25-1C56-4345-8445-E500178A282C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A119D37D-9AF9-48D8-BFF2-428913CE659D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A12FD2D4-BF18-4568-B4C6-B7A3C8F7773A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A177B225-6CCA-4477-B371-B63F884C8EFC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A1C0F838-3DAB-4DA4-A478-3FE9ABB719F6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A1DCC63A-B738-4993-875D-BADE071395DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A218E31C-8CCE-4BE4-8E11-C3CE8C664914}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A240E1F5-C7F9-4B2E-B6BA-6A0C17375F42}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A28EAA99-EA5A-4200-9480-88017F3D852E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A28F0A8A-8F4B-4392-90BE-D65F9E9F46C4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A2B2D24D-73D6-40D0-962C-13D60C8C3769}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A2DF289C-52F7-45C5-B872-6B22087BE971}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A2EA31A3-5F59-4F7C-BA12-4D81D07139B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A2F008C9-CA67-498D-B37B-382028490DED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A342FD4D-025B-4906-B7EA-FFB32807B5BF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A34C426A-177F-4814-92CC-EE3C8E985562}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A360A091-79A9-49CA-938F-CEECAAC439CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A3836668-A4B1-406C-9FF7-9C323B2368B1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A39E6F1A-1D56-4520-B9EB-CC3CF181D959}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A3E04D1C-E7BC-44D9-AE8A-1F3394986E09}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A428B123-BFFC-467F-B2D5-8272AA3BAE85}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A4A91E82-B8EF-493C-ACA2-AEA6DFC3C405}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A4AC9E40-784D-4CE7-903A-410FD533570F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A4CC30AC-AAFB-4FE3-8408-26142E0EF0FE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A4F8F101-FC24-431C-8BA8-AC61CE152F60}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A501AD7C-D49E-4365-91C9-AF75B9C7CF67}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A54226BD-C33E-4548-BF9F-B4E641D59AEC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A5465012-BF54-4337-8C7A-1D0ECA687D1A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A591A9BB-6935-488D-B9EB-2C3C7BC1B5AC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A5F43CCD-4293-461B-AE9B-B2C702D58004}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A6B68E96-E916-495E-97F3-8B1C90EE084A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A6E66DE3-B02B-4BB0-930C-EBBD3B8FCB3B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A76A444A-1D93-4A92-AC21-775F6C0DD702}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A7A22F70-1DAA-4C6F-B8C1-061D066C7D43}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A7B31ABA-7C28-4E24-966D-6B2F4587E0C9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A7CFB3BF-B64A-4C3D-A23C-E5BA371BFB7F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A7FD0DDA-B847-4DBA-80C1-E0133A238704}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A8392A14-3849-4351-888C-CEB82A33EB6B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A847C6F5-EB8D-4AA6-A9C5-E5D5D132DE06}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A87061E0-BF3A-481D-A88F-00285934E913}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A89479BA-2EAC-4F89-ACF2-3EB76E314967}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A8B0FDB7-E02D-48BA-B1C4-E8BA0054F3E7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A8F8193F-127D-437F-B9D5-0185081E1BBA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A92C32F2-8D7A-4243-AA48-968FA33ACA5C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A94C2C60-582D-46E5-A5DC-FBD3AA6AC83A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A968A96D-9448-405D-835C-70B7CE4A4FBC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A96C6D78-870D-4455-987B-7A542F01A8CD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A9BEB24D-DB65-4F4A-A147-A63F7AD070D8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{A9D4C7CD-D4F4-4524-9B2E-C3A696CD5AF6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AA2FE1A8-6483-408B-9F91-D31CD5C33DB7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AA31201A-5DC4-472E-A17A-DEFBB752343A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AA502CF4-44BD-4EDD-B104-840DF1C9B209}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AA5465F2-F094-4A9F-B1D1-B2F72EC5BB0E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AA5F3D5A-383A-48A8-9F31-174B64511AC3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AA745959-12F0-4FEA-A6BA-88DD7796C009}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AA849782-2D40-44D0-92AF-6CC2A562E69F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AAF7C37B-1E92-4A14-8BF9-AF26BE4650F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AAFC1847-937D-4E5E-9444-F9FB24E95712}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AB05632E-E241-4F59-9953-89EE1B8DDF37}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AB551E7F-B2CF-4E2A-8DC2-B934B33F3D0E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AB765D5B-5277-4E07-8033-37CF1094F4F4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AB939D5E-D7AF-473D-A070-F960D1AB64F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ABB98905-F999-41DA-989E-183FA5340CA9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ABE5CAF4-E8F0-4380-8903-E8B689E92C34}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AC2B7B14-B8FB-4B0C-997B-6FEC4013BCB2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AC2EAE1A-4FA3-4F48-B01A-A3D2EB5C18F2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ACA5BD6C-5B7C-4EC5-82E8-0F4373EC99B9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ACEC37B9-7012-487E-8964-724D4608CE53}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ACFF9F21-383B-425F-A300-A4BE23A9405E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AD118652-BAFA-4C5A-8D92-285A76E68848}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AD360E8D-30A6-4086-932A-4CF448027102}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AD4E9562-7574-44C6-9BB8-5AB70986BB0B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AD4F623E-2A17-4119-A86C-7C78A7F9CCB7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AD943143-D22E-46E0-AD42-6129DFF79E78}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ADC98B79-F995-48A6-8CC1-0E1F7E679ACE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ADCE3A26-3ECC-483F-AC13-6F4BC8AAAA1F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AE2F8A9C-FE1F-4B8D-AEE5-D267F39D7671}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AE71375C-7778-47BA-B2F3-F7791F4CDCC4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AEB5D37E-FAB8-4C14-B6B3-0BEE2D02A492}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AEC82CF3-EF92-474C-8476-300885C30653}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AEC992D3-7652-47B8-890A-E7E55199E0A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AED5A575-CEE9-4F8F-AEB9-BA0189154C13}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AEF233F6-0139-4A5C-B369-15B03A0BFD3C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AF1BB366-6937-4A2B-86E8-8DD68B8DAF57}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AF1D036B-730A-4E59-9D7D-EAA30EAD1C16}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AF509DA1-882C-4A1B-86D3-3E4C3121629C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AF854C3B-01A1-402B-ADAB-7D28E1657318}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AF8D37C0-3BAC-4C92-BCE1-8BBBF4AB5E51}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AFB90EE9-0C82-4579-A71C-614C653BC35F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AFC65494-E973-41CD-A7D3-882EFD1342B6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{AFE9966C-00F5-44E3-91CA-9384F4C75DF3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B00AA6F4-2A24-4936-812A-BB8D76B43579}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B05A7197-940B-4DEA-9954-1C0C8D90D03E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B0746B07-42A6-427F-B0CF-EF5928D10D69}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B0A45F28-9641-4881-AADD-B94A481ED139}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B0A7C065-5A1E-4459-AA50-868B50D2E0D8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B0E09A70-E064-4F29-A5EE-9A4987E0D9EB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B0FD9393-EF8C-473B-9833-837E7D7A6E9F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B1417AED-506E-4CEA-A0C8-31239F156306}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B16A9977-9197-4789-A143-CE5DA61C90B7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B1715DE3-0230-491E-AEA4-2F6DECD45F45}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B1932A8E-0061-4A60-836E-E8545AF1C16D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B1AA3FAC-2B10-4858-863A-CC73CC2CD8E6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B1ADDDC1-A01D-486C-8B00-C2A260A11B80}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B1C34B49-DD06-4A1F-B76A-0684E304523B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B1DA9284-FBE3-4B20-8C37-2CF65D3FC6C6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B2216F6C-FE13-411C-AE92-651938D0057F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B2286D93-167F-430A-92A5-FAE304629622}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B236E689-65A5-45C6-A28E-861859DF252E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B23AE5DB-E1A4-45B7-9AC1-38E963749A61}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B243BDA8-BB9A-41BD-8814-B1C09B93CE2C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B256CCC3-028C-4FA0-A1B4-835F5906E62E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B257F5A0-1FDC-460A-9E94-8D62092E2289}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B296952B-19A1-4EC7-A728-74AF4AD96050}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B2CA7DC7-EFF6-4E27-9D8C-ECBD30AC7DA3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B2CE6C9C-C0A1-4AD6-87E7-9C60B05B296F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B31D0DD0-5F86-4E5A-81E6-DA0B3633E98A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B37DD12F-AD52-499C-A095-DFF7E9C9CAD7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B41BF6BC-C8A8-4547-A8EA-B2FE274BAA23}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B46156D3-3267-4300-A55A-F2F115D1BF8F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B4A08EDA-1932-4AAA-AF83-69E1D765671D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B4CC2D43-8834-4F2E-84ED-66389C64682C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B5299CC1-FC7A-47C1-80FE-8A59446ADD98}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B55B4723-FE59-46F6-A466-80D3C737F46F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B58BBC64-7EB2-4261-A57E-02CD38A81733}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B58C61B6-0D22-47AE-A658-EF6DB0891BE6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B5B490F6-2638-40DA-9EA2-538B7DB9313D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B6184792-430A-4BCF-B25E-2D72797E01BD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B62BF3CD-F847-44B5-A457-218EBB87E3B7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B64B2A86-9299-46BB-A39A-255FEDDFAC91}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B66F970F-2E7E-46F2-A7C3-46328E3C4A9D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B670688F-F728-4013-B161-7EC3FE838E63}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B69BEA9E-E7FA-4341-81FA-D8247BFA5456}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B6E72289-2401-46EA-93BB-F0BF497DEADD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B6FFFD15-37BB-4CBF-94F9-A19E4690C848}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B721731D-BF08-459C-AE56-67348E5081CA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B72E6B12-07C9-457B-9154-A95D6BB65388}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B74C15BF-9863-467C-9283-497C63C8376F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B7CE3D24-37CC-4FC0-A4C8-F5E9A404C93C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B7E775E7-BD93-4EF0-BFDE-7437309C23D4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B80BC4F3-1D90-4362-9240-66A81CA59041}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B82C1071-F2E4-4585-8630-A81780CE4103}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B8362EF4-EA20-4F1E-BC03-15AB1D7CBC48}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B864CE1D-3631-4BDD-8CF8-673F7031B540}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B868569E-4F35-4EB5-8BD5-AE3A6ABBAFE3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B8867431-E17D-4C5E-B5AC-2F3F107062FB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B8C7CA37-E2D6-418E-B339-3F2EFCBDB909}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B8EFF13B-3138-4DF3-BD24-4395652E15B2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B918713F-232E-4D50-9A30-1F0BF00C0CCE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B91BB33C-2DDE-4674-93B4-CC148EEEB8E9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B91D53C2-0B3E-447F-9E13-8B0CB5016F30}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B939E597-7963-4206-B757-F60E6E316C21}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B94526CF-6BB9-4147-B015-6E71A0273E66}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B945D418-A801-4AE7-9DB4-5AB44EFA9E85}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B981C016-ED37-4A64-A605-8F673F543EB4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B9845590-6C94-4C2E-83B7-FF64CD393981}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B9B5E975-7133-4B82-B8CB-1A879084AA1A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{B9CA6851-ED9C-4B4E-A20E-BE40D6A074AE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BA402140-0952-4336-AE1C-FFF2BDF5D6E0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BA8C0D77-54F0-4BBB-B0BF-DAF1C65E49A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BA8F746F-0F45-413F-9961-5D469AC19D6A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BABBA29D-7466-4EEE-B5EC-DB6D7BE3B03B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BAF1A6AA-108A-4AB7-AA16-0640B4DF0B3A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BB53685B-A6D6-467C-BD38-AF55B54D6EEF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BB75766E-8FEC-49DE-BF3D-14902CF27774}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BB88474A-2C09-4050-BD90-3A5A2F368DDF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BB95C17F-05E4-4EE0-8AD4-E5234C949C47}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BC24A69E-6075-4AF6-BF4D-E3146535BE40}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BC4346D2-E577-4808-875E-93C08895AFC6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BC4D96EB-9C2D-4CE7-8104-10B6A613DC7B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BCE2FA6E-E6FA-46F8-85A3-5C35EA62425E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BCF17E51-A39A-4C13-881D-65822CB5151C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BD75968C-7425-4E1A-A1F9-33D2D042F483}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BD92808F-D521-438B-8102-EF3B255B42BE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BDA96022-0D9F-4E51-84C3-A01A4A716B3E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BE721E4D-6C51-477E-8343-51242F1ABA75}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BE80CEB9-AC32-46EA-9C3F-3AA58ACF6EF0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BE9A251C-C8F4-462B-8DC7-42A21D185757}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BEB77D18-72F7-4FBF-B831-83669F91ADC7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BEB8478C-CFE0-4AFD-A40E-6698BDDEE532}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BECAA4A3-CC86-4070-958E-9ADDBCD70BB6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BEF48EB9-BC70-450A-90F5-3439355A92BC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF00EF88-25E5-4315-B5EE-BB6FBA628AFA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF2169DB-60E7-48E6-86A7-60182EB41CC6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF2401F3-B327-4140-803E-E59D1A2668FD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF36CAB2-9CFE-417E-A09A-A21936C5DCF8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF54119A-9A97-4D96-8B0C-669F29D96CAB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF64428C-57A2-4873-B612-77819DAEBC08}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF672F51-6CF5-4D75-A6C0-7FD18EBF6417}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF68ED6A-064C-472B-A675-714757AF5AB4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF78F560-34AD-4B2A-AA20-50A1F0F273CB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{BF92EE77-036B-4411-ADF4-6895C49C96A8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C022560D-9417-4C8F-8824-9EDA0FDB13BF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C060B4BB-4C83-4145-90F6-C3492495650F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C075EFC5-5DB5-4EA9-8CB2-EBAAE4B20F2D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C086B805-B4F3-4046-950D-C217DE181D2B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C0BE9588-6532-4434-9BDC-3163DBB132F9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C0CC4DAE-7953-4887-B280-F2B755B195BC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C0FE3F0B-A846-4BB8-BF10-22AC7B02B135}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C117C9A5-E8EA-4215-B99A-A13F5967050C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C12624D5-069C-40C1-8C58-9C4C490EA2B3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C13D50FB-3CD8-456C-9CAD-41BD8C17568F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C1479ACC-2385-45FA-AF83-C1E4E715C2FE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C14B992C-A007-4ED9-8211-309686ACDA6C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C1659D75-9F36-456A-8909-0E5204B5AB39}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C196F29C-E44D-48E8-A367-C1881E9CB2DB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C1A8F3B0-EE8C-460B-88FE-838C1858890E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C1B28420-698A-414B-BEDA-1EEA806B42FC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C23BA0F8-5233-4F3F-8ACD-1568379A455C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C25634F2-C221-4F26-881C-CBC615FE18AF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C29B6457-C862-4517-9A13-BFFDB166E7B8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C2F1B187-29B0-49A5-9A42-6996589641DB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C2F259B3-6020-4CF6-907A-749C0F644948}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C2FB0E7D-8E34-4CDC-AE2C-CD8063A8803E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C2FC01E0-1C15-47AB-BF15-71F1E0A3917A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C3021566-B6EB-471A-9406-ACC921A226CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C3D8BE7C-4E44-4EA8-89FF-81055DB1C789}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C3E1C182-6B81-4459-A80C-FBC1938CD589}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C3F9412C-5168-413B-9C69-112271A7A3D1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C40DBA8B-2460-493B-A19D-1AE724DDBAA9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C411DAF5-D17F-4916-8507-DC4F3674E0B4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C4603DA2-CF20-438F-908D-E2ABBDEB2812}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C46664D5-7953-46DB-8E3B-DA2893BAEE73}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C4820D90-BBAD-489A-8DB4-F8DCF76B807C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C4990ECA-4D6E-4F62-89BB-24BD698DBF88}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C4A40AE1-BDC3-4AB0-AD65-ADF45611B221}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C4C18139-9FCA-44E7-8F96-CC83145139B0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C4FB4523-4944-432B-82BD-24548CF6C8E9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C5070CF7-3941-4228-AEE1-2EE55E08584D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C50D63ED-1F29-4DB1-A708-F2C61A0CD04C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C510EFE4-9882-49EB-B892-662D9AC1AAF6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C52427A0-6A56-4683-A6F7-363098DF83CD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C5C07AF3-E9CB-427E-88EC-294A7D55983D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C5D9121C-8E2E-42B1-B6CE-E3A92DA75330}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C5EA7F0E-2765-4D35-A031-6A8A15AB1736}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C5FE13E4-2454-4C79-BE24-CBBAEA75CDF9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C621BD64-3D53-498F-86BD-0C3B627198BF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C6512D31-CF86-46ED-8571-DF6BD41C4B7F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C653791D-0DA3-406D-97D4-554447619A37}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C65D7B4D-4676-47EA-BF11-5004387CB42E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C665A8CE-3D6C-429F-BC4E-B2D722195DC9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C67140B2-204E-4EC8-AD80-30294E326B56}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C6890A9B-3C02-4BE8-8470-086CCE1C78CF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C69F0359-C7D0-47FE-B9EE-BFA080CCABA6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C6F12D53-1E68-4EF4-9156-D6B104CBC5DC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C6FEB569-2CB4-4D72-832F-21352E0FB0F3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C71795B3-1B99-4F3A-96A9-90D1C4D20AE6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C737ECD5-C459-4735-B347-A5E751C713D5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C7513CD0-AFDC-465F-BB1E-7A3E13BD5B84}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C76166FF-A3B4-4CD6-947D-8209EC14E360}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C79B300B-D308-48B8-9AB9-9F4BB0BF9B2F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C7ECF3C0-F5E6-4095-AED6-A05296A55405}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C8136E86-2837-41B2-8BC6-7B5A914639E7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C82A6A00-4AB8-444C-BCEA-9D720036DEC8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C85E7D6C-E2B8-44C1-B2F8-42B7E09CC34D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C87F5DC7-5B99-403C-9DE1-65148811278A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C8A44257-80EC-4A56-B40E-385F2E903931}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C8BD6201-A12B-4E5F-9559-CE587331BC23}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C8C56829-6725-4036-AFF7-7D08D993A68F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C8D0569F-BE1B-4577-B546-E4A2708BD6CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C8E0F146-3AC3-44C8-8149-3EEDA0852EAE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C9022290-C926-4F32-A667-69D4C66977D3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C91BAD03-EF9A-4A98-A352-37B0379DA784}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C95A1E95-9C3B-43A8-94E0-ABEE5D695228}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C979A6F2-0179-49BE-A272-F67FEA39DCB7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C99C2EEF-C473-4DD9-9FBE-3C4DB327861A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C9AF4913-7189-4FE8-B54A-F1588A22223A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C9B724D3-89C4-4CDF-878A-DBC81442230E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{C9B8E046-87E1-4EC5-8C38-212AEB7AD3E5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CA1708FD-007E-4424-8877-017E2B935BB0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CA1E1095-E8D5-47FB-92FD-4C2F43AE047A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CA675F07-A388-4555-80A6-5896642B257D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CA693059-EADF-4253-9B8D-D4A407B1104E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CA83728C-A7E0-4D30-9210-E0929E4C20B0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CA8D879A-C19D-4852-AC1C-B1410A8D24DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CAE548A8-37E5-4BD7-B2ED-D13F16CF8CAD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CAFFBB85-18B5-42F3-BB95-EE3C47550B96}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CB8FC8D7-ECF9-4972-81B5-7FE6594E5303}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CBBEC832-66F2-4069-8D02-BE83733ECECF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CBC2A7FE-38A5-4A4D-B04A-3089627E55DA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CBC6F42B-4DFF-46DD-9EC0-C65993713DE7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CBE71856-567F-46D6-8AE7-C90FA5354F4E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CBFE8660-001F-4E3D-9CE7-B06AE27126D3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CC4917E1-53AF-4780-806C-35B3A0753D42}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CC4D17AA-DEB6-42EE-B608-A7695E71FB6F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CC5BFBD8-9F22-4595-A1EB-CCB5402CA288}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CC82E834-C910-4FA2-8BE8-F251745AE941}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CD0CC9FA-3C62-4B41-B15C-CBCE94C26071}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CDCC6E2E-60A7-41E8-B310-F4602BE99299}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CDF1D9AD-3822-4354-9831-F5F9E6F04B15}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CE041499-036F-4CA8-B205-1AFBCB77E48B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CE3AF15D-4CA7-40AE-9B87-8498C4F8F308}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CE415144-22C8-43B4-8B0F-6CF21E9725BA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CE6E3189-D08C-46B7-9AF2-B4AEEEFF2DB1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CEAC67F4-70D5-416E-B2C9-775DDF34A215}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CEB0D982-A62B-4ADC-8B7F-88CDEA25B6A1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CEB5703E-1A88-4BE9-BE6D-00A415D6374E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CEBD0407-311E-41EC-B6D6-5D97BE8A06AD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CEE9D97F-7B00-49B1-8992-A083CE6D67ED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CF074EA3-9502-483A-8039-C9529DFEC43A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CF26B266-1DA8-4DD4-A568-635E4CFB2CA4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CF319B87-633A-4AE9-BF51-25E7188A3661}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CF60BEC0-D583-488F-80A1-F660A94886FA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CFABC5E7-27CA-4A5A-A03B-0887E2E53615}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CFC13E9F-6F00-4663-8DA4-BBC3885ECAFD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CFEE6E7D-0A98-43C5-9C7D-0F4FCA2D310B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CFEFD66B-18B0-488E-B99F-55DDF7195521}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{CFFD40E4-4AC3-4270-9816-D744F672DBB1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D0393A00-26E6-4230-BA8A-27F4B62C252B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D060ECB4-64FC-4C69-B34C-735178106B10}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D078770D-E531-4A23-ACA9-21B7D1174B3F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D0B9FD5E-67CF-402D-9490-E212D3D00883}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D0C8BA3E-98A2-4823-B20C-6B8A054CEBEB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D0CD0BD0-84FE-406B-B751-6879B341A43B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D0D6673C-9A3A-48B5-941C-FB3F279E6BC4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D0DCFF50-449C-4F76-A92F-ABE3E6503549}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D0E177C9-DE3C-4C42-803C-1127A667BD28}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D14FEC22-4932-4395-AAE8-6CDA99E85DF3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D15AA202-EE61-4185-AEA9-DE8E174BDEEC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D15CE0D4-AB22-4BE7-AADB-B0FD961488D6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D193F04E-20AF-4113-B53A-1BB545227333}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D1DBCAD3-032D-46EB-9DB7-98D393641EE4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D1ECB35D-E8DF-4453-A7FB-82C27BAD7663}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D214CB09-ED7F-4D6F-A5B7-9065223D903B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D21FA470-D9D1-465B-A5B4-86D62A3BB2AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D22F3399-A790-4E76-B1BA-23DF5064A252}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D23B69DC-007E-4F6E-A6EF-83E27CBE84D4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D245F16E-FA6C-4552-A1CF-5DA091521B34}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D265AE0E-5921-45C8-88EF-494A4C4D1E3A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D2AC5597-D496-41FF-8072-BC2E06BCB66A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D2BF3288-469B-4302-9C6A-9CCD1CA7C90C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D2E1EDE5-F5CF-4C96-906C-79C38B7CB0CA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D2FD740E-F17E-4E14-9646-7E799DB2B25E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D3775158-885C-441A-B38F-13830B78F2A5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D38A3864-3DDC-4208-9B73-FCD81397BA75}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D3908920-D49B-4500-A011-A5B82B83D727}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D3A203CB-A709-4FA6-9816-3786B15267F9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D3D2E228-A03E-4C03-8368-D05055D4FE16}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D400B812-CB35-4398-8C07-BCA14B7D458F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D447FF54-094E-4CCB-A258-51C9C48E08A5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D44CA9A0-CC0E-4FDB-88E4-D9A31E359630}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D47D7B57-F33C-4233-A35E-E03E00B66E60}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D4999081-5CA9-4777-B3CE-525585DFE32E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D4ABA639-DB47-42B8-A617-DDB767F36F73}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D4D0FA52-9C96-4EC4-8115-BD7CED804F6A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D4DFAE0B-95C7-4DAD-B91B-C6732BC0D12F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D4E07333-D850-496A-9120-CB4C4ED080EE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D4EF8CAE-EF72-49DD-A905-95327F8613E6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D5457476-8471-45BB-9563-3004E1D42442}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D582D958-2F58-44F5-9003-C7D17173DB7F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D58C085F-C9A8-4945-B2A3-14B82936B1B1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D5ACB11D-78E5-4C61-B0CB-6715B580C9A8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D5CDE893-485D-4E49-9248-BA2370E2E5DA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D5E0D0CE-F028-46F0-85E3-D2F2161C41DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D5EB965D-4E05-4DDD-A057-0F62D19A68C6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D61980E7-6B5A-4C39-83A7-273526BD0A86}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D685CAE7-EA98-46E3-A03C-029DE1E60B18}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D6BD04B0-2D5F-4DB8-8619-6426FD751969}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D6BF03EE-7609-4BC4-8557-F35C16BD20AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D70B2B71-EE8A-4563-8FE4-A2D2AAD8A6AD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D75D9B07-8C01-4519-8F8C-4F43F73AFCE6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D766A3D2-8360-47E2-926E-6194A7DA48CB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D78AAD5C-6065-4CC3-B511-6AFB2F0C1E13}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D78F2B9C-3DAA-4A7C-BB3F-554F3F7997D7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D79493A1-AEBD-4A76-8831-7B9B11F2A217}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D7C0EA26-BCE6-4FE1-820F-B5A9B449B83E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D7DAE8D8-A5DB-4533-BA9B-33A9C627A1EF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D7E214BF-F784-4B55-84C3-08876BBAB575}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D80E4F46-AF15-43F4-8A71-24D250416924}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D81DA1B3-1315-45EA-99CD-79372DD967ED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D843B098-6338-41F9-8A42-DBDBC6300E97}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D850A458-862E-4C5F-850B-A30A3DC83A0B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D8548DAA-1E02-46B8-996D-46739DC57062}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D8B0685B-3985-41C9-8062-847EA06DA85B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D8C64175-D23A-439C-804E-26FBD6342B6A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D8DA5C9A-31FC-4679-AC63-3EFE7AFB2788}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D8ECB01B-ADE0-46C3-9D55-D1244A9EDF21}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D8F4B38D-867D-4E95-B3A0-F71D74C8E044}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D90B962E-923A-4F17-9D17-C62BFC311B37}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D9303EED-52ED-4A68-9764-34A6C15A59D1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D9557DA4-321E-450F-9AD2-BC1C1495BC56}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D961E25F-DF1B-4B82-A7FD-A17EFAA3F40F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D9B6F848-DF9B-4362-B721-077266589248}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{D9BBA9A7-993D-4947-BC07-18428844C61C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DA096936-496B-4809-933E-2A3D8A8E1F1B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DA3D0CF2-EBAC-47C9-9589-A66B8248D98A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DA40D976-6414-43FC-B18B-359CD04DAE88}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DA67CFCB-84D1-4868-87EB-EE776DB252DB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DAC9ACF0-0974-4D53-A14A-AD5747618826}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DAD1B7EC-B2AA-4482-A5C0-D9F93B72BE08}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DAE8BE73-FA32-4725-86B5-E3F57AE4FDB3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DB544DE2-B4A1-4C9F-BB5B-997265E22E53}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DB5A1B67-4C56-4444-8C17-BFD80BE9C50D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DBA0BDBD-B662-4467-9051-78724426B7C3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DBA0D110-8D91-4DB8-BCFC-2AA597F2BEA3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DBA1E461-5B40-454B-A992-C90E4D01C2DC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DBBF9D06-6D41-4FBB-B585-37507C6A789C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DBD06215-E5E4-410D-B569-1A56712B7A6C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DBE8E8A7-4A38-432F-AF82-ADAF01AD89A7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DBFD24E6-8AB1-4BD2-BB75-A6AD7D4A687C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DC1E332B-3B7A-4E99-BC7A-1CC58A4A854D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DC275F0B-E29C-450C-B082-2401891BF239}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DC63E6B4-D863-4421-92FD-1F581835471C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DCBAA1C1-A269-490E-912D-E1C33B9DBE2F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DCD697FA-4031-464B-A699-8B06110EE995}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DCEA2528-8441-4684-91F7-B97939B2F853}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DCFC3DF8-2EF8-4652-9A96-73F145F03760}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DCFC4B57-F0CD-4390-9FFD-72984653711D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DD070CE8-034A-4A6D-86E9-3BC9ED427D51}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DD0EA2D9-DB1E-44EE-9922-DA212EEDD4F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DD46C88B-41EA-4278-9727-E82E43B67937}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DD52AA4F-CE52-44F9-8690-8EBCA46560F0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DD55045A-B7DB-4750-8418-C1480731B275}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DD935D56-A64A-4341-9A41-05F03EF8A964}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DDA4D111-F0C4-4A34-A814-5FACF9B8DD4A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DDDD872D-33F3-4A8D-9A35-841119699EB8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DDE24C45-33CE-466C-B018-B17CB9752222}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DE133654-C752-460F-8A01-0B9D7F96C6F8}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DE196D1B-FA3F-4047-BEB4-172696479590}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DE65AF84-1077-45A5-846F-9C3BD8325875}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DE78081F-73A5-438A-8EFC-B9CB099F7205}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DECE9AE7-0420-41A0-9737-196941ADC0DE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DEEC8193-9A4F-4967-8ED5-8C53C4F5FBBE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DF438C78-A76B-4DA1-A7A6-5FB002912BD7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DF9FECEE-298A-48DF-9849-54215606C338}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DFA2E38F-9EC0-402F-8872-1CC88C1BB11B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DFAF76AD-3F33-41FF-A061-71A42D544860}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DFCE621A-8E84-4C35-A733-BC40B52AE173}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DFD55730-D33A-4664-BE95-0FA6FBB71F7F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{DFE03B83-0818-461A-B486-7B7BF5079DA6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E011B835-157E-431E-BC36-2734533029E3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E029134D-00E5-47E9-9F78-A063BBFEF320}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E02BD4BE-847A-4776-A8FC-AAB8B0B946E2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E073D972-0D74-435C-AE42-E70DBB043650}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E09A2D2D-E1C0-4731-9016-7EE4A331BB3B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E10EF76F-B48C-472D-BC25-FBEA2BA7FB71}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E11C33B6-AAD0-4BCA-8647-7C988C214962}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E12DE2ED-DF75-443A-9BD0-83B852CF8F7F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E13F7EE1-438F-495E-AE56-A34F6808B8D3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E14DDDAC-3FF1-45A7-9DD3-3B59774ED586}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E1A80027-75B7-4928-A4A8-E39A81F4416D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E1AFC68E-4626-4AB6-8E3F-57E93282016C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E1DF092B-62D5-403A-ACF5-0831AE32AD80}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E1F0513E-7DAF-4668-9AEE-5D4E9E3D685A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E1FFD8F6-45F6-4EDB-9020-38E83066774A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E22100E7-8D54-448A-9E8A-3CD9F4B85817}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E2319DAA-BEEB-4619-901D-41665014D962}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E24215D6-A214-4F7E-8B1E-509A74AD5476}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E2F4661F-5E7B-42C6-8D02-720D356C716B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E309971D-F5CC-4595-A24B-FF79D7A383BE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E309F101-D5DD-46BB-9F21-DCA99019F8D5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E30A5944-B955-491B-B93A-B614DD8DA8A7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E30EDD9F-188D-4E38-82FD-CCC0B1DD6A5F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E3206A22-8A90-4A62-A440-0753F52DDEF2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E32F75C6-9465-44F5-9391-383EE1223784}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E3398B31-6410-46F6-9348-CBE6F6892B71}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E37C460B-22C7-4B5A-8AFC-3CAF66C1D9B4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E393DEFB-6B1B-4F2D-8642-3150BB00FDA1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E396A323-7B37-4281-8065-839888F8C179}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E3B677AC-7574-4225-9050-3B1EE75CE656}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E3C0CFC4-5F8B-4E0B-B5CB-8AAEC67A9F2D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E3F06234-DCDA-40BD-915A-1F2DEB4647D2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E4120F98-B8A0-46A0-A2EF-6E9089FAEAE6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E4185D76-7414-41B7-A0BA-8959799C5417}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E41CD0CB-C896-442C-8268-E59EEC345E64}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E42B4E09-F8BA-43E7-B1A7-DF29ADFDFAC4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E436A1D2-77E1-4490-A3B3-7B67F5CC2674}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E47D279A-4DF6-4D60-808A-1BC7CAF48E4B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E4C3408D-48EB-4C57-8404-EA1584B92BDB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E5043E6D-1B0A-4E70-80FD-4B7D3C027DA6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E50692EE-6E85-4685-AD90-27252C7C67EC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E54D224E-1B63-4B2F-97F5-97128E60C6ED}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E577574D-58A7-45D2-9B4C-2356C11025BD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E5ADCFFE-FBCA-4099-88A6-A2FB7F13B2AB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E5BBD86B-2EBA-49AC-8C67-646AD5D39395}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E5D13947-7728-4C68-9A2B-5F08FE1C868B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E5FCF343-3A8C-421D-AA6F-F8BBD8C739F6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E6027A82-797D-4B29-84F4-35C95373869F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E60DB794-5573-4C67-8FBA-EC63E9397105}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E627E4D4-3C24-4CAA-B1ED-0E7BB4C3E023}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E664186F-9EEA-47D0-8B14-B1678EC6AC3D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E676D86E-B881-487B-B05C-69454279F293}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E69BF17E-F14A-47F6-BEED-68F41D16DEE4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E6A566B9-4047-4EA9-A63F-FE551092F537}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E6ADAADE-44DC-4C55-989D-94E43D54DD10}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E6ADC855-B897-4F8D-8C6C-E7CC5607D162}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E6CFBECF-E649-4066-BAEC-7F78C7D8952D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E6D3E0E2-429E-4BCE-AC86-ED5E9BC87F4D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E7173AD4-C1E1-4EB4-BA8F-19E06B0CD6DD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E73778D1-42BF-4ED5-A31C-CDA288348868}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E738E362-DC63-4B64-A0BD-C4772CA06301}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E73FABCB-B6D2-4F43-80CC-FADD2EDD0F79}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E757F0A1-E1B6-4829-953D-EEA0EF6C40D2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E758F86A-84A2-46A1-B17B-F43865B58D17}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E77B37B4-0768-406C-9A0D-8595D336824C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E784F30F-045F-4F38-B8C5-91EAB8C1986A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E7C80685-02E5-420D-8C42-F3EDB0F619E9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E80F74EC-82A2-47F1-ABF9-220C2729563C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E814D49A-F497-458B-AF6E-7EC85E67D794}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E8243FDD-4FF0-4A99-B269-CE9E0529E35F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E8543079-1843-4694-A90E-12C551EE835F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E861A1BC-F710-42C2-99CF-197E0EC89C34}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E88C35AA-3D57-4C57-8296-B246192ED8BB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E88DE5BA-EC33-4581-B212-550A11C5A488}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E8C89486-FDBF-478C-B166-890A6545F5E5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E8E8F080-6810-4023-8ABB-A4E03551821A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E920EF05-78B7-481E-9FC6-BCA9EF049857}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E955BCD7-5A61-4649-A2D2-64B0807F37EE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E95C27B7-9E44-40A2-9FC5-4565A60B263E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E9648CE3-0FA0-4BD9-8D74-28EDF5BB8F80}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E9906C25-261F-4499-BB89-F21C51B359FA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E9ACC1DC-32E6-4334-A382-32A3B94C2DAE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{E9BCA297-0BD9-4FCC-A1AF-3E1BCF948FBB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EA1F2DC0-3F9F-4CDD-ADC9-8DD34AED872D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EA4DDFB3-BF01-401E-A8B7-BFF8D4811494}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EAA4E978-7004-4314-9788-9493125033D2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EAEF7F6E-F97C-4CFA-A782-68121BB8D9F0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EB287ED1-2332-4A2B-8939-9944185AE1F4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EB3694C5-EFA6-401C-8DAD-2E7D6F98B270}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EB46E27E-E753-4AED-AC3D-39F71BD7CC6A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EB7E649E-1BE0-46AC-909E-4A1BEC3EA863}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EB98997D-0EA4-44F9-A903-06D06DCE4706}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EBE3BC4B-CA1C-45DF-BCC3-AD9FE6E94892}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EC8A1DCD-DB51-48A3-A516-0B44A7F25039}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EC93BA23-6F6E-4C3E-9D40-8F565728AFCF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ED2F11C5-6E05-47C2-BB44-6DC71CAA2D0B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ED43D0E1-B854-41B6-B7D9-98ACA0592995}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ED4D1317-2955-41EC-84A3-6536F8D8BE46}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ED5D7569-3C49-4F91-BB48-A42C76804C0D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ED6F3497-3EC8-40FF-809F-1BB4EA3A2577}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{ED876675-BCC7-4FAC-86A9-5B944B935D15}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EDAB65C7-80CD-43FC-8941-886075EDAE41}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EDD5F425-ECFE-4E10-9BFE-F42BAE09F0D6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EE11AA2C-21FF-43CA-8D02-E78FD6C84D31}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EE3D650A-45BC-4BE8-A868-7BA857A67839}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EE48E43C-BD8A-4FFC-AF0E-421A93B5BEA6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EE4F6B1C-9D4D-4A52-8C03-72C1C59FE099}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EE6D79D2-A853-492F-A39A-69CB39D7E312}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EE7E330E-1882-48F9-A065-12C4D6F1E74D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EEE85DEC-330A-4F3E-BEE7-5E7D9F8CC660}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EF679CDB-EF6A-4497-B832-3650DF82ACCA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EFE57238-AE3E-4405-B54B-5EB8714F162A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{EFF17257-CED3-47CF-9865-D3C4E55DFBDA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F0143B53-E5F3-4619-864F-0AECC6CBE17A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F01FA1C8-E1ED-4A03-8423-BCF3EF04C1A5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F0703E59-D707-4ED8-A753-E876DEF9B720}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F0A58BD2-8A6A-4CA0-8A81-E1D71903225A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F0DC72C0-7460-46AA-A75A-F39B6C987EB6}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F0EA3CCD-B369-4C6B-BE31-938F760D5E2C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F1043987-BED3-49E7-8E9F-1968E0E8CFF2}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F11AC5E1-AAA0-42D3-9ACD-3E0E66DFA6A9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F136FCF8-9FBE-4115-A9E1-44B970C28F6D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F17E097B-F540-445B-AA4A-6242A8089985}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F1CDC6B6-80CA-4642-B60D-AA36D5CAD4D0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F2073CBC-4F6F-4491-B177-C981DD68957A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F278B819-370D-4B95-8848-DC2787E2891B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F29BF6D0-D4EF-4010-99CA-C3EBB72D1792}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F2B3CD97-DEA2-49AE-A787-5BCBD10502E4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F3164542-C64C-469D-BC48-3C8A1C8752FC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F31BBA8F-2C8E-4C8E-B1EA-3B74888C12E0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F34ED58A-455E-4373-B301-40A35793020C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F3D0D159-0BCB-4CDA-9266-7CD3180DEF2B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F44C5B94-9502-4B20-AC25-BFD9CD2D412D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F473328A-600A-4015-93BA-B74FF70FCE8B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F47EE6B4-221B-439C-A5E9-C8830984DCCA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F47FB863-33BA-4475-9E78-DB2E6302697B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F4A31B79-878B-4AA0-82D5-52563FC81F65}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F4E8F48A-DCD5-4A8E-A86A-35C70BC00B05}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F53B46C3-9E94-4F7F-94ED-8894F849BE61}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F558D91D-11A2-45B3-87A5-87A9F8E43492}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F5B82ADA-FD2A-4746-A140-A08474FF89F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F5D8DFBE-4CE9-4B82-AB9C-1A0194B4DEA3}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F5EFBE8C-C3B7-415E-A59C-189F9F8B9487}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F5FDAF2D-146A-4627-AC8A-58597DC76CA7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F66327A0-C583-41F9-B6A2-508417D8D2CE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F6A470B5-B0E2-4D00-93D8-8B80C7DA1980}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F6B1C364-7F25-4A70-AB19-076BA1D6E606}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F6CEFB90-B945-49F7-9296-117689A3B170}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F6EA8E90-3C65-48E7-A589-286F91F93F3B}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F6F9B13E-80F7-4C0E-9232-0E4D90BBD302}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F7033715-FC09-431C-9C0A-0B42D966A04A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F7561A43-988C-4D54-BA27-F3ACCF34F347}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F756DA32-42A9-4C03-A84F-6ADDC03BA9C4}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F776E1DC-4884-426F-B0D7-611E978E97F5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F77E1B26-27EF-4F03-91C2-20DED7A606EE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F79B640A-D398-4519-9852-7FD07BABC5B7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F7A4A6BA-880B-46A7-8D13-F3673217D8FE}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F7A586AD-8E54-4218-B06F-F33C209F2852}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F7ECD49A-A9FE-4F74-8F1A-0E259B879282}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F7F589C2-FD76-47BA-9C7D-A21EA11A81AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F7F77871-FF82-4426-9F4F-09F86C8D6078}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F80766EA-7C00-4270-93CF-331F6DFDC992}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F81DC0B8-5B45-4DC1-9098-5095431FF608}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F85647CD-88D4-4DE0-B4B9-C107707FB695}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F883014F-2BA5-4411-B001-525935DF2383}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F8A7A840-7013-4B49-A18E-EB8841A2755A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F8ABFE8C-0DAA-4074-95B8-0E461C63383F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F8C4C224-D851-4056-9F7C-B6E07BFB3505}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F8D1E6B9-1A55-44B6-A38C-9F9BA3952DCA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F8FA0B0C-51F0-4625-9C34-7D98F38A9C06}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F9273786-4A45-4ACA-BEAB-80FBCD502D76}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F9277674-53C5-42F8-B255-B072B5D1F72A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F93696E5-4BB6-4F1C-801D-F4988521A411}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F987E742-BF60-4612-BED8-997FC7ED791E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F99FB019-B5E3-40BD-8BEE-D5A19D0C6C22}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F9C3C1B7-41D4-42AC-91FE-B7D0C0E2290C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{F9CF6093-DE03-4261-B4D9-593E41096552}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FA111A00-B6FF-4B20-9C24-22CFC64F7B42}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FA16CBA5-5A77-4594-947F-C95B1EE60EA9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FA2B39F1-C67B-48B1-B6A7-3547FD351C48}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FA5D604F-11E5-4BD1-A682-BE5AFE2B22CF}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FA60A3BE-846B-46B1-A972-BA03B490EAFD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FA95DA7B-CD0C-43AD-9634-F2E09FF1EFCD}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FAB1B694-CFEB-4FA7-998A-EB8F07864936}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FAC5685C-E11B-480D-B8A3-C2C7BF4017FB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FAE60FC5-16BE-4BCB-A4FD-E0BA47180D1A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FB304607-6206-48F4-9421-44B202D7DEE9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FB3F6EEC-A841-419C-B388-9F483484F552}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FC0019A2-D836-4778-828F-323B4708A87C}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FC6DCA0A-3290-4518-804E-19DF418A5FE0}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FC70C444-62AC-473B-8E90-31673B8635AA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FC71733A-BE0A-4461-A145-603E94D4CE19}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FC837793-2944-4B77-AA9E-4613115E6A67}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FC90997A-E96D-4EBA-86E7-B05EE4E39D9A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FCAEEC62-EA89-4AE7-ACCA-5037C7F65D51}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FCBAE1B0-B221-4DFA-96F2-4A0BC4BE4ABC}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FCF1442E-86FB-4104-B32E-AD732586D8F1}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FD1FB04E-8619-473A-BDD5-123ED32D1AB7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FD22EA94-9224-4D07-9D6E-FE910DEA8F76}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FD4A0166-F082-4DFF-832E-2EED97A7B66F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FD7EBC7C-2143-4AED-B7D7-C3CB050B9FE7}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FDA16300-595A-4C69-A52F-2A52FEB93AF9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FDCCE539-57F6-47F2-B0AB-DECAED00BE79}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FDF13FAE-FE90-4D43-916D-F386F310FC20}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FE00BC1D-A42E-43BB-975C-6702B292163E}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FE01922E-1395-4990-B18C-39CC71587986}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FE78308D-C7F4-4A31-9D1F-9F2239B870E9}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FE7FA4D3-C76E-4987-93EE-1ADF2253E878}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FE8092ED-875C-4E1C-9C0F-0B62FE5939DB}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FE8B87E9-D2FE-4451-A71C-88D2F1265BFA}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FEA03A7A-FAA7-4211-B5F6-AF76E51BCDB5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FED17E0A-1BC7-4AF1-832C-B300510F8B3D}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FF360D55-FD50-4FFE-ACFD-BE4AD739B87F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FF7AC0AE-E2ED-49E2-8C8D-10DA6BD571B5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FFA235EE-739D-4794-8089-057DC8FFC580}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FFD19E93-2243-4CC5-A37E-026674231046}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FFEE9733-8F22-4717-870D-68156C96319A}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{FFF6CDF0-F546-400D-8658-850EF1DCDC3B}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2015 at 15:56:10,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 25.01.2015, 16:20   #15
rueda
 
Windows 7: Trojan.Ransomlock.G - Standard

Windows 7: Trojan.Ransomlock.G



FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Daniel (administrator) on DANIEL-PC on 25-01-2015 15:59:14
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available profiles: Daniel & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-15] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\B3AEC8EA5.lnk
ShortcutTarget: B3AEC8EA5.lnk -> C:\PROGRA~3\5AE8CEA3B.cpp (No File)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2189779353-2093667472-534821050-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2189779353-2093667472-534821050-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2189779353-2093667472-534821050-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll (Google, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll (Google, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2189779353-2093667472-534821050-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2189779353-2093667472-534821050-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2015-01-25]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF

Chrome: 
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-18]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-18]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-18]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-18]
CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-01-24]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-18]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-01-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-01-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2014-12-19] (Sirrix AG) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138272 2014-09-05] ()
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [219680 2014-09-05] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [271176 2012-07-09] ()
S2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-11-26] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-01-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-01-24] (Symantec Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20150123.001\IDSvia64.sys [668888 2015-01-23] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-11-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150124.003\ENG64.SYS [129752 2015-01-24] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150124.003\EX64.SYS [2137304 2015-01-24] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-01-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVCx32: eventsystem -> C:\Windows\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: iprip -> No ServiceDLL Path.
NETSVCx32: netman -> C:\Windows\SysWOW64\netman.dll ==> No File.
NETSVCx32: wzcsvc -> No ServiceDLL Path.
NETSVCx32: ip6fwhlp -> No ServiceDLL Path.
NETSVCx32: WmdmPmSN -> No ServiceDLL Path.
NETSVCx32: Appinfo -> C:\Windows\SysWOW64\appinfo.dll ==> No File.
NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> No File.
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll ==> No File.
NETSVCx32: EapHost -> C:\Windows\SysWOW64\eapsvc.dll ==> No File.
NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> No File.
NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> No File.
NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> No File.
NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> No File.
NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> No File.
NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> No File.

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 15:59 - 2015-01-25 15:59 - 00024714 _____ () C:\Users\Daniel\Desktop\FRST.txt
2015-01-25 15:57 - 2015-01-25 15:57 - 00000000 ____D () C:\Users\Daniel\Desktop\FRST-OlderVersion
2015-01-25 15:56 - 2015-01-25 15:56 - 00185845 _____ () C:\Users\Daniel\Desktop\JRT.txt
2015-01-25 15:50 - 2015-01-25 15:50 - 00000000 ____D () C:\Windows\ERUNT
2015-01-25 15:48 - 2015-01-25 15:48 - 01707939 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2015-01-25 15:43 - 2015-01-25 15:43 - 00001659 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S0].txt
2015-01-25 15:25 - 2015-01-25 15:38 - 00000000 ____D () C:\AdwCleaner
2015-01-25 15:22 - 2015-01-25 15:22 - 02194432 _____ () C:\Users\Daniel\Desktop\AdwCleaner_4.109.exe
2015-01-25 15:22 - 2015-01-25 15:22 - 00001749 _____ () C:\Users\Daniel\Desktop\mbam.txt
2015-01-25 09:27 - 2015-01-25 09:27 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-25 09:27 - 2015-01-25 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-25 09:27 - 2015-01-25 09:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-25 09:27 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 09:27 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-25 09:25 - 2015-01-25 09:25 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-24 22:52 - 2015-01-24 22:52 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2015-01-24 22:29 - 2015-01-24 22:44 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-01-24 22:29 - 2015-01-24 22:44 - 00002323 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-01-24 22:29 - 2015-01-24 22:29 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-01-24 22:29 - 2015-01-24 22:29 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-01-24 22:29 - 2015-01-24 22:29 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-01-24 22:28 - 2015-01-24 22:47 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-01-24 22:28 - 2015-01-24 22:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-01-24 22:28 - 2015-01-24 22:28 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2015-01-24 22:23 - 2015-01-24 22:27 - 191136136 ____N (Symantec Corporation) C:\Users\Daniel\Downloads\norton_360_setup.exe
2015-01-24 21:33 - 2015-01-24 21:33 - 00023593 _____ () C:\ComboFix.txt
2015-01-24 20:51 - 2015-01-24 20:52 - 05609462 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2015-01-24 16:56 - 2015-01-24 16:56 - 00000000 _____ () C:\Windows\SysWOW64\sho7417.tmp
2015-01-24 16:55 - 2015-01-24 16:55 - 00000021 _____ () C:\Users\Daniel\Desktop\catchme.log
2015-01-24 16:31 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-24 16:31 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-24 16:31 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-24 16:31 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-24 16:31 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-24 16:31 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-24 16:31 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-24 16:31 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-24 16:25 - 2015-01-24 21:33 - 00000000 ____D () C:\Qoobox
2015-01-24 16:24 - 2015-01-24 21:15 - 00000000 ____D () C:\Windows\erdnt
2015-01-24 11:18 - 2015-01-24 11:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Daniel\Desktop\tdsskiller.exe
2015-01-23 21:27 - 2015-01-25 15:59 - 00000000 ____D () C:\FRST
2015-01-23 21:25 - 2015-01-25 15:57 - 02129920 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-01-23 21:23 - 2015-01-23 21:23 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2015-01-23 21:23 - 2015-01-23 21:23 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2015-01-23 21:15 - 2015-01-25 15:57 - 00000000 ____D () C:\Users\Daniel\Desktop\mist
2015-01-23 20:53 - 2015-01-23 20:53 - 00000542 _____ () C:\Users\Daniel\Desktop\Neues Textdokument.txt
2015-01-23 20:22 - 2015-01-25 15:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 20:22 - 2015-01-25 09:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 20:22 - 2015-01-24 01:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-23 20:21 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-23 20:19 - 2015-01-23 20:20 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.08.3.1004.exe
2015-01-23 15:17 - 2015-01-23 15:17 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Sirrix AG
2015-01-23 15:16 - 2015-01-23 15:16 - 00001259 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-01-23 15:16 - 2015-01-23 15:16 - 00001247 _____ () C:\Users\Public\Desktop\Browser in the Box.lnk
2015-01-23 15:16 - 2015-01-23 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\ProgramData\Sirrix AG
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\Program Files (x86)\Sirrix AG
2015-01-23 15:13 - 2014-12-12 16:02 - 00915864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-01-23 15:12 - 2015-01-23 15:12 - 00000000 ____D () C:\Program Files\Oracle
2015-01-23 15:12 - 2014-12-12 16:01 - 00127408 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-01-23 14:58 - 2015-01-23 15:09 - 575369736 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.0.0-r30.chrome.Archive.exe
2015-01-22 15:52 - 2015-01-22 15:52 - 00003114 _____ () C:\Windows\System32\Tasks\{B91BDA59-9C0C-4BC2-833E-8CD34949DD65}
2015-01-22 10:27 - 2015-01-22 10:27 - 00001249 _____ () C:\Users\Public\Desktop\HP LJ M127128 Scan.lnk
2015-01-22 10:27 - 2015-01-22 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-22 10:27 - 2015-01-22 10:27 - 00000000 ____D () C:\Program Files\HP
2015-01-22 10:26 - 2015-01-22 10:26 - 00000275 _____ () C:\Windows\system32\AddPort.ini
2015-01-22 10:26 - 2015-01-22 10:26 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-01-22 10:24 - 2015-01-22 10:27 - 00000000 ____D () C:\Program Files (x86)\HP
2015-01-22 10:21 - 2015-01-22 10:27 - 00000000 ____D () C:\ProgramData\HP
2015-01-22 10:20 - 2013-06-17 23:51 - 00957264 _____ (Hewlett-Packard) C:\Windows\system32\hpptsplj127128_x64.dll
2015-01-22 10:20 - 2013-06-17 23:51 - 00789328 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hpptsplj127128.dll
2015-01-22 10:20 - 2013-06-17 23:51 - 00528208 _____ (Hewlett-Packard) C:\Windows\system32\hpwia2_lj127128.dll
2015-01-22 10:20 - 2013-04-05 15:31 - 00557088 _____ (Hewlett-Packard) C:\Windows\system32\hpzjcd01.dll
2015-01-22 10:20 - 2010-10-21 22:15 - 00217656 _____ (Hewlett Packard) C:\Windows\system32\hppscancoins64.dll
2015-01-13 22:33 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 22:33 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 22:33 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 22:33 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 22:33 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 22:33 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 22:32 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 22:32 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 22:32 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 22:32 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 22:32 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 22:32 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 22:32 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-12-28 19:45 - 2015-01-08 11:00 - 00000000 ____D () C:\Users\Daniel\Neuer Ordner (2)...#

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 15:53 - 2011-08-01 16:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 15:49 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:49 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:47 - 2011-05-20 21:25 - 02087352 _____ () C:\Windows\system32\perfh007.dat
2015-01-25 15:47 - 2011-05-20 21:25 - 00598794 _____ () C:\Windows\system32\perfc007.dat
2015-01-25 15:47 - 2009-07-14 06:13 - 00006548 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 15:46 - 2011-08-01 16:03 - 01404889 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 15:43 - 2012-01-25 21:04 - 00000000 ____D () C:\Users\Daniel\Documents\Mein Steuer-Sparbuch Heute
2015-01-25 15:41 - 2013-01-19 10:48 - 00000000 ____D () C:\ProgramData\TwonkyServer
2015-01-25 15:41 - 2011-08-01 16:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 15:40 - 2010-11-21 04:47 - 01922906 _____ () C:\Windows\PFRO.log
2015-01-25 15:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 15:40 - 2009-07-14 05:51 - 00142396 _____ () C:\Windows\setupact.log
2015-01-25 15:16 - 2012-05-16 21:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 15:12 - 2011-08-07 00:29 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{62FB66EF-804C-4875-A0F6-44EE189A54B6}
2015-01-25 09:41 - 2011-05-23 16:15 - 00000000 ____D () C:\Program Files (x86)\Launch Manager
2015-01-25 09:40 - 2011-10-25 21:57 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-01-24 22:28 - 2011-08-01 16:49 - 00000000 ____D () C:\ProgramData\Norton
2015-01-24 21:10 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-24 21:06 - 2011-08-01 16:11 - 00000000 ____D () C:\Users\Daniel
2015-01-24 17:12 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-24 16:56 - 2009-07-14 03:34 - 87031808 _____ () C:\Windows\system32\config\components.bak
2015-01-24 16:56 - 2009-07-14 03:34 - 19660800 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-24 16:56 - 2009-07-14 03:34 - 100401152 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-24 16:56 - 2009-07-14 03:34 - 01048576 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-24 16:56 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-24 16:56 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-23 21:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SchCache
2015-01-23 20:09 - 2014-10-27 04:57 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NPE
2015-01-23 20:01 - 2014-11-13 19:38 - 00000000 ____D () C:\NPE
2015-01-23 15:44 - 2012-07-14 01:26 - 00137216 ___SH () C:\Users\Daniel\Thumbs.db
2015-01-23 14:41 - 2011-08-01 16:06 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-23 09:16 - 2012-05-16 21:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 09:16 - 2012-05-16 21:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 09:16 - 2011-05-20 23:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 13:42 - 2014-09-15 08:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-22 13:42 - 2011-05-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-22 04:15 - 2014-06-08 13:30 - 00000000 ____D () C:\Users\Daniel\Neuer Ordner (2)2
2015-01-14 23:46 - 2014-08-16 19:54 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2015-01-14 23:44 - 2014-12-24 12:57 - 00000000 ____D () C:\Program Files (x86)\Brother
2015-01-14 23:42 - 2011-05-21 00:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-14 07:25 - 2013-07-14 19:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 07:11 - 2011-05-20 22:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 13:03 - 2012-02-12 12:33 - 00000000 ____D () C:\Users\Gast
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 13:23 - 2014-01-05 17:12 - 00000000 ____D () C:\Users\Daniel\Arbeit
2014-12-29 20:44 - 2014-11-16 18:44 - 00000000 ____D () C:\Users\Daniel\Desktop\manu arbeit
2014-12-29 09:42 - 2011-08-02 19:26 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2014-12-28 19:19 - 2014-11-07 17:20 - 00000000 ____D () C:\Users\Daniel\Documents\Outlook-Dateien

==================== Files in the root of some directories =======

2014-08-24 08:54 - 2014-08-07 18:47 - 0000034 _____ () C:\Users\Daniel\AppData\Roaming\pdfdrawcodec.dll
2012-11-07 18:46 - 2012-11-07 18:46 - 0000168 _____ () C:\Users\Daniel\AppData\Local\270384221183696e666f
2012-11-07 18:46 - 2012-11-07 18:46 - 0000173 _____ () C:\Users\Daniel\AppData\Local\75736572696e666f
2011-10-15 16:46 - 2011-10-15 16:47 - 0012800 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-02 08:59 - 2013-06-02 08:59 - 0000001 _____ () C:\Users\Daniel\AppData\Local\llftool.4.12.agreement
2012-03-30 22:36 - 2012-03-30 22:36 - 0001525 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20120330.233600.txt
2012-05-07 11:03 - 2012-05-07 11:03 - 0001548 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20120507.120315.txt
2012-06-19 22:52 - 2012-06-19 22:53 - 0001525 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20120619.235259.txt
2013-05-09 15:46 - 2013-05-09 15:46 - 0001551 _____ () C:\Users\Daniel\AppData\Local\PDLSetup.20130509.164627.txt

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 22:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Daniel at 2015-01-25 16:00:28
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Airport Simulator (HKLM-x32\...\AirportSimulator_is1) (Version: 1.0 - Layernet)
Airport Tycoon 2 Demo (HKLM-x32\...\InstallShield_{ECADB01B-4ECA-47E9-BDCE-0CDEA6D34E21}) (Version: 1.00.0000 - Sunstorm Interactive)
Airport Tycoon 2 Demo (x32 Version: 1.00.0000 - Sunstorm Interactive) Hidden
Airport Tycoon 3 Demo (HKLM-x32\...\InstallShield_{D831BD9F-40D1-4959-B978-62B5B9486670}) (Version: 1.00.0000 - Global Star Software)
Airport Tycoon 3 Demo (x32 Version: 1.00.0000 - Global Star Software) Hidden
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.3.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.1 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1995652334.48.56.10620274 - Audible, Inc.)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.0.0-r30 - Sirrix AG)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.1.588 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deaktivierungs-Add-on für Browser von Google Analytics (HKLM\...\{9F540EA8-086E-4D53-B845-A06E6903DED6}) (Version: 0.9.6.0 - Google Inc.)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version:  - )
Die Sims™ 2 Super Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Text Pad (HKLM-x32\...\Free Text Pad) (Version: 1.0 - Zenith Technology Limited)
Fund Manager (HKLM-x32\...\Fund Manager) (Version:  - Beiley Software)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 4.12 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version:  - HDDGURU)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 8.0.13295.984 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM128DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaManager (HKLM-x32\...\MediaManager) (Version: 3.0.3 (60) - PacketVideo)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\SkyDriveSetup.exe) (Version: 17.0.2011.0627 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version:  - )
OpenTTD 1.2.1 (HKLM-x32\...\OpenTTD) (Version: 1.2.1 - OpenTTD)
Oracle VM VirtualBox 4.3.20_Sirrix (HKLM\...\{F529EE99-7FEA-4B6B-8668-3290927669C2}) (Version: 4.3.20 - Sirrix AG)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFBearbeiten V2.1 (HKLM-x32\...\PDFBearbeiten_is1) (Version:  - hxxp://www.PDFBearbeiten.net)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6334 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
Teledat 300 USB Treiber (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version:  - )
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VR-pulse Installer (HKLM\...\{D3836C5E-6824-4C9F-9B45-09C989B13EF6}) (Version: 1.5.1.0 - American Megatrends Inc.)
watchmi (HKLM-x32\...\{AA4D1C5E-116A-4FF4-AA91-28F526868203}) (Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2012 (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.03.7334 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-2189779353-2093667472-534821050-1000\...\{CFE7C9FC-546F-4C94-9E26-2E51BBEDB408}) (Version: 21.04.8571 - Buhl Data Service GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2189779353-2093667472-534821050-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-01-2015 07:09:33 Windows Update
14-01-2015 23:40:36 Entfernt Brother Software Suite
23-01-2015 15:11:09 Installed Oracle VM VirtualBox 4.3.20_Sirrix
23-01-2015 21:08:18 Malwarebytes Anti-Rootkit Restore Point
24-01-2015 21:40:29 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-24 21:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AFA43CD-486C-4E77-AA87-3012B33B0680} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2AB7068B-C2B6-4E27-BB7E-02659BC3B21D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {2EC87DB0-F995-4D13-ACB8-D05A93FE9A60} - System32\Tasks\{30064661-2261-4E4C-A1E6-5C690C87F2B0} => C:\Program Files (x86)\Analog Devices\Teledat 300 USB Treiber\DSLMON.exe
Task: {40F91377-6907-42D8-B202-DF6AC835B46B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {52503587-22F1-4441-9E1C-EB64C4D8D32E} - System32\Tasks\{939A43A0-8C89-42C9-990F-639CE9CB15BD} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Analog Devices\Teledat 300 USB Treiber\DSLMON.exe"
Task: {5F7220C7-2716-4F3D-AC36-E58522DFFE08} - System32\Tasks\{A9E044F4-88B7-40BB-9C34-6D9A215DA5B6} => C:\Program Files (x86)\Analog Devices\Teledat 300 USB Treiber\DSLMON.exe
Task: {67290EF2-2532-4B1E-9AB5-E97D2D230ED9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {71B0A50F-11B0-4B85-B784-1E8267AA1BAF} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {769B705F-2B55-4183-97D7-3FE389C7C858} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {76A0EA5C-DF41-47B8-B5FD-BAA6225AA409} - System32\Tasks\{B91BDA59-9C0C-4BC2-833E-8CD34949DD65} => pcalua.exe -a C:\Users\Daniel\AppData\Local\Temp\jre-8u31-windows-au.exe
Task: {7CD467B4-777F-49F0-B6D5-5411F78394D9} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {7E1DEFC1-5D9A-4917-89FD-4ABF79C9CB4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8D379CF6-EC9A-477E-8CF8-40E52EF3BC77} - System32\Tasks\{E0CC31F6-565A-424A-93EC-11D6DD83863A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" -c deinst
Task: {9167BE81-0A9E-44D0-AACE-E97AF7054276} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {B6B24EB4-B141-450F-B797-21AE38ABB5DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {E9DAC121-8343-4643-9EAA-27FF04648B23} - System32\Tasks\4770 => Wscript.exe C:\Users\Daniel\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {F6B6D155-E1E2-4AC5-B148-A94CD056EEDE} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F757D33A-3022-428F-AE8A-AFCBEEFDA570} - System32\Tasks\{DDD1F654-457B-4C00-8B20-5B40141ACF2E} => pcalua.exe -a E:\Software\Teledat\Setup.exe -d E:\Software\Teledat
Task: {FD98FF6B-6646-4EEA-B4BD-EA95EBB4AF95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-03-16 06:44 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-12 19:24 - 2014-09-05 08:40 - 00138272 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2014-12-12 19:24 - 2014-09-05 08:40 - 00219680 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2011-05-23 16:57 - 2010-12-14 10:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-07-09 19:50 - 2012-07-09 19:50 - 00271176 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-05-28 11:39 - 2011-05-21 09:32 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-23 11:06 - 2010-12-23 11:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 16:03 - 2014-06-30 16:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2010-08-03 23:39 - 2010-08-03 23:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-03 23:39 - 2010-08-03 23:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-18 14:18 - 2014-10-18 14:18 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-05-21 00:22 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2189779353-2093667472-534821050-500 - Administrator - Disabled)
BitBox (S-1-5-21-2189779353-2093667472-534821050-1005 - Limited - Enabled)
Daniel (S-1-5-21-2189779353-2093667472-534821050-1000 - Administrator - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-2189779353-2093667472-534821050-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2189779353-2093667472-534821050-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-01-24 21:06:01.555
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 21:06:01.415
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 21:06:01.275
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 21:06:01.134
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 17:12:22.342
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 17:12:22.201
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 17:02:48.128
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Daniel\AppData\Local\Temp\mbr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 17:02:47.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Daniel\AppData\Local\Temp\mbr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 16:55:06.839
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Daniel\AppData\Local\Temp\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-24 16:55:06.714
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Daniel\AppData\Local\Temp\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 38%
Total physical RAM: 4003 MB
Available physical RAM: 2481.27 MB
Total Pagefile: 8004.19 MB
Available Pagefile: 6105.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.54 GB) (Free:281.49 GB) NTFS
Drive d: (Recover) (Fixed) (Total:37.99 GB) (Free:14.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=657.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
Grüße,

Daniel

Antwort

Themen zu Windows 7: Trojan.Ransomlock.G
adware, browser, defender, device driver, explorer, failed, flash player, google, google analytics, home, iexplore.exe, installation, launch, mozilla, neustart, norton power eraser, optimierung, realtek, registry, rundll, security, services.exe, software, super, svchost.exe, symantec, temp, trojaner, updates, windows, wiso



Ähnliche Themen: Windows 7: Trojan.Ransomlock.G


  1. Entschlüsseln möglich? Trojan.Ransomlock.P
    Diskussionsforum - 28.04.2017 (15)
  2. Norton 360 "System Infected: Trojan.Ransomlock.G" blockiert - Virus in Quarantäne - Onlinebanking sFirm nicht mehr ausführbar
    Plagegeister aller Art und deren Bekämpfung - 31.01.2015 (15)
  3. Windwos 7: Norton meldet sich ca. jede Minute mit "system infected: trojan.ransomlock.g"
    Plagegeister aller Art und deren Bekämpfung - 30.01.2015 (15)
  4. Norton meldet ständig "System Infected: Trojan.Ransomlock.G" blockiert
    Plagegeister aller Art und deren Bekämpfung - 20.01.2015 (17)
  5. Trojaner durch Mahnung ( Trojan.Ransomlock.AJ) Norton Anzeige
    Log-Analyse und Auswertung - 25.07.2014 (10)
  6. Windows Defender: Problem beim Entfernen von Trojan:Win32/Necurs.A und Trojan:WinNT/Necurs.A unter Windows 7
    Log-Analyse und Auswertung - 11.04.2014 (52)
  7. Trojan.bebloh und Angriff durch Trojan.Ransomlock.P Activity 2
    Log-Analyse und Auswertung - 09.07.2013 (8)
  8. Norton hat drei Trojaner entdeckt - u.a. Trojan.Ransomlock.P
    Log-Analyse und Auswertung - 19.05.2013 (16)
  9. 2x Norton hat drei Trojaner entdeckt - u.a. Trojan.Ransomlock.P
    Mülltonne - 14.05.2013 (1)
  10. PUP.Funmoods und Trojan.Spyeyes und evtl Trojan.Ransomlock.P
    Log-Analyse und Auswertung - 26.03.2013 (11)
  11. Trojan.Ransomlock.P Bestellung vom 06-2012.zip E-Mail Anahng
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (1)
  12. 2x Rootkit0.Access, Trojan.Zaccess und zweimal Trojan.Dropper.PE4 in C:\Windows\Installer\
    Log-Analyse und Auswertung - 14.07.2012 (3)
  13. Trojaner "Trojan.Ransomlock.P" in Archiv.zip (Abrechnung Archiv.scr)
    Plagegeister aller Art und deren Bekämpfung - 16.06.2012 (20)
  14. Verschlüsselungs-Trojaner Trojan.Ransomlock.P durch Anhang einer Email-Mahnung
    Log-Analyse und Auswertung - 14.06.2012 (4)
  15. Trojaner Ransomlock gefangen - Scan findet nichts, JPGs und Words öffnen nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 14.06.2012 (1)
  16. (2x)Trojaner "Trojan.Ransomlock.P" in Archiv.zip (Abrechnung Archiv.scr)
    Mülltonne - 10.06.2012 (1)
  17. Windows gesperrt, BKA Virus, Trojan.Agent, Heuristics Shuriken, trojan.vupx.pl1 etc.
    Log-Analyse und Auswertung - 04.03.2012 (3)

Zum Thema Windows 7: Trojan.Ransomlock.G - Hallo und guten Abend! Mein Norton meldet mir seit heute Nachmittag ständig, dass o.g. Trojaner (?!) gefunden wurde. Ebenfalls seit heute Nachmittag werden hin und wieder scheinbar automatisch irgendwelche Dateien - Windows 7: Trojan.Ransomlock.G...
Archiv
Du betrachtest: Windows 7: Trojan.Ransomlock.G auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.