Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Log-Analyse und Auswertung: Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 04.09.2014, 09:51   #1
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Hallo zusammen

Ich habe folgendes Problem: Seit gestern kann ich meinen Windows Explorer nicht mehr öffnen, d.h. wenn ich ihn auf der Taskleiste anklicke, wird der Screen für ca. eine Sekunde blau (ausser Taskleiste) und auf der Taskleiste verschwinden die Symbole. Danach alles wieder normal, ausser dass der Explorer nicht gestartet ist. Wenn ich spezifisch einen Ordner öffne, funktionert es aber. Selbes Problem, wenn ich eine Datei mit rechts anklicken will.
Jetzt wollte ich einen Systemscan machen mit Norton AntiVirus und habe dabei gemerkt, dass es in der Taskleiste rechts nicht unter den laufenden Programmen erscheint. Wenn ich es starten will (Desktop-Icon), passiert gar nichts.

Die Logfiles sind im Anhang, da zu lang.

Besten Dank im Voraus für Eure Hilfe!

LG Markus

Alt 04.09.2014, 09:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 04.09.2014, 10:11   #3
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Mache ich, danke. Die Lösung mit dem Anhang wurde mir vom Board angeraten.

defoger_disable.log:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:24 on 04/09/2014 (Markus)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Markus (administrator) on MARKUS on 04-09-2014 10:26:41
Running from C:\Users\Markus\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Spotify Ltd) C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Dropbox, Inc.) C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-28] (Copyright (C) TOSHIBA Corp. 2012)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [KMS] => C:\windows\kmsonboot\autoact.exe [750051 2013-06-30] (HEU)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1939050773-1133648222-3210189974-1001\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-25] (Spotify Ltd)
HKU\S-1-5-21-1939050773-1133648222-3210189974-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1939050773-1133648222-3210189974-1001\...\Run: [AdobeBridge] => [X]
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {0F1773CF-B21E-4173-9F2F-B864A2C6FCE3} => C:\windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {0F1773CF-B21E-4173-9F2F-B864A2C6FCE3} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKCU - DefaultScope {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = 
SearchScopes: HKCU - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default
FF Homepage: hxxp://www.google.ch
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: OkayFreedom - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2014-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn [2014-09-04]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-08-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-07-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 HEU_KMS_Service; C:\windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S2 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\NAV.exe [262968 2014-07-31] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-19] (Symantec Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1505000.013\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-24] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140829.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2008-01-21] (eIT Co., Ltd. and Xiroku Inc.)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140901.001\ENG64.SYS [129752 2014-08-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140901.001\EX64.SYS [2137304 2014-08-25] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-28] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1505000.013\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1505000.013\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1505000.013\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 10:26 - 2014-09-04 10:26 - 00025638 _____ () C:\Users\Markus\Desktop\FRST.txt
2014-09-04 10:26 - 2014-09-04 10:26 - 00000000 ____D () C:\FRST
2014-09-04 10:25 - 2014-09-04 10:25 - 02104832 _____ (Farbar) C:\Users\Markus\Desktop\FRST64.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00050477 _____ () C:\Users\Markus\Desktop\Defogger.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00000474 _____ () C:\Users\Markus\Desktop\defogger_disable.log
2014-09-04 10:24 - 2014-09-04 10:24 - 00000000 _____ () C:\Users\Markus\defogger_reenable
2014-09-04 09:52 - 2014-09-04 09:52 - 00000085 _____ () C:\windows\wininit.ini
2014-09-04 01:33 - 2014-09-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-04 01:33 - 2014-09-04 09:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-04 01:33 - 2014-09-04 01:33 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-09-03 11:28 - 2014-09-03 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 14:12 - 2014-09-01 14:12 - 00000000 ____D () C:\Users\Markus\Documents\Benutzerdefinierte Office-Vorlagen
2014-08-27 12:59 - 2014-08-27 12:59 - 00000218 _____ () C:\Users\Markus\AppData\Local\recently-used.xbel
2014-08-27 12:13 - 2014-08-27 12:13 - 00000000 ____D () C:\Users\Markus\.pdfsam
2014-08-27 12:05 - 2014-08-27 12:05 - 00000000 ____D () C:\Users\Markus\Documents\Symantec
2014-08-25 09:34 - 2014-08-25 13:42 - 00000000 ____D () C:\Sync
2014-08-25 09:32 - 2014-08-25 09:32 - 00013102 ____H () C:\Users\Markus\Desktop\~WRL3477.tmp
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-08-19 17:02 - 2014-08-19 17:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-08-18 22:58 - 2014-08-25 23:53 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\NCH Software
2014-08-18 22:58 - 2014-08-25 23:53 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-08-18 22:58 - 2014-08-25 23:19 - 00000000 ____D () C:\windows\System32\Tasks\NCH Software
2014-08-18 22:58 - 2014-08-25 22:58 - 00000000 ____D () C:\ProgramData\NCH Software
2014-08-18 10:05 - 2014-08-18 14:15 - 00000000 ____D () C:\Sync1
2014-08-14 20:00 - 2014-08-14 20:00 - 00003500 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*********@*******.**
2014-08-14 19:57 - 2014-08-14 20:00 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-14 19:47 - 2014-08-14 19:47 - 00000000 ____D () C:\ProgramData\ALM
2014-08-14 19:38 - 2014-08-15 12:08 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-14 19:38 - 2014-08-15 12:08 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-14 19:38 - 2014-08-15 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-14 19:34 - 2014-08-14 19:34 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-14 19:33 - 2014-08-14 19:33 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-14 19:33 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\windows\system32\Drivers\PxHlpa64.sys
2014-08-14 19:33 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdralw2k.sys
2014-08-14 19:33 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdr4_xp.sys
2014-08-14 19:30 - 2014-08-14 19:30 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-14 19:25 - 2014-08-14 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-14 19:25 - 2014-08-14 19:53 - 00000000 ____D () C:\Program Files\Adobe
2014-08-14 19:25 - 2014-08-14 19:25 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\WinBatch
2014-08-14 19:24 - 2014-08-14 19:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-14 19:18 - 2014-08-14 19:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-13 22:36 - 2014-08-13 22:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\PearlMountain
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\ProgramData\PearlMountain
2014-08-06 09:38 - 2014-09-04 08:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 09:38 - 2014-08-06 09:38 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 10:26 - 2014-09-04 10:26 - 00025638 _____ () C:\Users\Markus\Desktop\FRST.txt
2014-09-04 10:26 - 2014-09-04 10:26 - 00000000 ____D () C:\FRST
2014-09-04 10:25 - 2014-09-04 10:25 - 02104832 _____ (Farbar) C:\Users\Markus\Desktop\FRST64.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00050477 _____ () C:\Users\Markus\Desktop\Defogger.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00000474 _____ () C:\Users\Markus\Desktop\defogger_disable.log
2014-09-04 10:24 - 2014-09-04 10:24 - 00000000 _____ () C:\Users\Markus\defogger_reenable
2014-09-04 10:24 - 2013-04-06 12:49 - 00000000 ____D () C:\Users\Markus
2014-09-04 10:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-09-04 09:56 - 2013-04-06 12:49 - 01555126 _____ () C:\windows\WindowsUpdate.log
2014-09-04 09:55 - 2014-06-17 13:16 - 00000000 ____D () C:\Users\Markus\AppData\Local\Adobe
2014-09-04 09:55 - 2013-05-01 13:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\FreePDF_XP
2014-09-04 09:53 - 2014-09-04 01:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-04 09:53 - 2012-09-11 08:52 - 00117924 _____ () C:\windows\PFRO.log
2014-09-04 09:53 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-04 09:52 - 2014-09-04 09:52 - 00000085 _____ () C:\windows\wininit.ini
2014-09-04 09:52 - 2014-09-04 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-04 09:52 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-09-04 09:46 - 2013-12-19 08:41 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-04 09:10 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\92C3BF93-8AF1-4A5D-8A76-D236C40E67CB.aplzod
2014-09-04 08:40 - 2013-04-08 13:01 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashDumps
2014-09-04 08:37 - 2014-08-06 09:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-04 08:37 - 2013-04-06 14:59 - 00000000 ___RD () C:\Users\Markus\Dropbox
2014-09-04 08:33 - 2013-04-06 14:56 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Dropbox
2014-09-04 01:33 - 2014-09-04 01:33 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-09-03 22:46 - 2013-04-06 12:50 - 00000000 ____D () C:\Users\Markus\AppData\Local\Packages
2014-09-03 22:37 - 2014-07-25 08:46 - 00005114 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MARKUS-Markus Markus
2014-09-03 18:16 - 2013-04-18 00:08 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Skype
2014-09-03 14:20 - 2013-04-28 13:43 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-03 11:28 - 2014-09-03 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 09:39 - 2014-07-21 20:45 - 00000000 ____D () C:\Users\Markus\Desktop\MA
2014-09-02 12:43 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-09-02 12:42 - 2014-07-05 15:55 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-02 12:42 - 2014-07-05 15:55 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-02 12:42 - 2014-07-05 15:55 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-02 12:42 - 2014-07-05 15:55 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-02 12:42 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-09-02 08:05 - 2014-07-24 09:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-09-02 08:05 - 2013-04-06 14:48 - 00003218 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-09-02 08:05 - 2013-04-06 14:48 - 00002408 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-09-02 08:05 - 2013-04-06 14:48 - 00000000 ____D () C:\windows\system32\Drivers\NAVx64
2014-09-01 14:12 - 2014-09-01 14:12 - 00000000 ____D () C:\Users\Markus\Documents\Benutzerdefinierte Office-Vorlagen
2014-09-01 12:17 - 2013-10-24 18:37 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Wuala
2014-08-31 21:42 - 2013-04-06 17:39 - 00000000 ___RD () C:\Users\Markus\Documents\Privat
2014-08-27 17:46 - 2013-04-06 12:58 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1939050773-1133648222-3210189974-1001
2014-08-27 13:00 - 2013-04-29 15:13 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\inkscape
2014-08-27 12:59 - 2014-08-27 12:59 - 00000218 _____ () C:\Users\Markus\AppData\Local\recently-used.xbel
2014-08-27 12:54 - 2014-04-08 11:55 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\DVDVideoSoft
2014-08-27 12:53 - 2014-05-05 01:04 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\uTorrent
2014-08-27 12:31 - 2014-06-25 14:02 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 12:13 - 2014-08-27 12:13 - 00000000 ____D () C:\Users\Markus\.pdfsam
2014-08-27 12:05 - 2014-08-27 12:05 - 00000000 ____D () C:\Users\Markus\Documents\Symantec
2014-08-27 10:07 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-08-26 08:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-08-25 23:53 - 2014-08-18 22:58 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\NCH Software
2014-08-25 23:53 - 2014-08-18 22:58 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-08-25 23:19 - 2014-08-18 22:58 - 00000000 ____D () C:\windows\System32\Tasks\NCH Software
2014-08-25 22:58 - 2014-08-18 22:58 - 00000000 ____D () C:\ProgramData\NCH Software
2014-08-25 17:41 - 2012-08-01 18:38 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-08-25 17:41 - 2012-08-01 18:38 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-08-25 17:41 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-25 13:42 - 2014-08-25 09:34 - 00000000 ____D () C:\Sync
2014-08-25 09:32 - 2014-08-25 09:32 - 00013102 ____H () C:\Users\Markus\Desktop\~WRL3477.tmp
2014-08-24 09:52 - 2014-07-05 15:55 - 03286528 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 01623040 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00773632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-08-19 17:02 - 2014-08-19 17:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-08-19 17:02 - 2013-04-06 17:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-19 17:02 - 2013-04-06 12:50 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Adobe
2014-08-18 14:15 - 2014-08-18 10:05 - 00000000 ____D () C:\Sync1
2014-08-16 20:04 - 2013-04-18 00:08 - 00000000 ____D () C:\ProgramData\Skype
2014-08-16 18:37 - 2014-03-14 19:21 - 05047096 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-15 12:08 - 2014-08-14 19:38 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-15 12:08 - 2014-08-14 19:38 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-15 12:08 - 2014-08-14 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-15 06:58 - 2013-04-06 14:58 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 20:00 - 2014-08-14 20:00 - 00003500 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-************@*******.**
2014-08-14 20:00 - 2014-08-14 19:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-14 19:54 - 2014-08-14 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-14 19:53 - 2014-08-14 19:25 - 00000000 ____D () C:\Program Files\Adobe
2014-08-14 19:53 - 2014-08-14 19:24 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-14 19:52 - 2013-04-08 00:07 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-14 19:47 - 2014-08-14 19:47 - 00000000 ____D () C:\ProgramData\ALM
2014-08-14 19:34 - 2014-08-14 19:34 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-14 19:33 - 2014-08-14 19:33 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-14 19:30 - 2014-08-14 19:30 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-14 19:25 - 2014-08-14 19:25 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\WinBatch
2014-08-14 19:19 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-13 22:44 - 2013-10-17 20:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-13 22:36 - 2014-08-13 22:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\PearlMountain
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\ProgramData\PearlMountain
2014-08-07 18:45 - 2014-07-24 09:55 - 00000000 ____D () C:\windows\system32\Drivers\NSTx64
2014-08-06 09:38 - 2014-08-06 09:38 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

Files to move or delete:
====================
C:\Users\Markus\fbchathistory.dat


Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3hn8uz.dll
C:\Users\Markus\AppData\Local\Temp\ose00001.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-25 08:10

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition.txt Teil 1:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Markus at 2014-09-04 10:27:11
Running from C:\Users\Markus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.11 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Banana Buchhaltung 4.0 (HKLM-x32\...\Banana Buchhaltung 4.0) (Version:  - )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04059 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04059 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F68634D8-574F-42B2-B6D0-9B447EA9581E}) (Version:  - Microsoft)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Keseling Newsletter Mailer 2.3.1 (HKLM-x32\...\Keseling Newsletter Mailer 2.3.1_is1) (Version: 2.3.1 - Sebastian Keseling Software)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Anti-Theft (HKLM\...\McAfee Anti-Theft) (Version: 1.0 - McAfee, Inc.)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2013  - German/Deutsch (HKLM\...\Office15.OMUI.de-de) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office O MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SharePoint Designer MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft X MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Nero BackItUp (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.12600 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero BurnRights (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero BurnRights Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.14800.0.48 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.17600.2.3 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.14001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.16800 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.1000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.7002 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.5.0.19 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.0.43 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.02.00 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.3 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.1C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.8.1C - TOSHIBA CORPORATION) Hidden
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 1.0.0.5C - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D5412C67-998B-4246-A668-AB522D9F63FE}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F8580E12-045B-471B-AF74-98C977347F4E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{686A7FD7-2496-49C8-A0BE-D8A1CF1A32ED}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0100-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.OMUI.de-de_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.OMUI.de-de_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.OMUI.de-de_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{00A8F3D3-B596-4E04-A180-C9EB4EC87762}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0100-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{12087F1E-35F9-4620-9157-BD9C3CFFA2E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version:  - Microsoft)
Update for Microsoft SharePoint Designer 2013 (KB2760212) 64-Bit Edition (HKLM\...\{90150000-0017-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{4EF7F4B7-77AD-4884-852E-3253D8A07E2D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F9FAC8C0-20D9-4DC7-9A56-13B02BD4B724}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.1 - Compal) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.13000 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Wuala (HKCU\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
__________________
Alt 04.09.2014, 10:12   #4
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Addition.txt Teil 2:
Code:
ATTFilter
==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll No File
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1939050773-1133648222-3210189974-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

13-08-2014 20:36:03 Installed Java 7 Update 67
21-08-2014 10:56:41 Geplanter Prüfpunkt
01-09-2014 10:11:08 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2014-08-14 19:19 - 00000892 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1301BB53-CC81-4A42-8ADC-5020C0557BAD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount ******@******.** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1B888EEA-8066-4D07-B8A3-627E31237509} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-28] (Synaptics Incorporated)
Task: {1E4D9893-B496-44B1-A305-87EDB05E0F63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {259C37A2-8CD6-42A0-B789-703BFB60369E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1939050773-1133648222-3210189974-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3B64F21F-E4C5-4C3D-9B0F-868D959D2037} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {461763A5-B1C8-43F1-AF29-50A09692097E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {4692B90E-0E2A-4232-B82B-BE0B6F37A231} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1939050773-1133648222-3210189974-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {4C559129-3F95-4598-B1D6-6CA5E17D1C32} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-28] (TOSHIBA Corporation)
Task: {559FCD12-76FB-40C8-99C4-9E321E2E6AD8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7F4FE45A-2A97-48CB-8CA9-A252475AFA00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9F5341C8-E1D4-4D79-8E9A-F0686AE812A0} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AD4A79C2-CC2D-4C4F-B24B-5974AF75C983} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D5264038-5F28-4182-8D2F-28A77F35D2CE} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {E4299650-E299-4DDC-B4DE-FEC94E70BCC6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FD71B83E-16D3-4437-AC54-50948E225F7F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MARKUS-Markus Markus => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-05-01 13:32 - 2010-06-17 20:56 - 00087040 _____ () C:\windows\System32\redmonnt.dll
2013-04-28 13:41 - 2011-04-11 07:26 - 00034304 _____ () C:\windows\System32\spe__l.dll
2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\windows\System32\ssp7ml6.dll
2012-08-06 06:36 - 2012-08-06 06:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 04:38 - 2012-07-19 04:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 04:38 - 2012-07-19 04:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2011-08-13 00:57 - 2011-08-13 00:57 - 00437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2012-08-14 05:13 - 2012-08-14 05:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2007-02-12 21:51 - 2007-02-12 21:51 - 01111552 _____ () C:\Program Files (x86)\FastStone Capture\FSCapture.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-06-19 17:00 - 2013-06-19 17:00 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-09 10:21 - 2012-06-26 01:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-09-04 09:55 - 2014-09-04 09:55 - 00043008 _____ () c:\users\markus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3hn8uz.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Markus\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-09-03 11:28 - 2014-09-03 11:28 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2014 09:57:13 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:13 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0x80072EE7

Error: (09/04/2014 09:57:09 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:09 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0x80072EE7

Error: (09/04/2014 09:57:04 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:04 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0x80072EE7

Error: (09/04/2014 09:57:00 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:00 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0x80072EE7

Error: (09/04/2014 09:56:55 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:56:55 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0x80072EE7


System errors:
=============
Error: (09/04/2014 09:53:10 AM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (09/04/2014 08:37:47 AM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (09/04/2014 08:37:14 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/03/2014 00:42:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/02/2014 00:43:18 PM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (09/02/2014 00:39:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/02/2014 00:05:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/02/2014 09:51:08 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/01/2014 00:25:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/31/2014 11:04:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (09/04/2014 09:57:13 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: hr=0x80072EE79e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:13 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EE700010001(0x00000000, 09:57:13:908 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM)
00020001(0x00000000, 09:57:13:908)
00030001(0x00000000, 09:57:13:908 - https://activation.sls.microsoft.com)
00030002(0x00000000, 09:57:13:908 - 0)
00040001(0x00000000, 09:57:13:908 - https://activation.sls.microsoft.com)
00040002(0x00000000, 09:57:13:908 - 1, <NULL>, <NULL>, <NULL>)
00050002(0x80072F94, 09:57:13:908 - 0, 1)
00040006(0x00000001, 09:57:13:908 - 0, https://activation.sls.microsoft.com, <N/A>, <N/A>)
00020005(0x00000000, 09:57:13:908 - 0)
00020008(0x80072EE7, 09:57:13:908 - SOAPAction: "hxxp://microsoft.com/SL/ProductActivationService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>ProductActivation</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[1]"><TokenEntry><Name>PublishLicense</Name><Value>3aLBLnzjYaat1i0hxwUxRr39q7R9n+r35M3FxP14uYIaYVn1dV/Oklq1Tu7g3tq3Bm0wgqMUGZ9X4MUH2bYdI4a6tL4LyAP6xcyfVYtmzwwkE7sbU14dvsMpFd6USigHHrCr/AgQoQnkEQ2LM5sQfBgpsPc2k2lJ6W4TfhROm6j/gD0s9xlFbaYaQN96PKhs7rK8fzpKsnpANfOUJhXr1lW7VVVVvzZtfoJ5KX0uqrEt4nbil+cSXmJPZa6hKtfHh0WYCJ2M2/dGu3LQ/A6W8vpvEYO/wU3SfF2SrNhlD2j1VrVOn8++DVglvBQEZ2FzMIlAdj43eFPvKaWuU3CyPeCOY7sCC0b1awdLMibqSv7WvFEdwXaRAS/2xtdcTtLPGz2UiPYt+gZGC4tW5MGQBELeONnOshzPUubf2byIjFBAPYaJI2PS2HdiMIU+wZRX7SqhhnR2zWiz+KX6OJ80TyS2MECcj2hzz2Ngwldyi2SZbsbRlWYg8PpX2/KYu82oOMk6VlG9B7dth8pEi9SA5y7PoJio+YqHG0IU24rC5tJteeQIoDbPE+EoYPRi/BqRf3CzHtJa9XawCmFaj5uXcOospPe2bgDCQILPdVtDBffDe5TMT2jhzXI2xnCDSxFnxVYERfsHjpVlDLmmzM6oyFIOF43t6BkdEz2dv2Im813cJTaEauOstDPxdOqy8pFcJXKxNAXNVSLbdUuPOUn4LszQgnoFIqlKVSw7SSED9k8N8stbr9u0BenF51/Guvg5K4uVcSqGHEuBp1O7n+vGbgdO4WTiOQhD97mNqlmTjDZFBsXJWfJFDuCBpuwKcjM3PIaQJFsnow5S0LUiOYSEgz9j2aes68mpw6dSQDvHxCbmjb9gPfB5JRTMN0E5GTK+2YTTQqaVmDNefgRmPFtv95NYKD2KsL+hCYRGKSx97xcipg1QYzDjv0qZyAMIPH85G00k5ItGT8iutne2lDC9+MYi9Qwb99BAgTfn7Z0isPUZouaeZ2GrnN0FbfrU+9s1FwoH2XoC5n1X8bf959aSjEzE1jF4idHO94g+Sx4rF9AJpPPTxSLi/0+kKmmQCQJpj31N28QTIDhhyuxQwkJEPBHDxCf0jgGVzpeufi5TZo/HxVu5Sa0I+Cun9nWZkpv4dR4/IqFTYeZjQptfTxvmPfcJmzfj/mnomIxOdbLKBmAHNL94DMPvTtiLCkci6Xs2ncmqP6zFDdxSSRCb+JBkaXksr8ZhSR/jpCMRknxKiTFyhTr/9GExJjIaZ+EB/Ct/VOrVwpaifJUP80eCdJTAri6/n/Rtmk0qJCjuVC4UZfCUXv1RSHapG/VE54kvTdMYMO1LUAZW+IuRflwKm6VyYbsh+QSp6hXdMIjCrzDBOhzX87tkSiKZJ5/g6fv1IT55wVZR3Zg/GfCfpE06rYbus2TAO+N9OiPYT5+uCjqDmcG+hZ2fSTjsIZkiU0q8a124nImHqSr3abh0zssCNJNmSDhEEnP4E0FwNfEVvJ/Rb3nSGeXiScd7y0uXypwjgCwqPW+2zGSas0Zb9i0Tp3mUsGnAeRhQOQwEVOrG/bqmfST1R3zAPT0RxaPpuD6agwFvpiTkbuQ1EVhdbPy5PcreUjNvhRpKtF2djxx8PlCRseOntFXFuuACoPkRnMk8QtQr8/420mxOEPCDzOD7Xaub/Zcz0rrhyqYUHnN5azmX4KPalG9zWYyy3FBI66W00tDOwDg/cCuCZyejL8Ex8LPJn2IbdwT9Ss+8j2BP6suu52J1+NnLlnyKe0lVeHz5Fn7bEv6P8GcLZIzL3mlCHl2GjHyCosJyEhJ2gL2yMMyVSwvv3IwQMLguwpJ/ImJkRQuCjER/L+t5CpSx0pHmGThlBcg3KbGsjHK6tClRaCMtcTIV0+4u4rB1zuH+AXeAdgd7QUNPc//SkW6sP910ug6XojkWtNRNcvEIAFYuq0UiocbaEf/ZhxloFXH8nNozQPaSRYvzbwEGsbamQnWjgTr3opo/AAehDDvFWTZSKj/hgQ1DLzd9wZs5+KBYp8pYA1N4nOTXTrg4CmyJrdCQxebhc2gPu4sQ0cVU1Qt295B23151v+WVeaAbYZqt3hFONcQFrBqHu9uGJxi78aacKKBCqVdG0c1UwO+fSGJMAEZstOP/Dq8oI3OTiOUKOl+e/WPKn1Uwf5Kjm0lsJCqDLbFAZsGnBxtkYL60pppwrD5B48t6ZtMvjwMOjbZRANkihF4LI+sGeMeiRCJy+OhttG4/QeIvynwpjbYj3T9GWs6X242Xp1NQJBXvs2w1C52LDWVbZke/hVfxq1nfhpkReBbzlT6vfGHj/yf9jueN8WuH32RxJBYlxKrufJLXyfKcD4yann2zLt1u8bfBiy3K6L5iVvn0FGlt1vmD8xaA4zo4Hrx+9S17bYHELcMXNOKN9WUHFhMJdTcpY09lVKiphpLxkNK061SdpefPFnQmifFji+c/mkSi8RM419sNp/4jXnXAgLq3csVP9RJaqvy9j55uis66oE69176XcFecsOkOgIBuKWIFpxsWOo7l7/z1Q9d10Lh1tDTP+Zf8oSBVbwdN/zv7Zd9ZWsAlV4J4XFD8BnoLj6FM4JYYY4HgElk+t/NUNdRCx8Lcj1fUpXzEvewTlFLzQ3R+rlcn34UNMcD87EdI3lIb33WBwOrk+W5dLxS3vTWPZubb2J7G83PRgwz86FrG0KAdhq9CBsbTquTwwzkTbOb92Cy3d6gJH9aNL+AJM7nKoeGynBO5J6BYdMmpcal9jVhnODXDy7u44JdrPWGswZM23h25L49zPcgyr/X0rHeo6ukgMKoJ8gijbj/iJ/JETJiewQzyTpCHsUQMGXP1ZnOf90KaAFjtkfzSpqxH0YsOAOhywpTIBFhpk8lw/LDzaWLRKYafuia3aw8nan3tOuSsvN8j8MjOU8O47fA2/IGJ6AHZEs/D/P6OHzcWtbrEXEIIEjI/bFExznA9KXFAOq2DKZdX/3EbwyzT1y9XZyxxsX4Y33oKBi2vyjum5s1kLQmNx96rHXQnDa/edezEc7K0gPZT2lAZ3ZApp1MOPEk1LcWQ1LPB1YFn6v5z6Vc8lW3dVNk8tCajhtJod+BvOuajWcqCi+oBEE71NtT0I/ySf223R6uYN3M4mlzBfaQGwAtqd1XW+vy2/RbjPv+ClCDARbYfy8fDP1RzvhtCm1YQassJokQfbhzI2++fCpKEDeXQcQuR0sgSFqdpQl37w6em8JFEp5N6paX5MkpxG9KojH7NEzmsUos/GBIXqRagds2zQpuPr51/ued7hrFqGmPbUTGRgbiS+SA5KTNvQ1m3R3jHjDQShuC5NPewtGVuVurUUaOC4kUOs0bkz1nmYNZcOq0c2qBNq6blBrPwMwVfPj0z8MDlobIPqPjMv2OmXsRPNE00eY2/2qU9rkLif0tYQ09bz8RN6aE5GANymxXLlpMYhttsk4JGsg1mbFXQEZ1OpSr0ucrwlYx9AOgOiH/5ZnQm6QxtMDR29HVqGyiwagnCz4QQ5kjZFsR51n9wsTGOp1yN7RppKbD1F143wnbl8pgkfyw3VbXbrSjJ/wNWz9AAz54IEfP5xafur/aegNo1OdwI15LK5BLv7xAp94fZwhJ3NqvJQxrno+YCoUyn9g3/m6Ks1RnIcklFemy3hCr5xGxOhxgVOHq9Ekbb/FwjXsftfZxaiMKqiP/8ZthkNCWtBNPkbe2ThEoGNhuUjgfPxE1hRdXVxCan5R/0u9lum+iTriVf+EaLB8pDjE08I2tsWlRkU3cHanEWsrGpoz9kPNNhAtPqgCBz+4X+hQeL9LjgipQBCS0o2oRfzumDRVFeaSpioH9f5Rr7bPWT46j7FVzvaCfXeWiGswCU1+8KN4SCr6T+WqlkCCSEaZV301KY+kycYHglDB0BxphX7rthGl5YL1GqsQAQE6lq0TGYixtk4roQmDBYmPifntAaoPia0AgVPWLpcUXlgMi9iN9q9zBjiN+BKR6XyozIINtnlPBlSQWmVxjJw3lWSgJn4vg2lWIKMK1xCGmhuys2qnufvam1/igF+kl4HAvPM0GArL//2kReA1AkGn1jMxa9ho1pkwTfWAhlQacKL4xr5sYd0n6rg6X9hcewE966MKejTLO+HbS9E2Al/jGIgtm7DynB5XRf2rE+N0pBWgAS6jAvuX0Aoct3zb70Iff8fENpha9E90+8wJ/zGggOV5w1sdkySNv8SPMVxhCqXYUTn4ooPukSQx1fRGEZHjitp7JRuZ16ATqbuglg7zdv95bJ7LiWr5gRlWRj91YQWGObLKv2XbgUAE78D15yO7idXhC9HGhoDFqT9s6rJhBP/jjaGF0yyOR2laF8t6gRdAfnL75GOD9VlK5W9I38oFXeGI3deH1D/11hqJp7kKiaUVe1KiuPLVlAEPPuq+SpdRKObhJlY1ZuDDgrQWJGR3vdldpnyBcS+aOJMlCi5e3GTZN6cKEtkufArtKE+572P4DEzJub9/xbt5RfMLuybAERSk85ZylaXDt4SP9Kg0UGy6hTDsoljr67b4T3RyGbjidSValm50pwPhkMrbVMAkeRt4OfA1MSd5qNqGFDEImo7LFqqeIQpNeP4RvybhFO5jM6+3hRzpSu+KoWdJQrLuq8pUxsMG3JWvRRBQRC2+j7/MxEvNj6+iQSZS8tL0jqqLx7edOoaZpuhd/bnMVZmRJc2j7F1lto5SgWwXMXxu/OI2Pu+b54vEmg7R8+rV/C8RvXwEPrPtCTsOJRmQyAY6z3+n8b5N5Me+VVOv2SWbcc5tKIcKzjDlK3xAHE/v5JNaT67CrGkpyW6FozMs/JJpG6PoQNmKF0q60Vd1VW483qDtQus522NqEKkGL6OrEMdsVAi2+LeKvDQNlXKKLONLiQPsCLcmbo0j4gmlmR3FiJJe1wMRyhqqwpmNw66dD9fZ+ksJNz06syn5XbTyr3HYyXCwzwPpWITyTa1ETuJvUvaJTkw0caq3npzrE8K+aBzqgftJuQ03imSg6kVlNsD8C6l42O/vUj6YYyfFtFEZTBpDXrKW1rAlLsmTX+1MvjfqGH3yulYR0sMdnqn8fmhlk1vPKIelezRFbZpxz6SvaCpuVVKkPwLI7nSFuvlR1pXI8780yMh8aLzAWP49/Qd7j9IA8FEAGeav91puYnFLlxA/TeLyW2tAaV2XIhcA8BhQLu1m38QHt0sfW9a6Hr+DXy5oTUhRPfyOlOgKIR+ZOVmHgy733FzrDe9JRvIht4mDQnkLKsySAcyBBd1EXHJuGUNYwwiE98Bu3odELmQ2lKXg0nOo0t9cpl8wK6ssL/O6G8eJaJLzFRnAaUThXA/+YnIblySCrVzrKcz/MrE7D5l5M0wJYEU18Z6ymvu0q3zEQV9GwkxvPNmXwdf5suA+iesUMFmOwZ0l7jgflOQBZYhLteZY5NId9cT40U4fx8XP4/9mUm4A6SY55yS9KJ4ugWdY6ewQNhxqDkhdQRFgCG3iSIQveCPl7J6njzBImlCd3b7hZLfsIrwOPHX8ptcOpz42IWs2sBU+QI7pp9rHcCXUK9FLzOPDzdxGO3avvM4bbrdwf/RIjpuk/hULkQ/FGn99cS90eXgpu+Ac4xnBvG0dDSjj42oIOnBC4b3jPRfoYu+kOtm4rGEVhSrXDfEnmioNEAZIcn0mqAeWlDVdDlGmCJ9eBkeXjgE0uedr5vHjZyysnR+5gCFF/7x6bIpCXV9vU/txkPxcCWpxoidXGOZTTDhywFMR2lWrCVaSFa9vitKj2gp6bC2D8kNmJEbxzaBEKsywJPmXMd0DkQBnrPwnMOz/2wQETVkiBC6zmWqAZk9BZtViRVqI7lSsrSYJVo4dGiv7bTMr4A8UwFgcxCc3pu2afo9Spk234NA197Zjoo5KAe3vfvLpSQfsRrnLkYsiJJfFVOAlLFijsilT1FnCEuJjAp4ESEWsaPzlZu0QQ8aeyNxmkofLXpTsPU2iQ/VJcnCpq58d3ra8BwuP8ICHkpD/qYUnDfvuWwsepK8nurM/QwwiQPWYtp/3OlpMdTPTAMM2fBy4v5lRQ0dSpY1AfXWs7LgtIsm9wlFBrbIeco6Ao8F6Iay/UkgDxx+rltCFcZCFvL+UVoxlW80lSm+fKWWQSI2siwn7hHBPd9qMa0O1CjazmyYZb9P7Gho0TjC6wkwgBAlA5aorrtAQ5F+opBwaIiF2wKYWGHgm5qGk7/wPAkmwuGSRxJr/A63yckoXVK4R39O2V6eUcqANX9AQAq/j4chNaIeMbOCxf2EcF86eDPkDE1615j7dAsmF5KRJuBi7UMs5m+4WYgqk4umrBoTVf3BlkYcdimFoztCXhtgFpMTdiyVQeRbNV7J/rfzJQxdLM9VlJH0x/sQdBEApf4QrcdBuwwOKY14O49w1G7SaLxbXNLf+R5vX0Q+ExleQqEplK3zKgzii+4PjGEdRW3BFFti4dGjBVvjAXbmzTNoI+I4bkwCW6cgiQYr8zQHIZ5L4bSUy3FA97VO7Qf6wMij+XsbjlUvcxWjlSf3A6EnJRuiSoWcTfd5UjSqBtVLs0GDptMIxaUrOHOSqCeB9HMvLdwD7uDAjXgi6wXB7r0ax/ubSSdDtt4nUCbSgosJapl7KA8EsUTT2yjTf7rxaHcj0YczwAWRWbB1HU2cu9d8DZf6JktmOvz+WS6s5FLhPzsfwXucZplVAxCgZayrS7DXFniDB83i5Stxk3tCr7xB+3ziKiXJW4jrYLETJb99qatxF+PZctO1vy0SOdpheIqYYVRF/MgnLqFUYEFqrWO5vbz4cVLy6E1n/AO3SGCoPSDtY3DBHEst560uvw6dDrxHCqfHmgT01b9MOqtU0TTUdNLTLyOJhlLWRpkhagWANh/2F2YR+if7Q5CvfjZcSle5OPlF3L12AWlNDzxiVq5PyXX1uHZi9Yl5fV5TGo6sqI4Ne6i7LZJI4K2VQPebWVWRusLX5i7ylD5yJz6O6765fH9WZz3awpj5ux4nRSOcuEIe0hwnaNbA85RR7US2d5+JUb6mXYOdNEN2yOoBrn3PBmK5y4EuNFkI2P7+rTsB4GtztPq3gM871HJ68Puti+G4N4HXgD/6wNnUAAwJ/RZXu2nKe4IbV4pin3H8KSQUvKC/DXCYFl6Losi56dqASHlS2u7cDn++c9Z1n5xXa9LOIxeA+zKj+2KRY88MxA525OkhvVTSMJCIp4th0cfKNe6KpbJYZ9irQnAxk9+O4Hpt0e0f2/EdTXiU5S3uTlgJw7GAmFnDCn3ck9p3n+wwRTdPlwIccPOWI//+J2ASOsLcAWff5E5M3l8plWZFL5Peo+ei03nd6OyaTg1heWKd5WbND/ghekSOchJDZvpPqUNwHohdjySmuMobp9dHumiALnaOhwlqFPSZRRieuZYGU5aKudrSmY/p7ONCnfjjwkkb7Z+mQ6x4MeJsng53LU+kgOVmJrB1tzCCsx16prBfZNxcezE7Te6RVcNRa9djDJtcEA14pEseQ1UrMYmiPkhwKuNdI5W1mFkBx/suFSjEjkemwfkMOPIg1riMsz/kLoLCLdbVOZ16F6XEWmTkwq3J0Nn2NrpvP2x8JvAypKHnvWqxUgLu5ThY1d6tbA5DNW8RSp+7s/Xc/Ld5rmJuOX3gAlcnf+G7hD4xvixAZpfsHI9mdFcI0TJunWbJDajKTtaqpRzVG7c/IPUz4epS1EiQnnsP2o5rY5n/Eb7jQd5WCkMfy5DS6pgbDCzJpeA4fGJaPnFSZbt1dcdlfD3a3cWQnM5jcYGZFwftzEiHKGmvGPsVh5ix+WS81snSE2D9naXy+HLGZuGm+IQDlMq2tLSABZqntNeyPvt4Fe78Q0wzXlBLZBLWgCLTlHu6IxV5fcqzF6MlfDjfQa5tgf8mzu+NGwSKO/wy/648WL/m33hZRbMJHX9RkEkRLa+55yiDhIb+j7qSRzMBmzhy3dKiKXwKvku7ntASBSsev+c7rP++8Ii/N+26/F/K+1kNy6gq2760HmPxKfFYfNiYkSKfaoeAnijBLcKjX3w9GhUiJMGYA4vUOgX9MDl1TV5P9OfFtHrfiuMRutmR75Jvm8sbWiAYfnj0kw0NGOTIjs5cTLQcRrwR/GwB9IDI/EmyLfgrNirwkbKwR3w5kpulLyZOsKzCcTiBULi8YIw/w6J5x9b3+acBN7jwUIsRYLyQpM+nNb3EeYdFNT4zyAeWkq0C/GzqyHDqSZpjUcZkjcUE9k7Yq4sJSAEVqJGU1BNyUboZ7kCwDKIZxw0uO+4+UH+amGp9TusI+thxwzp+dZlyeQXI6xF3xz+bP5Q5FgNgw53dm9wemzxhV3UFG19tIsvNSrXxO4TR6WO0s4dpX9prDRx53N6T9SXbhqct0QoDqGfcy9pYtitR80QOhH3/oS5FSMYYqYyUDX1pYSPNi0xPJhJ7OiB3ARZsDGiNkb1RM00kIxGvqRo8jokT7E9yNq5tmzQYZu44ptR34yC2WWq1rTynNDsG+/uY2jxXtOVTsyqB0kA5TWcccwxaM3TydTcdm4FIT+BLt0DRiFEXAeN8ehsnSBTawINEXOXJ6TeyrjDTlQBKpNLDrgrMDRnngnzHUsUNVJVRT3gNbZ8Ur9AixgMFPO1rKzlfE5jPgGsuGjZBBOD0PuP8OjzzbA7cF3N2+5t50hgjaRv+JjFE8BQ6OGwk0qeyw2X+WVVfWlbHUbVy3VgtqMUX7PphPfcNk7WJQHNhgPSLI+5aZCydYzlWkwana5FkADUCrFPYQxczx2MBLs/EZ/7kq3R5ePmJMaWV/5dzGV6Vx5SE3hXWbt5PnveoWiJu9fcSZK+qToNvxK241T599oukKm8hu8SziVw9D1Z11LlXy3dc3K8ugm9AdyxLsHuGlwDVcKCEvyf/ozUz96Q/ibbODKawjjPecvM0G5fykDb8ufr6/t5n57txvdRFalYCcHeBV5kc+GhO8pMOBcEqSu1ImY0CirglQoDaO0C+q3iHCj9VvxcV/6ch21hYj8dfEcQ4ncfZ5csXTA/oduJrHarOEhq2Y30kpT7GatoVwhgJSJCOWmlykfhf0TZn5PNQ2rFQ844w+hRSt/xBzJCL6/HtyipiEzm8fbKnYttUWHySHyyVWOEHuNm0F/y17vRhjD4fVz8WarC5hjXWzoAi3i/RyzQUcT2SONS9T0c8q+nMQSzD9rtyVGCouOsGO+ps7AleV536AakKEBaSFnOtoEctH53KUxJGTAnWdhzCbGhBfl6Y/eO+4byBRNTLhOp/iRS8rsWJuGGtzm0150UO1vDlCpcvwlCBHkXdNSy8E+7fQorQFiI82KPA8uJ6TL+hwwm/HyNzOyuGAKk+J674vZn12et4nIBkWZiStIx3v4ULHcHEJmdKtuNQv7xRcPqCTmbdTG1+GwEWZxvG0ZrN0jyaRkMLzs6gBmFs0tFIJxsuYlTe8kTC+r5OYgFs92R0xEtIoXL7z04YQDE98sgWZZrqTXrAHTTFSu/xFnpYWATS+kA3QGwPK/i+7TMJO57ToRqdJDmKckNDpN0n+udX+m8K4ga0DYS6maAfdu/obznvdUHBrFqRUUIhbjnJ61wikNuvG2KhxTR+MInVABtxHwUHps1i1wkrVGqxus2D/pzy/bhK+19KUaoE6SowfT5jy0KC0rlZAVi+VxmGi5INOzEna934O2YmUi4sgCHSdFc9sZNxmRovJmWqPVHdJu6xIq/Pu8PjM1PKk5WooM1xYIZlN9hpIb9SHW7J4+v7B5xShAXs6i5Z2uOoOGZVyqKGZna/uqG/JIih6E6MGpAYnyMo7li8CHGqWhlGMU8AiX3XrkgbjNqMgiX8EhzxnFYuFBx+6BREbSNcxbS9tJ7E8cib7rqYlC/iUmN3hDcgutCa1gfO1P1ESlGCbY9hZ1xWJEPsXf0fHZTvsP4eeO1qNalhRoHwQCErcK+L07GlHKo+C+1ESSpN9cuVIUR79KobAK5BkAKy9OQIpx5avJTZYgLHCJB1D3r8fiWzuXcr6yGxteFpgzwgC+WZr8KuouCGT9WQ88lurooIR7tTmKVsCaJdvesRI2su92O62fmHCQuaD9asln44kh4GJm/Un2iVa4q+jSKs3uKiQSkV3jq2TWAidfgfM/xIDB+21pIf9Mj9ofZglSsCWm0bNMnKAZRWBl8jLXi44iWA/fKMWEJMRIErS+4W+G3X//JLXQf+T26NPRfK0f/xWUu8+0xV7CCGKUqaEC0jCdB4ibMvrFI8n8WakMVGo9FSxVE+RSg1dAYhLrTgY/HcHR3kwD66tAhc87DW+XK9htzdLlMmVkHc1m8xEtRrlW6gkRe3JN3PEJYOsISpBZAnRV+1mf2Vr/OfmWsUDkyCbHky2YUVo8Imy2k4cfhynVVIjkrUrEBJ2tlvvakJwL8Pz5uxM66AF6hBRvSCXnYhPffrZn8LNpvX3dkEQ33vVaRtP69hwkkPVGJVTVt4sTuJZ9u6mlK0MagAvQ+VbcY2MYdimNAYD3XIXM/i3dHT9ADe1PtRUcGf5BICYs1whh3aW11RfDG1693ZoZsId7nHeiPvHOB//gDBZS1c1oS3J69iNYo1b8SnTvzeOd8FywwT07u7Ccp2t4xBwVZtvBaikv/OA6/O6PebRlRrRUnFehXrflCEYfrjKjyLhj2rbh5B706few1BKWAU6v1gYQcsw+TT/Io0XSAJnad8UjLAiYMRX08QNjrB8a5nkMALyClUWPe5xv/JJ3DroyylPJAHtBDhkcFaWc/cR1dSXdk9SFY0DU9HQt5h2pMoKwq9DD2Hj790TBLRc60pk8u+e3tpESdv+9rii3DeTNUS+VOJYELWX4ToBB6P/Gx8waJVriS01PvB7S9qWuzyPhAISZeJt1VwYtigR5tIixJm8vTbqNdvudguk7cbGhiocMebzri7JPCvHWX8kG1sAd/oeIeqOSwaenVKLi+b/DYL6be7wW4JhdP+PPhw2kWGNgic9GeUMWJaDOax1roxsoEMOffJnwv3fFIHl9o4eVigSAV2lNNhKM6p4uBRZZkMJaeEDk6tEG+wJl5rR/C6uKtxOAfE4w8oCVJTqe9ykuZQfiMzG/UscsicoCnvS7viPLeQgb0tu8DlsaUdfv12/sLcbBuHSDxMduegvjtjvzIXeurs6r6EFVT92/QOH6Mxb6zrCju4057ktPFur+IGVbGRHI+e3e29j5TperKQIjITzR7T7ZRG8Vsfw03FrqEzgj6rRc9TJMkGXGyw7BOZila98O5WJ3uK6vo/VMyDn68NC4l0UzIl9683x4pt5+DdAkWx86K+OJ/VvEmmg2H+HOMoLljAxsn4MPjzmFGDEp6aQpkdZdoDxpIWVolfb5+3gkfaw1PVy2g4CfQnjPFpcjrxyIZv7zB81cDHtWqdR8okcXwehNHPPxj7MeokVlnbUHbUQhbXGqaEg30dhho4KlDqoN8jOpxz1rlC69MhuUs41BPFoZ0heXBRlS6UoOXwAsjVH5AyDuO73yonGvskdziCC4hVNhfjFCnwItxv3T7kOwE4zVbPuPXm4C13i7trMV/VyJQGZKz0G8lnJ1SKKRU+agAP03ud75Tp+O2/COAuLV4hU/CqmEhn5xQDCNWWbBnZziQ8C6ijv4xAxKt5EHr5BQ2D4C/VVh+DaraGk/cFgVPP8YUKV+/u/Ekmsc+bR72+HJvBIDMVZvW3Q82Y5HVKTVNP5oDvSPdfMwby/F26IRej1Y2+yKykEWz2wuLHeKoWl+ZFQp61i6ERCBIBpClDQHch/7DCBl245sZepP3tyif1nl25Ydn6IH0FW0t3A3VE+TG1hMpYdYqzM5mUUnEs6evf3KwbDvwedzQ7fU2Lf51fQaOzRBSs4UIuKoO77oU/QA35B4K+oUmzwIO5KOWtHyohbRy6hmGYTbpAS19hBVYdNB/Uw0ePr12WzevTEsP/W2OE63wfLJPf9chTM7JUWGgtvRAyp7ypYKxwGx+AUjtw3vWkRf/fbJvnyFYX7aD0P6JzVE/1UWvjZuHRw7gAPtvLXKPrgjmGizOXvXH0SvRdHLb1nz9R/oYPHZUI9QKV/7C0Lrly2ruOGfZG21XXmyVb7LR5/xqJTfsjHgsIwbP3P9vmE3dDQziJAO3sicMEJ3GITy8D0LEyl/6xWK1sSHRlvAUP6ZOEkWpzOrDlqJk/ZHNlthxIaK/6Fodo4cWQl6s0vKu/GiHkqqKyj6opHmQ/YQOVnkuP9MRDySggKWnRNyYxX0/jjs9ZLvU3UFFwHsZmocTpne0MfFLwFN3/i8Uoe6YoBjp8RkKXyjJLVeij2faeYVKOsRD6vuST1XiD0NSjHFxczfyvdDyo1QsaP0vj2yV7KpSS8dIGz1DFo0ycRbuCfIwMqSeCEBIFTIs6dZAA+toxj28nJN5eK0x9712dFQ8tLrG1zu0uNkDSw5keTlfzUkfyIfLgNpIATIbzzBlW73t5tiBS24bEuZvaN2+aDzdbSorg5TYHXx4ph70DHeU08XiO4NjtF6EtwX290jA6sP0OrvfvimjMLnSch2Mx0SEuXpIa8QWX1SqbFF2j6ZWAcMnKZCj6Irci86/Y6P8sySuTYmbfCBjghDKx81WddRGpq3b8LmU6tYx/brMkrZ0kW1qeHk+Og4xYT/SsvhjZxAZNR3VvuhVis/icVVCVyNvlYrAWMJUcV9OLw+kQEviZDuSSpyHAtfXH5ZL+dZPNeEpUqh3roe654Nzty0cbkpYc3ic8P1BnvNVDL7swqCS4SflrmTVzD7nXPDCA/xW7MCY368OTIcFcW1l4KjGsD8joFyKarfQgZ4JYtwd32XWmfqc5Hk2O9BL0zcE4EvltJwodUr+n2zJqfAWvuKk1SxTQYyk1O+y8Lme2OWsEEGt9MZZYqybcGsT25hNr6uhHlNJ9AeMrBMPACD0pc+OlidZMIyaLRUPm5BxerJU4xeCqp335g7EzhCMkLLKeGAxLGbs5TFzyjdXTR9oZGQ+F7FNR8cm7lZtJdGjr2I5xRU7zot0RAFE21z9PF9uvApVyUBL/sK5G4mkZhHCzpaZg4zdwW8dIIIioxGhakb1BLKc2pbxnJy1AlQqRRn4IO5rD41gIzOj4GT1RTE2+oMO766PSK6VMVnFeFOYELWTSaNUfvm/EMVmJarHhZtRTWPTGGm0UI7zTxTBTD/M97ajwa+6UCh2xchuKl491lUBgGbGwV38oh4lQ+S+Ak7XvpKGXqLxkbE48Koo0/MkNRmJv3CZYeUARhhiIr/mTK+75tixVKR+65bFbGo8tzT024jcbx8VDbErZeDwWCAz6ErkjRi8AyLlvlJtLAIu1cTKwgQkZ5auVgJGZC/L4v7R+eu5kbZmigPEBESI7fZ+VExjuB4bQuQveko72p/hOHbHb0CFwxXYuPsNm4WkgyTsFeCOS8jFWgUiMcW6kPFAR0jsyf+BJ8er+2PmxIwmGmE3Szmsc106OGfOta4xn2bVnHAtZYyEvPk0kviBuPCaNJrsKmGrHBPM+mPRceQnso8XhRlTQWlgAfYs6SpXNwDc2opwIDIIHJ5bepYURoG7zpGROuEpyH9byRta3njWiSBli+apD3PbnvuKAu+rYhGUbVEiCgwZqaVPmVI6pB6GEnve1p6CTgRppQy2aGSPR5Tu1PfM4adNuvZ4HOEUgdDZuQPmg9pkDpIg5Vxtofq2ZFQ0jygm/pccnOBSGXaYWjE2G5LFSEB/2831XQwW9TJLzWY7BM66zMpD/PX4yVx6E7KZPahRLQxpOn45zB1lak4tZ/ROaeSdak8x+TfOJjl7N+kyrjMYcyykCqXbMlM5Ac55d1byhMwNOE0XH85yCXhRtPo36sW5At6vE05hhNliQKSyXsqmKf/EqHIAxTms6jDtRczpZrWG1e3cZwoHHiv0+/WV9FJcku2yGaUyD7bdnaRMUXLTOpeW3fBDKR+rTbDJDyQI5fV98UEEv4w8ry1eXK0wDOFgvUD/r8ISs/diajde+HOKH3ftGW7bSMATxtYKem3h3RjZadOzNluCa5qr0/Khor3eauL+3RxPN93OFKqTW0VSJCbmc6P3045GIOGiYlJ+k74wW/53SwC++z75f9ljBiQ/IyeMqgBuzcdJ8mYFnyjUPgE+jnu+CNDojUpGJru6ZugQtpEc7L8aQmBCUOJ4NjkewKW+h+vn6z4qj5nVkvdBOVDLSyWFKQkn4miSSAdpz+84Lk8l25WvBJEsErhr3Pv7ibWYF1j7syIjnvBe2vDcQ6ejeaK/U3ZwGUclu2Twgc3oiQ==</Value></TokenEntry></Values></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[16]"><TokenEntry><Name>SessionKey</Name><Value>CvT7G70Et5qB1K/Q4gsSkGAE4n352PPNT1vnIokv32jpbplxr5rh1JLwiny3UuJe46dKBG/oFKeEZpcRNOj8srmTFjuGRMLWR8xH81p1jc7ykxN/W7jlapObjQhRcfKdFL4j9UI+0rl00x5fflZQWSMYaCnsKKyDUub0GAHFuVB0ddn/fXmikh+9kqFC9HfL+7h0SRtn4hyvylN3H7xNuqGxr0nhwt7eqN8YtLVe0VGI0nP87AXdIaKQDxjne2O0h5Z4YgXtg4FBO7EOMndG02D1/FO0PZzk/DxzTSngpn4Eu73pYExWURYFtFkTO31VqHyic8x79WAUbrLL2SEDag==</Value></TokenEntry><TokenEntry><Name>BindingType</Name><Value>Po9A35cSblQTjgUiIn8LoHOo6+IV8I2eNEeRwzx/Ttk=</Value></TokenEntry><TokenEntry><Name>Binding</Name><Value>IdozEqByNtlG6ZzHDLjvL55m8QYkWMrdFuw7VeNKtYYMUm6b9AMYsg9EsMnnf+dtV2dkoA9Xan82pRbkXXbZVB5OWRIByGJXgJJkjFDtSP4=</Value></TokenEntry><TokenEntry><Name>ProductKey</Name><Value>Sa9ExKV4cCW2XR1w5N4mElAJ8PI9W0Ylsrr9Pmwdfus=</Value></TokenEntry><TokenEntry><Name>ProductKeyType</Name><Value>Po9A35cSblQTjgUiIn8LoOKCoH0mJKV4MPwE6AKS7Vk=</Value></TokenEntry><TokenEntry><Name>ProductKeyActConfigId</Name><Value>eFw8LWG3Xy/Xm/VxQSOZKTr3JyotTnF6FBa4TZVT3RSyv+IbS/iCKjhEmf1W0V7IVJAraMMpeWG/ykms1N/ZjkIM+FsLQR8ss+eVZTT5YyY=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.licenseCategory</Name><Value>4JI8Ct7EWlUpuNrdvu91tExLFc8z4KRjQvUxtjSYiQE=</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.licenseCategory</Name><Value>4JI8Ct7EWlUpuNrdvu91tFsYLYTG6iFnBfZL/ogmodM=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.sysprepAction</Name><Value>UCw85pp8ySVav7VYudMWZQ==</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.sysprepAction</Name><Value>UCw85pp8ySVav7VYudMWZQ==</Value></TokenEntry><TokenEntry><Name>ClientInformation</Name><Value>dC8GJtBg9YVrBO43WcxkU00bszitDXqMXrTgowmCjHiCYK9MqPR/01rFAgxWuVaAqMjX0pbAB7cz1ykiZ+IuCQ==</Value></TokenEntry><TokenEntry><Name>ReferralInformation</Name><Value>Rt3XctWvrY6F5Mtck5rWig/0391xsMZ3K/K8MNO+OV9SgIo2Wl9dX6rGrrrYL+hEfI1wSK8slW3lkIZVEm6iRA==</Value></TokenEntry><TokenEntry><Name>ClientSystemTime</Name><Value>EICNgH4nC4zJ4c0bnuANTP5bRax8EnpB1m7VnmxSovM=</Value></TokenEntry><TokenEntry><Name>ClientSystemTimeUtc</Name><Value>EICNgH4nC4zJ4c0bnuANTP5bRax8EnpB1m7VnmxSovM=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.secureStoreId</Name><Value>9/IDvI7YIWLYWT5mdBmFa7ekGndPP3L4MzNp47ZhLAjCHBMOWitsomTckniIW6zx</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.secureStoreId</Name><Value>9/IDvI7YIWLYWT5mdBmFa7ekGndPP3L4MzNp47ZhLAjCHBMOWitsomTckniIW6zx</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EE7, 09:57:13:924 - <NULL>)
00010003(0x80072EE7, 09:57:13:924)

Error: (09/04/2014 09:57:09 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: hr=0x80072EE79e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:09 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EE700010001(0x00000000, 09:57:09:408 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM)
00020001(0x00000000, 09:57:09:408)
00030001(0x00000000, 09:57:09:408 - https://activation.sls.microsoft.com)
00030002(0x00000000, 09:57:09:408 - 0)
00040001(0x00000000, 09:57:09:408 - https://activation.sls.microsoft.com)
00040002(0x00000000, 09:57:09:423 - 1, <NULL>, <NULL>, <NULL>)
00050002(0x80072F94, 09:57:09:423 - 0, 1)
00040006(0x00000001, 09:57:09:423 - 0, https://activation.sls.microsoft.com, <N/A>, <N/A>)
00020005(0x00000000, 09:57:09:423 - 0)
00020008(0x80072EE7, 09:57:09:423 - SOAPAction: "hxxp://microsoft.com/SL/ProductActivationService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>ProductActivation</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[1]"><TokenEntry><Name>PublishLicense</Name><Value>4rkZCkh+jhvcp8VeCjCWfJMn4CwjbCkEJ6fgAIWsiIDf8Ya6X7i8zXcR2nvQZ0sVvdK6P+E71iFnOhPt40l1JCKArDwM4vwL/bTIKWc2rHhG1d2b9EhcvJXC/wZb7XFFQIMywYtTTrwWtQckeS8mf9r/hKWNaFwc3il9j0qXHkTnuh6AQJ+bXkO9VLOtCdM9L3egI17OjOJsIIZfrC299rcFGKLsVGte1tDbfFc2DvlZnbEi8owewOsDMG6OuUTOnQb0e1oiANos9hGrS8Heu77KOxMWkhOyumMXkjsokuh+Ni7NkkozBZFew88EFNwtgH0QDh6BLsS1wNAl8YVr9JXIZY+gtkWf8205kRXePkUlGhSUgYAh0/3bAJKOjEU3Utn6nFliGyajRHq4Y+i3zjZUN16Hl8LoMmQ9Krx/581/BB/d+gzGaObWKAf/lVldymNJPJsrxmODrGbLQZOJP2jUcVOjSsMP/al8ExbP9LfdyEQAxAcWGk/56NQxKBsHjhHyclfW1Jj6oN4/KhLvapHXUiDkX6qGlmtgKtmSV8POc4g1YKbds0Xaq7oqtpqvddCmBhRP9lADBwgtlIEmRpKJsCGIaR+aGP9J+H7VKTz3m/hqzZFbv4xSrGEea7p92mGrHffyUyvXGXOaPK74JbYPP9BTeiy79ozUWIr0CPvzdJVPNlZkoSx7tMY8fvHemuJfdy5PYBBc8u+Dme198b2SuwAkmQTHVModPW0KCWqJ6xWC6N86+0/UFQEAF0893bcK985p8lSFh5lplrAuhuqBYf8rTGrLZf3Olqsqy2ZTAaV0dBsm4BBNx+kzzQUMPy0svwlrh8N8ErkjCuqkK+248GSwgmz85ZEW25Txd2EbObu/vkqNsynLCDMrT1f4ILCr8X46bPR9/V3b5IhCR2O/EJK/thDjoGHOUUjVquGVfttxbUbb87ax35Tk8zKRDsVR51YpTf0uAGoc0vOtg26R+7HWyPa5WAj8I121pv4liiDGREuqD/FwUIr1vQAcRUsR/qks/0+j9P4CFf9j6ZuIwZYL7+1FkRx0NfI0q5QeXGbevxuqWVx6+/h6VcwvwQuzvu6Vrv+vQTugjBP/kIk7qK1/kEZyxIaFqu40+m6L2tFOo8uXz90+vx7gLHKMAsckATEtVVhb6Va8zKTJ3jDLSfcaEUlsivQb5Ui+h37MER7KLHEMsnZ+Kw5lHzoj9uA2MsYqUquAS5fjQqVoSXxWy6BNj9w6cd+Vi/HHh6frIL/E6bbIIacSG3v892UuyGYAjvTU/4UtVPHOZIwjx0HC0R0OH4t2wQEz/27AjHmnSMiEGULZ+voRHXM2b6Tkl4nx7uTh4t2kbZygD3ikUPC5Acf/Io0+EfyjBOvKd8rax7Ilfj0y1ONOx8jlz0ZHHG7FkZZqbzKOhcohYJeTqS1Zk2mP9EzbTGVxUSccD8dEMPknRagi2os5EPJbOb3WLODdFtN3w+x76Lm0+7rpLSOUeMNTHuWUoTRaDwKBBd6j0MAslaA6MoLjIj41p8KCnCmrZl7spOoq2uUqUw3GeYoOqFlqkGYvzA9jLDo0mdTI7Gshk5sMQev8f4oIjoQAp0vKysBElqPDwt0HLZUO170X9YN5Y5I4zdNzm++CMpUzuI7/lT2DgOmgpZ8eK5erh7OBsqPuw2yCib+CwsvKaVDa45wxTQgNqG1YX0j0cQJ9FcikNB0fNDjArCeL1f0G5AS72SPOmQnOOqzAgAgyLuZaGaXUeTFyVmUeiJz99kQAKylKMMufFhcmU9r7At1Qsy3ygMMOERiIkkp6w4vsWz0/mubAuQxEdDFLkS9AoehWkkDNNLyqIWO77nsDJb6yrKumryfT2THl6F3Ln6zXMSJwn0AlqfQtNSQATkha7X9zC6hVI3/mIcMWqpG5DlKjB4ikk6HyYTgjoq6SrtsZ+3mZlF4SsYoDXFTY+QAACZ0dAqjIDHJAv8aGkcWyTAKGbMMzHJH1VORV/x7JGSwk9XRVBMqyLhFyM4nPxvKyvAk7LOvfo1BCsXg2VKxfWi83qArTwoPXVqk4+maPJk+w6ShQfuuHPtfbLiUsFLBs/jMPYTIcyZ5so6Ye+9VIw17NVbwsmGBnBedxo6nouX9VHSyGazXU70IiEWIPWbcOfUAzmxaIbGLXS11MjkvJa4458ikI5ye1swXbeSkV48vxEjYf1MtkZZYfkcRlh1q6kPCCY2V6ggZd/F/7s/0EymQNjLD/N2gnnllM9lmKxxlwwKQxvB/TA6ujUwm9qQMK+JK9j7ssPu4RwL/iE4ilCfbhPw5p4OoDkwqmzhdrWQ7IGnrHTJCJOuKAefspl8dHEG+4W5Yw2Eq2Rd0WBYaEN/EbTEWGMnr07/a4+FVpIP7y0PNDmHDXVHBHSgOgnUfvs1BpwuiySI5Hfmqq2lfgK6kWoM3QSU41MbMtuLBZCmw3vPD1+7yCa6cx3frqMR3l1gse0Hjg/CDxEj1dgDT+QQRaygLEh4Dmjaecg9gDbGN2gbBXS/bjNMOo04V+YFTHbhybpeUKiyhqV5ej6mO/nfjh5DBUojNdCzySYdRXCixCzFSCVOhIcDkHAVAYk0dN0naQOUXFrlj+ZpQSMfBmlFudSkRmXrL257Rz+4iHirq+cMGPzZWzVb2OmmopOESU2v5dBjyRDh0uhMKCYW6QHlSBIgbuttfu6AbBpNTHsNwlLrOfdkpq8yuAjRgtht6LcUCjbVh6i+MmQu4coLdEniXDZzEHfaYKb0OHs6wpWwO5ffpFRSBDIMITLiLAOFgprpISAtWVAobyNoNazcF9pbe7BQl+Yhhc2gvzX/vHU1++WE4epIDXucZEncHDgmmxFM2PnINHPufpg9yDARcROCicxb23krT6FQfbOJjbvgVhOBtWCZ7POF9J8x1D8oS2BQeEg+MLR0lhf7Az6fm7IFJrSspOfUX1HwM+UPc1EzHm98qVa3gRfmAe9GKK4fEqGMqaqPMIWdMzPVRkJTMruCA465IoeqxwWiSibXsHf293tRO+0PWTmYVncRuTDk52tE/YkzYhHjRRP9lH652RFsISRi2tavi3wbCMkzIZTfbl2zsYVCEuqiOPFOCPuGFJOPdCjJ97Xqma6P1QGCjWMIxZv1sWB+NT9xXyk3UMrPkA+uMJ4/ZTVCBd18Vc0ys5zgXTjQctup/IruBIPh363R8WtSuLQSTNiMJHhb+gV/yb7CzHzuVdIHf5hDfodKtmxGM11NxL6xbJH675//jKqPI/4yneqvZpw71dsN9lXBeMRA7VEuJgDiLwBh0lfOE32ccxAWYfFfgMRROJDxN6IoLMnKHdKog+FCmfLPh7AdimK8rnhvy7zxrIKfahki22fp94YkwMec4kmKUS9Wh4YYHeBv+0AENvKkgX8RP1S00cvRLyxaKCDhoR8sYjGZVn90xnQoH1bFqPKf08tWcFayqyqY4hBzdU7FV/uD5uhKR2YpRkX7MAcFmvl1qUvPZfA2bku64vHHCdp9HLuzVLElbrWlro2uyz+jdjo2Ywl/i9W1B2JGTmRwmCBJry/QSYv5KVrDvedSKWgVwlGgZ1asWqBPRFvnX6k/TMdHgUINSMTovFDrH4dm3xOHHkZr3R1WrXn8mQ4x+6gKKdXnYUApjkJQyViFxz2jwTKKN0vqww3rD3mzTC3t80NT3aPDJHX9WDY19bYeqc9MUtXXo1hg+D3K5AabfEJdyZabDkulKfjdglOXIInbnG30it7k365LYK7CcmyJ/n/z/b4avKVlArI5C4kZksid7/BJ1cmNNBmtxEJZJM13ks4IasmswDkQqfeiaPuJVdi/8KEutFPtYr4vTDxdeA4W33inEHe5U3rnsUGx617jEpmgBrt1zSh3dGmCK/N6/92SxiOgJ5wQW9tu9iaMbuu0w9ggDoCuETJDX7aN9T2gRDBReNgSSrfPaFn/TZV8vUEIrm9vwiGdGl3MxlDq1Ud0mY2mAB+61YibRrg2Xy/1+SKxFN6tThlqmWKKF9fxDmWB7lmQB8U4wrqBrEADAug6X5kVzNiDxMFBsPvvXNiHH9/iwuWBSrSLAUg+19XRN3I37jbol6TckasOxV20zkaKfE1LAECUlNw8TERWq0vmGt8NLQ0lhSQDeioJLvVbvwg0dpb2T9aW9HCB3E/Lg0ZrUk8/fr353bVIWu7HPA742hYV9lph0UdO2NOKarPxHzqpuDxd39fKB0STWufqP7pJQbGe4IMfa/owEoCZtBWdpGxjemor+h6mDzIKBg8pEeUAW01tUWL9NmW2ZQqIskIqTWL0ht9bYrl5orM+M7WU5U622kMffm5AWOtSaQ3poagyL/hvuDMSBj1OoCW9w6B7Q1y0Pha1oN3FQdEiu6cfAaB9L00pfhKn672gzKAWmcEzjpZT7FrZeDA8da6mF9kqjATw9AgUMm1kXmBTH18TbeeaiszbZ/agf9QqwI67AC1nrAFF/+6C9lsya7lhf9hsYSmDFhSuYcXhMsgPQZNtmKfsPLZnrgbz6gQmKHGBMhvWfbvTrzcyEyaZHu0eyGcJOasrakoHEP2TpTi9Rf7xWtUbDeA1rJOMQhS6duMD5yS5plH3hdU7SqWW4w/XKBSuOFGxSDUPeJv7+8Rbb/sabr0ZfXe7OvUNWAsTTq+xqZuyYWU6GOP/dqj+XIQ5iD/IKQtNBjZBxul1Oe7od2R4TsgmZr1LeG0rs3MPClUVOqX7WOR7IpcX5yv9FXQ1CiSlel53t/mRV+Ebim8qyyCAe284vkHXImYEbvUFZr7mAznS6ripvQn9ZQA07QPhYhPHX72EuZnE5MlZ1+aJ88EfRO3+48yb3v2Eq+Aw+Ni9YcH9sTXp/J6s/1G8S+tmhDHOYwqH2UGiLOMvJTKqbAf03QHkUOD8Q9w9PTOstOsB8pLIKw5aiThVl5cEb96XS3Mm9PSU808LxOQlDae0TXlam0pH/7B5UfCQcNz586AC4v4cUXUvS0+/Lb5OKyoht07uloSZ/nt7sqW8fmUn67lQqcR4vJQ6XEbXbjOoyDx6PpWQCFapuPmpcez+W1rdIX9Q+e6VGoJMLmCKef6RkBuFSOo0ZuNHI0FbA8kfgmLxHjAAneekCwDVfYbNduB4Ln/uBlDzBA3BaHD2cepn40pb8/zSlUl1gvWd4y8pjdTOeTS+pIXZ+ph1TizDXSf0m4HZ4cCT6WjYzWqTT18BbM3HP2FlgzFjOMdpqR85IUyFbf/wC/qczFExDXyEqyEukutPWdFfHQEd/Yv6QejSn7XUMv7wYjVplPPF1kyKQ3HXM7D/OC1ShHsgNkeq08vAGNarM+3QSRBOJtaZQzcSh2+0Ln/p04NOiEl55YGO/jS4zfeFrlM42FB4VJ9INFZjtDVFSDM+eJJewODPU62iEO/W3ObsObFGGmfZvibODIfQ/U3R09jdVwhsRK8HAZGAMXMzszhjbd/J/SwrxYw5TloyQLSdeN9laDBpoESLRtI2EczEksqWeAD+fzrvBJo53XCiIM9UUa6Bgs+tLqdcotoUJ3W/TdhgRI0WjtRZoEI4yx5WYgYkU7qPq2OjfqN8ershPk4MkiWfUie+Q7tuRzWxdHznp+6aWY1lGBtBxjWX3lpYGM0+XcUtTslpKgzY68iruds8i7OanWD1dbkI0ErMxIYkxRj2BSOKKiBLDTmDcYGz1xBElCtBtXXJjt9jkqmizXCMPXTNiKDbsV4D5ivRTrdqwF8QlHhteIEZ5n6Dh/ma49SD+RNfvSfVy0iEuGAeHiFcb84XdBB8OaKTQCZZDeXFzWoKqFh6GT68sUJjm5ctCBtstNx0gS+RsdCUP+oGkSkTvqgLmoaOBEcD8e0GCnXum0FdBpqL7aE6YJsK40O8+EFr9VRrmhw2A9BpeXLftGOPL8BXhbyJLeKHQn7e0LY2yF/Vr9i3Bq88oEcpEf7+CECdj15zPanlVBT0iFrHy8Tt+EMKwnaLlR8s6WbgUj2nqJXSbn89t554AW2kEqoySgFIWCjhvRiJhd1US32zRg/vANGU2RDXg06mS42Tr4hKMe5YftdJ/WsDMTf9Psyl3hB2DY6YZgt/p5nCB1ZztwtJonyeL+qoKyKDH6c/uqH28hcyynJ5EWahi3I2QgXTaUT29EBYP+ksyJNaaLWABKwHdersYTBVA+YXnJCxjfAT/BgGLd0I85BTPByk70WeC1M1ha1tcn+BIoF4UdewfOzKtpxW1U2HLVq3EH/EwfjB8C89ymul0oyqmTJc/vKPRHI35ULLPMXKhp+CbHw7NQRqqoZJiQp1DJQLZ18vMwtG+noY6IqPyMMjmIckXcYvdE5WEP/bfmyiudEHezqRPUn8URfKqjQohg0Mii47wxkdvuvCfL+flRdQCgJn5UFGNueki+Q0ZsrjwBRi2IWu6l7RK2TbLIFP4g7Sl2KzH8t6rL3pcO11+Al2CqS+p6tA++0176QgxZKhWt8QI8vdRsjzOkqomU+uoY2CyWtCHyTlZOi9ebjPwjco5a29okeC4HTwmQ6HADJi1qPWEnjyraPNMPzIpn1br8twF0rJsVGgH2XxKY5NYb4Y8vyBJGuD2cG5GzWE4RJ6Y0fwsjEYuw0DbmM0qjhy8H42bUOWTJUriYZaUn9JW0RI88y84ZQx2ejHjCkL8m1AdsqNBunV96iOlRF9tllm0DYMOOUndMkNFAxrkofdGq1SXcsbU8s2p6CwDWhDAIfz7l3wh0JRI9eug7/e4dr8smij83qgxpq2SWd/e6is3oF65bwepxcdEo9iVgPS36vWjlNPcZHaBgGU1ZK763S06Q8OPeENcCopObU1J2OGq2Xd+Jqmu4+kYJnR+heYkUvY3K9oHtNvpNvyZT/CHvr+VoOd15typTe5tqymLa8Nf9ktjrWt5p5NigDZPdM6OHKTUleQKFNK3hOFszant+LAmBlV9N+iZB7NeIHRt+fE0SRQhcgk/KihHLtG7EO844M49qhse4tPvMvmlKzEWVIBsvMKGIBxIamJ1MDoKjEDspt4aKa/D0vTiPgFfLHgRLfB96hbYCxy/9mjS3MJXEoz7pH/n/6GqYUrsQoHQ0w84Sq02wUjU9i6T+RqkZAirUG7uriDdBWEIm6cT64VhjXxhGzu4SmyPhs1VD5PW97xU8yFmU3AvDfIYHu9B1m9gr86UNkKemY43njGYPXQAwf+23HSM9+w8mNkuVZ2qGGrGZzjv5xFu3T2ZetnhaWWuluAVJetBATfjba8Kkt2XV4GxR8+Lit0Yfp4s5apFNtOTMTzdcxG/HRTU14nHmqIdLkShrLXjXYAMKJNbBoZXHAHs3+OPupix36kwlrxACleFeTgk/HfN2QaS9dsQMPkCTSAXoRkGaS3+DS2fQ3PQ5jAXhv+X3bkzHiNjeWuRIaYk5I+p3cLtvl+07MhD52qruy7qhVyq++jNNtkI3n12kyKvmJd4rhvBsYsiJm1wtO/+BAAPqn9Q5wTjzdITIdXLc3ALgLxk6Rf7SngXxnDkF7bjct+FfYWoQ2Z3v2v8ug4CG4nHNrv9EmtI/xHjg9C6ELdrKehWG3LWNuIr0cDyoSyn/L8ge7Xsw/88ap5LlF+VSNUlcCe4oW4pyHyCNMeha1FjwW8F+/eitCDRFueMNQg46/lMYdXSkSUGuELaK2oyTeJfzsE2usu+bId/LM+QLmjFDGHFmlSCsA42bZWUML2jph5FkxoPLUWTC4Sj4KG/yGKcJL12xxK3W9sxbCEnrgArEPoJiqtA/K7XwzoLIMCDEzulzYtTtXAiGK8NviqKu2pM44fvwGAqH+AlvhV1BJoYofhgcxQv6sZ9tlIS4GgcefPXsn1QqZ9ffp7XjV/dazwS6VE5UoAejW+SAlLu7EHoOalfnx8dDfvMEskebBQXHv1Vj0AVSjpkQIqwbPsKH47mXFCkA+Gmi6+iT4Vfeei/b5c2ZZDcQP/PPZkwwkrf14TUDc5WUKFvI2D5/tLz605Sh2Le3HeBPOBWeaJkBU8VAAxPVMG3RaleRkX5L6mb1wLNpJwQe2llt2xOb8gfYUTQjnZqnQca63uAoSFZ+Auq4dVP7WMoLbF2hLLRwtL31YPdY/jKhPeV3qVts/3y6r+z6UQd167ABntP5nPaKEmF8zQ3JiJb1Vwnt2SffhT79dEPf8Si2BxVw1iVaQ6Ql4vqv89mnKQe/c3o7dh4wErJd5j7A7aCfh25ay/7nNhaZwvmoHUhKGOBMS9/wwgnC8g/tNmIC9F38JoIYJCplB12AUpxc3AjGQBrXlJDi1fPZTKAHJvH7p+1WGtwc+SSrZ/vVIdSGQ16dkkUcuS5xu9LMSFIYUVCU6YUwdjPIO+azV8/UOPNgiw1lNSkzweF1xOYJD1YOLhp4vg71Hj0MoKdvdti7AfIqRgFR4e/40wqXuF8oCLla17fbFW+hG7+Zjw50Yy18sZMV4Oeve+RY06MAbn/DYo3gDbt43DeWi97+c4o4x+fj1IsSizjsMODE38/60q4K1m3jMzvaHkWPIDczT1wSB4hP1Vh4SFpc/otmR7hCd1xKzaUXOV7ZP9OZSFPR5saqxaRvS+3owjWsKO3AfeaMFoyW8bHxC39+1dQ3idB748Xq3ymOivcJsGjElqQ8uhcg6jDVuR5s7ytp46Y83Rt0A4CEgvjgP7oDLGNn5gjCKhDaIIeLOUTeLqaXvxyS9wuUXwMvpFtX/aFUDiLYAE3sbHDjupiYNSw/TjrgbKX45re31lawb4jHUWqgZ+zXB4yFdvGbmmNuonrQRn3W0NniCpbm70m0y5zTttbXqGoj+eT03Z7OC60xmKajSdD/cGHZl/BmAzDWeG16a96KfSu10EWE7TMJ1fdMNvs49AsCcfx81oMqm2ZHrldQSF84wseI0PyULnVoWz+3RIEipdh7oRDaraxLfo4mP9FB/ly2blw1sbyj3S4JUa/b3R0G9RnyQXkHqkFBw1Fx3bOjFBumY2MIqI2aBfPr5zqwBwyGvGVkzCsi8g1GYarDMbM/E8RP5QQcNrjnrnn95yKpb9ksnR4ieqN9CrI0IFE/wZlCVkiAwhZSGToeVmIdRPd3oAMULlkw5yE+58ycR/ajLBbCw0ddo0ezEt1jN9BwR5Pli8pmBVHB3HkCDxlHPaEV4LTbolO+fQ/xcABY2WGKo4dXLW6FsP7Hln4YQxFO3Ao920hf61olHovGYgaqgC2czd9rQdLAyyN2Y/ATO8yPaxRWZa3QXY5fagDbdzWC3bgt4Qliem+aXaBC2KJiJMBGIxlpogKc5/PFAORMxPbGfp25YxDvDZugiW+dWgT3U7j7QpYgVLKeKbVXW+n0kj2/kpKkg56mH3trhZ2H3t3O+Iw8r0EPT24VUgi/bIsEWmrJpnWCAaybfTUHVE4U8gb1lVlfbwTWahp8D1LPuDb+O8kM914rgCffGpkNZM7VC6GZ8z9QKYKFrMdn7srqfqqRLJh+Kj53KKwW4TctgfMqEQVxl6uCkHQ9gNtXu5RoOxp9fXB1NW5e/oPa/emaM5FWf2CoJcVIJVRedVSSN2wWPCZ9PILnf9QhXZJzk7/7zeZ/SG6PnfqKgbgkFOj0HE5JizuWzUN/fpCRJZGshWJo2k7oLppr025gLY+/GDbYsahVU+ARFWxUc7SwPyBxnYGcqOLHBd5JlT3ktUXGEalLx5P5cSVk+7BIeWDHu+wtgYPifl+p54q2/nUIN3bRQrjMUAmKSNCj4ftmaCc/gRY5P645+utWNn1hqOnhPs9GaKA89xDE7yIzSTayhCcZ4oB1VKX2M1zbUg1u6ebspNQLNYsmrG0MZpnGodvO3XliDTGmKVYu3jgCZ2hDkj4MyKnvr4OqRPZrg8h1ijtOHmt7R4g6ha5FplTH1gcuT5NEV+Rm9zZrsvAOOZVrArV9IoqBV0GLgoCoApBWYQZ3MeXxOfTzkEj8satO1pGuYFqIvjiLPgYyhKe6w8Yu8ZvPhwPQgR5PFS6yJoIP1APGM55hn6eMCXo5pZz2Cmb1ilcPtOgIFgsYBRKQDoAGK6Vs1ylKRHowdTGxEtIHQxqnSsbGg5CuyG0MehI7+C+lN/0ooADycCgC+U4BTgc7qa3wzwJl9KEBu3jNkd6Nmf3jdp7kMRkzwYgZRfOsoAQNO84gPbYrGd16SX+TJsjRPKSoU/gH5baDkNYIx70NRPkIlW7HqUk6HD4et3SSgWuLAF2L+xlb9yYbNv89zZ+ItlBaIs/8tOYqE6WU9W9N20fXf2ru8ir7tI4j3apA+rtIvc+ScFtHlgWmkz+MekzBMVAHfuttOgFo8XSQ5Gh/pj/XrExagWjL/zt6psquiEjIeLeGvUOrayfMdBBfAJBnO3vNey95JiRLM1Cf/Vy2gIj3LLvU24SwgEFMF4sT6RtdqQ2yWC3XnE31dnVp09esbdO8F7Fu3WYKQw8R9O24G/Q0i3wc015p7PtSJfPZkJfIfTJbbqnpmaiTu8RtHEsOrknMqpsTMEyxLGAQ11TKtan+tVSM9ZIBog3DdqER00Og3sjX50uGuhLAddQfJ5rByU8FnpnDf8/y+Yped7ttm05V4VaB3O4wjtRVEEcIGuJ8p7fI+hO1S038mWiKV+203M0IJurwXydQ7rFOAZ6KuX9pbHRKVDINv9rMKUstE5Q+nj53HHOkRl2IAybh2pUPUKlQqIEXvzyIPYwguij0SzyxAvos+xSTP3kknxUwakjoQ7iYxTavHKVBeIlFsAN8pV33nKq98kbFzJ0S9jTVYBz5x+5tuIFUg9V6XTaJdNEWtil2jcEQL6tRV7wJL1cBc64CspNH4IyFvrO8NtsKVgX4bChOKP0vYsnlJ6anZSfqGL4OsBOxCjjskbTKxMx0ocSH/gsiwlf+aJPyy/r4SXEUkTOIrVC/lQpCNZB3i9OzipTIzCAcT/z0CY2oOdj5TYDNZ0PML2CcSsGHstfPqE4IMvpE+e2hH5aVRyZWZsbxrX9jLk3ChBun/mICHnXEpnVjh/5g0h970b6P+M5zgtX3g1M0qjHZzmumvCLr/sIOQ6SZamC9WUaOt0HMIFc6MC2w6LAAS39qHeJ8bn5kgIf6zdoXfMSGdIVOHFJ/4+VmattHF49ZS9DIjmlemE04aSXMg33D3nnm/aQzekNyonuFKsV37FM07BQGaPiAJTMVBI/8LjXxu39XUDky0up3+c1tQztvLUi0jKz//J/W0eRCtHQAyhLNPluWKA1Vwnnu79To4hVQNMFgJugNvkwbZV2/ZCqhIoRRnu9PxBRHSlWkER2xKm+0Ay5L1cLxyoxP3aYfx4ApwFCZ7cP+Vztfm6xnI+oJDbnqmJSJ5e+B5BMttYh7VPRalyhagSe7ih/5yTiK0JLhJHciPCRnnMQYF0XyPmdfyyj97T1zdFAZbq0zBL64rrjGndUPh19xxxLFUCZ2/SFIaHV8lfw4htl9XdBabT8QNo72agrptfVVeRyrhut/9GiOpZZsDbtd6g0eB0lYhS4Bged/fBCLPdCoSFaWNts2ZbLN052DXAV4sv0aqzKdR4Oo4CieVCQbKJiR7fCJo1CU1q+GfY02rUJ8NweF0NLla/6qtRPVC4v6z0QbNvtZzqBIb79vevRGDiMlAlivq83EOZzrLnmEPasKTeSIoc3uvImXPm1erPJ/agkP3adgBRtlLtkQNhm96SZEczDzOnn7ONU6rYvkUpx6s0ZGY8B9Ej8xvBCA31o6u4I15Qz8dj32l+O2GDjDSGfQ7KGS8/8GBXcc+ClfEBJaBHwlQEAMKpCzEGf3KbvuV66OuZj7eZHuDdQWB2yWmInBCFngek/PKxYzgnrgaEFi8e7ttdbKJoO7YT6WzdKiQim72oVthIFpN2gCEHIo4c7SgVat/aSSAtLLVznaKYOtJ8dHbIhuxamWoKLhcOcR3M/kwbp/FX4t7gaJDWukxbfM2eeAHV56/DkFjG9dIqhxZlQErSbUiN+Y3FsziHUmQzq8CUi05sKtbShhv+DdyirzhEaSWDGLhVtkpW2csgXxACuND+yWUpQeX/S7XEE56bAmhOzSt+qKx2zEVENAQ+9dIthq1czlqcVoP/Xt0vQ8ddTgC5hMwKch65nG5Zz3Y+clhnSNcV6rNzPTY0LjLi5/q0IhHWF6mobINRdVyZQ5qUwhZzkWyIkLDf2gtoKnm01nv+gX+QoSOuZmlMj3gnon2dCnoTxmffjn4sIHQlSVstQuPfwOyEwJWYd4p/112ZnFQBfc294xnTgrf8uOABEKTXr0QtVxkJnx/1F4H0699m66gRxi1gyg4NR9S/AQHeJfX1mSMehttS7vtyUhMcWsvHptgdMHRlvpYM9rOrBquAbvUVtZT5p9LULH3ZfMZYJ0dni7DZm9D9m5RRp+Uh6HPNLlHbHY9OgD0cAalfBJ02fg7GTplKJa9sfXRAY/73RQtd4doRYHIgN31gOaQ+eouXRHHmdHa+QyfE86G1qQJkFcoK+BvSlIhbxXgB916Ruexr/B9ImqJaY3PsoMjRt4JXAIz44S2R4b8ltGb4uFnhYtP73a3LD7aIWGwfcA3GtKcC1YZeNdDTii2KdLPEnEdJ+skS35fzhDUkQa50kjRqkVfpN5dJ5nWkq9hx0mIpFeiQZpHtCUQ6F71it7Vr4EODuAitYU2wd1ms5Y8hkP5dZITwdkYbOC9O5jpLYSpBdvBHr6xabNgkmw2d+vd4wLZJ9hVIjsZSeXUBoUtBt/WdpuQaqlBjwTxTQPxi/c4V0jRlZ70d/z+vtqg84fchsv1eI79iVjBXFOZJxXlx4noaCeouZPjXqLMFNf/K1hd/54PVLIsHvyIzlJ9rct5eG0tz9FJ2Q3N5Ys4ftEiuT/npEFj7I62Sdd7f38LHi6ru3SH+KHDrSJfFWq8iEXShI6nsYOgBs88iL6aY5X24lu2AWkpen4+x17lLAGM7p+Bp/K/C2/jQ+0kMvMJ4Vc8sWZ7HAaJQNsODf/DwhSft+HtnS12H77bcqMPs7WZO+jwvaYngsGteYRn5B0jTQGe1GaE73BFHhyl5/1M75s//zmulc4yQ3XUJOmvbmNBrurd66S1Gb4VCGyd5e6rq8luDqaA6ljZv4Sm470j4dzMfZ2hXzUTTwNw/5nDTVE7r9vNbnTxEhVEbvukzNv+R8K1vp8l2YWteYYXRWqDcx620Hp3sUcCsahaUpDccGUmMfiIzCKq5zN61R9+cc9Lakdz+fC384P0qHMRL27825mWp6HPZhDetiu9CEvqk9PyLaKFW2sobNn0E1oclXgmDL+u+AXPTgcpmZpxVRBiJlRpgdc+l5sfTUh8Z7zH5N6fYbmGfj9pr35r4w4SRu0YRoT2cXLxnefb7iA1Sx1wK4Ibr6Es4yHgQUxTa4N1H0i6TG82O2xZWXJhNqUWIVBX7KXd6VXnUtwcMwn+FAPP72wLvS9GV6f+Dt+axuSC2pRHmEAVsOPIKuefRbMwehj3aC2FNbdRuo4lZIgdBSKXVtxki3B+Yedpz2NMg1GBSlp8EiF+bImpgrjqmmtYeu48qjzNU06IbZ6RIMhT/6nX2BUyHbtd1SfhOGoDU/yff9g3rAVQiZZR0hMf23p16GMRhJJ09tWEfV9eg/FB0VRDI1wrHLBLhUbLwrolZ+EFxh2tvnjpLWuJ2IYluvd5XQQOufahPf39lm4XvHNAj+LUW2QyZaR/D/6GUPv+x1XwjWnPpEzRIrO6482ZEjEXJB5zc8xVnCwFFrIM51pBqtpnyseMHW9cvdne8n2sfy8G0xGSxb8lLS6j96tN9tH3HcX0pxtiN5fpQbGy3ZrbXU8Sq41SRUw7zCx0JuCKebhRuckqFri1oBgqxv0IJWUetQniBBmO2lCP/2jn/FraNJM/nRtNWbnhUiIb4PUAgfznJJHl+8YYs0bTY9pVlEEfvpyDVprA6vcsDdSmXgxpQ94ueq7cM/9CC9DlBueZ2j8DDqGPy5s2MVRM4DUVnqqq0FH4O1IocYjS/4jFikbIloFOyBaENGlEioXT/POd8PrhWxc7+DgdfNadj94f/qxuMLjbjJCfjCX6pJ5t6hF27wXu4FPcAgv3xH4PtHsTMpSLu/gOsZajcbu25JdY826KVZv5EmD+87+Nyn2glZIzQxLSmoYqjcgd+s8tFpJxj3bAHWQNIdby7STYHTgdpPTC7+vWlPRHhg3n6Tjl+XtxoLVojDrgfPZAVisZlTivoITYMlg226npYlp/Vuej7//FpREoiBUzhevUJqHsZ5Py8U32W0tUEXNUmCQpM5OGEq+xDVFiYnfX6B1s4al9W3aUCboRbeM6MmgTw==</Value></TokenEntry></Values></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[16]"><TokenEntry><Name>SessionKey</Name><Value>kBkpIucWsrJSULBmV9+IH5DMngmDGbaZLdNfd3Qv1PCDsyH4mtcDYRMwj4fXKUbj8BHFcmAcgTeAUBFdh7gWlRrlRn3D1Av/EU/6PCacUOv8bEAf358wmW1S9MFhPluQMJ4WJTT9x2Jz21t8BF9IyhuxqKkfFiEUCW9aSeZ1UknbQnl+jkTklgc380hvupyjy0BHa8o53Dw9pRdhFMS03NQZFmXMHn3zI3EwKN9+nW70Ipy0v5uAJf727YpLlgzZiJWbQGw6REwxsyc+cG5sVnBkfilh7oBzuqmemEAZqqhAZTNrF6KOWc9lbc//i6cEEvDxga/zvmEXdirm29f+hw==</Value></TokenEntry><TokenEntry><Name>BindingType</Name><Value>Ku5R70mnGwvM0ifgdwe39u0n83OaOA1D/7+b/sNPXLE=</Value></TokenEntry><TokenEntry><Name>Binding</Name><Value>cVK/ZrxsKBa/zPGBltQds6tnJrnpNGFJHBwpyw8jepny81xH7DiYruhBLTPFcYgQ1+Hg+M38yygAvAinLFxcOKjIvTE7gE7K527dpElarrk=</Value></TokenEntry><TokenEntry><Name>ProductKey</Name><Value>2hbtaLovI7IBih+51ulYi9Xadd9ZaLkZS+c/Njxq9Qo=</Value></TokenEntry><TokenEntry><Name>ProductKeyType</Name><Value>Ku5R70mnGwvM0ifgdwe39oUlJL1cLf9ylvv8EgZ8Ogg=</Value></TokenEntry><TokenEntry><Name>ProductKeyActConfigId</Name><Value>Ef6wzAnVfsxquvsOV/OPEMO6pK9hirW3FWGfvf/l+RBThLDVgXxI9flSlhSl13YaD5Uxm2zthPPGRmDuMnElfdcj0/MYqs+mOyH+ddDR1Mc=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.licenseCategory</Name><Value>vI+HW8KORpV5r7HDADCW38fb/BLXh3Ex9P0kw+eL6DI=</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.licenseCategory</Name><Value>vI+HW8KORpV5r7HDADCW3xTvs/5vQebTjgB4U8sqTIA=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.sysprepAction</Name><Value>M4ah2rGc1mPKQMzsmMnN2A==</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.sysprepAction</Name><Value>M4ah2rGc1mPKQMzsmMnN2A==</Value></TokenEntry><TokenEntry><Name>ClientInformation</Name><Value>tHW471aPbebIafIguXAP6Fk7BaCg+6mtFmO/UXoqPup00oQfm6wZpe3HBhZa4mLVCiR/uwsX7wj5hNLoVbTzOg==</Value></TokenEntry><TokenEntry><Name>ReferralInformation</Name><Value>Zyr0E0gL7WdIx14qfb0QrkVOZKvuMvtr2SfzTaYXqRD0f2O+8Bn04C5YFn7KhqYi+5AB7ALt2ZQNnmIjkl6UQg==</Value></TokenEntry><TokenEntry><Name>ClientSystemTime</Name><Value>ytoNSfU8n3Rok+PNo3jZ4NIvOcAXmW/ysECqJHtLaq4=</Value></TokenEntry><TokenEntry><Name>ClientSystemTimeUtc</Name><Value>ytoNSfU8n3Rok+PNo3jZ4NIvOcAXmW/ysECqJHtLaq4=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.secureStoreId</Name><Value>AUl8dyOL2NN1GVsDo+9HStdZkkLb+B3gOThNt7y/2qUqrfFihQQlHmOQ4tl/xCyB</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.secureStoreId</Name><Value>AUl8dyOL2NN1GVsDo+9HStdZkkLb+B3gOThNt7y/2qUqrfFihQQlHmOQ4tl/xCyB</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EE7, 09:57:09:423 - <NULL>)
00010003(0x80072EE7, 09:57:09:423)

Error: (09/04/2014 09:57:04 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: hr=0x80072EE79e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:04 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EE700010001(0x00000000, 09:57:04:875 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM)
00020001(0x00000000, 09:57:04:875)
00030001(0x00000000, 09:57:04:875 - https://activation.sls.microsoft.com)
00030002(0x00000000, 09:57:04:875 - 0)
00040001(0x00000000, 09:57:04:875 - https://activation.sls.microsoft.com)
00040002(0x00000000, 09:57:04:875 - 1, <NULL>, <NULL>, <NULL>)
00050002(0x80072F94, 09:57:04:875 - 0, 1)
00040006(0x00000001, 09:57:04:875 - 0, https://activation.sls.microsoft.com, <N/A>, <N/A>)
00020005(0x00000000, 09:57:04:875 - 0)
00020008(0x80072EE7, 09:57:04:875 - SOAPAction: "hxxp://microsoft.com/SL/ProductActivationService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>ProductActivation</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[1]"><TokenEntry><Name>PublishLicense</Name><Value>Gc8njZeiOBIsQC7BdXfVi8AbCELI9orrTnyDaQrUtYOgNvSL90fIeYu4F4YZPQdJLK5OQ/X5ukoGjFAeilcvjHbMTfGwSKkqwxumKUN/JHRsaajT/TM1eT2RxB2p/RKuvz+BzPMOiaKRGyCh8VCj652UfvA1Iw5mpXki13CdIvsb6JBkL2u87wzwgSRc8Qt2msuZ8+MyXnfv7FqwzlUyFIm2J2UwFV17SYG2rXRfyLjb9tljBbwp6PghNePu+D1ufnlDcfigsMKqOmKmrk3Z4RBMcbs/v1RiSepmjky4ThiVlCSpIDOhQoSCroI8vnjtld15Kmiivd5u+PPgV7/EyBZiPergjKAeWfabzcfdMiA0T/ZQY+KqxJZOc26fxq+5G2K6iSPXqgf5yBUV/czZajlzZSw+wpTVQHoP24sWf9oPBIY5CFjfz4P43TSHVNBkXL9cGLL11fpnt4sDotszIfeMLypVforYD1c1w70E0LikmlSQ1QIzV2JAI/qlNcEQBkOREuZWKWkO+SHChpVfmXcbIWobdM3IPilxF1TiLBuDKZqgZww0ztt3S/LlYiqoSpKstZpGSRwowxmLuYOZdjbmbgKz2kcAtSpWyXbGJqg/QUoANe/pjh6SkBzS45+hIznSzjg8lGjQFFXIHfR+9RcEdTDFbaFT29+jv0ybkFSByBz7go8Yw1+CRiW6VXXBzh4p4VxYAzIG5gJBVR0M4Q47TicqrY6hyem6hnfCXJceeRmf/rfPzyETVyTNdRS8Gl/AhI4vw1tsIpquD2hlqH9ugdM3L89Ndl9+I8lwAXo9SvSwYgw6atPwT41MO/DHjhserNmcY2mr/GMsDdI8ozGmg6glmJKFg8aUXla3X0/397leZFZecMAJi/60bpxxHvONswqHqx/S6AETHrWCTlOUpn07wMd9lc1xjcR0f4QXBHQVl1uowAgVATreLYA8RibvBIwpefeGkngALiXSfAiF4R80CHCDHw9cpP3mKhDf2SCQrLfGXYa3grCSiO2X9h6SauX6NOLBptUj6P99Wsgd1y1GLd4bF1owhLxDsHNC/2TXP6fh5xWjtZeSgSoz7eTnSXZSAa2ds0yMV/suekseIwGzWH49AXDw2hPlSRaoAmQ50yK9WqHZMuh6/1mF1Kbi3sIJoeHItqB/ChC8DuEWOXJQRghw2xLQHpyjw2Mw+3PUyb2Wyzt5jGDs5XJWDo2rKvqd2/1UohoHzOT88U95ORTgj7MXKshDv9bN23MROptaFljRYTLKHC0YLWJRZPG/vyrxfcschxrC1N49pjDwJ2+lNI0IKB/cEcSzi9Ag0EcC+gdVBZPmEEOklI/4tX714y+7xF//F6R6bvzbbAJtlp7mFNswBpdo3aafi8Gp/euam6PHOr9Z0IHj0lMKcB8DGk3PdJplOKFD2guKZyeAnbIGw9g47bJqlFT9an+LVyo4ew7QoddrhrjXAqJnhsR/r/a9irTcqUl+dB8NUllbuuVIEbcnzOrT8rraiasTrd/iIxPuMCyMpaGX6L0qajMqqbJEHjPDQoVo0gQe7evfmFGSvIeiGJdsjAH/ZvaybscAyMrX+hJYsEATiGX4nJ5jck5JIwrljYBjWBXVQBIAgGuka69UaliWOWgmSB1BOJo+PMvvnLKI4kRVbJAwk31YiDOuPynDT2IMqAof66DQ3YRgn1Tr1njHw9Q3cJd/TKcV1jvj/e/ruc4Jc6ydiaNoUNVt/Q9CXYQ/bNDFKX9ofzh+HU43A62vEfFJXntf9Ueq0ZT8wGl5XM8AsygHQaRYoYdgQIw2bROmMEn86uIaX1aXt0CKGadlvEPl5eEsanow9jeYQDSehnTBlHw2YXRaDQiE+llkWPEzSBlSl2nwDQH9guzUfeC0EFW9tv/yf+ydJkTtfTVUxvJyhuEMwXoug/l08nrRRJo0mC/iZWCnAO4aTW4PPCbhHdFfJDxQ0/fPPWflcgyBUP3WeMCPvJGSKZ+XhLg2HkilfYyHoI//Y3XhYrB3kEBnu/RrkVlBf+lfLIqRSEuEBWAUGRIX9LSSXN1haY2IUxyKbPJ3jrmUdutkwdIRSg1sgfF4Sr8eeIHQoi3qf7WtQXcjHFIEJ+DhNxfa/qnpZfxs7MRW9Bm6gNP0ueBvXsA//nx1dbFG5LJOh+xNWEPeFok4PHWLclN5cp7uVNe3to/ArJNRNU0XNAX7cuUgYJhlC7osEoCe+AEqBte8wr09adtmUbG+ncd58EQl83EGX4GgJR6ZilF4Yeb/HSy5uTlZWOaa2lfV+KxbK9b/NS4AnFFc0JNwFBTMA1Tv2zdelQHS9KsRBQMCUnYdsOKDbufhQtlYYFSFuCFZ5eK1ypKOTlXTwTrcBPQI02hLQ0AQHAeUHbOL9gCI0DmwYUh7PX/lbdQQ/pxlUATiD2blYpu4benT0Znu2proGr6e0j67TE0T3VAZFTlpavql0l4qWNnD63AVbwLi9wT+s4KxRPTVVfaMnzYZ3n1eNtosTXzyZV+pZ7ND0rx8uIxRObCUycrFePhAWJNaDpLsj+BwM+v5Wf+FMMFsUDUzhkhL4j1eo53/ZxYD4BUdx6MpwON/VjD/JV8kCo7fNdIDGdjc7tA24Kqm7G/e0rK0HEQNKOVO0XQCsYPKYs3h1P1ZnW1ZHvYXTTJbJ0WwUPieVZ6pS0/ZavDiDETmKmFbNWWfCiPPGUjG1RzvUeUgHKOqWOArl4acurvPQbo7K/o5W7J/hpFhfsV18MeLqp7zXWRc+YwBRrH44E9+EeT0+WHbmkLjHI8Y4ViYAKrNEj1AmswXp8jQH8if4Ck76ghih7E64GmfwWzKlGFik5RK2dW0yp+RBhtOqQpaosJp9TJwLVrmfFxZjgaN/6sinbjzqBW3iImEarHvgN39dZ3LXGtp3QrR7kW1wc9BU72+jvMQqZ0fe4Mz6R3nC+hxarc46DzjL2GTWpnjSjlq1knXZXxlQ4Zv05J90V0rghLgo50r5cICzIpldsCbZKfu64FiMHBX0P/0Ach0sbSpjGaJKSCYDgVNYC9z2TbS35qefgiAtTfp33NcJajL/C8l6ammnVW11gBsN/7KtnDTrmouqm/u1VLmCXxpoRxMbj+4JApqj5y2TrC/q21pBM2gfINZ3+0QK7ssNOt/aeXvoN76KqL0xsu24PWv/9rt56IAia9+x1Ilh4JrwNfRW/5FGe99xeNBkkUE0aCmBEjaGOCD56z0bF+zDh2vYe2zH9E9aXgMMGoY1GVlKu4oN8hucR9s841SjAm++iD6pFVCwdadOMibl5qFY+2+Mq03GGxBgg6BbfPknyIeUvPR+P1eom09gQgCTwcEEW/aE2Xr3h4me5TFhDdeceJiSWay7puemYnOQ1xbgp7r65EcVn/BM1D4USc6Xtol9XhG8VX73qu8xUzif0ir3sqhE7KslAQzHPnxcd2ZWVMqWApGfL/2TLm23HOikbjLgrPaZKRanABAX/+lgt26hWydqYBN2rGIJB3II7ThVSHM2nJcPqQqHxklQ0hBZRddtCd0Wkg0fP0s/dX+ZIlNfekG9fkrxTr06sFpjL/CFMO4PnCDKOCyTU/MYiuXznWGu5wyGNjA16fghkStKemBMrSPDhDbPi+ZU3hyN9Tn9BIIl7EDZKr+XPAsp80UVDiHlthV3WMNPxZAx4XTG45zFl1ANDgEZwqluo1bhE5dQJbllwjIw7NaPprjM0596uPS24PaklfJ3tam5PAdkOo3Ift4eIy5im6irVptZuXktvWQlF9ZqEZBtqwSpty4/hB1XgEtqkMKUWx7VX2InyngL9u96O68RFb79Y5+PxVfSoAdEkztbe1V4P1t4kHmMiI2dtXY71XeAGH51QPjEKoErdTToMoCfIvnms5an8qxBEl4qZgxYRUdPSBaB2fy1inI1apxN575R9IRN9JbD87TSMItT6gU+P4fE59NP3G8C4ItGO/7ujRzDsWbtOhYzixOBKdMpwtfpdj/jolRiNQjLFp969SVdDilij+uzSD7CqJGpZDntIhyfxXhzy2XQkvP2X+tTREC8UKPvFZU78ftDJJEvC5ISlGXKuJwJmMNQy4lGZYK/fXsFddHl6HJk7jPCQTPGL2xpY2F65SqXojGOPe1eRF42YhxyyCaYN42VDPNZxNAQvqIJemciKb+e3v6zhnNRwq7vlejHrKEYw9JRbDuP6vAtGMezigqBXVtNJ2WLZ9mz5CtYTvKaoo15ob1wfPrMZy22MGM2RXAAPFUqT6WH1iOuakvELlq+V7B92Iyxc/jck2/p6sFvvpRFa+LBWikrrMBf4IXuZqaeIRnIJSUrGuPA8ThfXMahh3OzFveQt6r4WcfE1cSsL40qXVsR9kCfngqQ0nn6EM6Rs1b0ozLn0EYM8QrauuQEX+05KPaC7df8Xo1gVhTMhbBnumZKGshV01i+YzARc+OLpgI3D+LTfAy2DLRxmrEzZPbgpLtWOA+xamOt3HHUoq90TGQioR5bTcOqQV0xrHcJ0uEx2xvhZ9ddT+ddAIdu8B7jSo0RRtN7u71UEoARZm5mAmeGtROH/NIUDiONyXDU6SRTo5FMnWGz7KzgPhH8jslrFUB0rnGF63h16vvzCA8i/juzMoXxMVWtVNDGHDQNQo+EbzdUrIvjU1dXCbX8rS9ugbzsvJfGxNJ7cEIBU1FgH7G6GE3UCBQgZ9ZoS1byZuPZay0MIekBn9+AWirv5MamJQ46nYsZvq1QJXrQrXue2kcU+cjR3sX1zoT12f9XBD4ioXzbbm3FwkT6CfbsiCN2cxN0/tXEITYnifsaFWxv/QDKRccw3FsyrgEHWF/0FvOe46FMdQ8wN/o6+G94oIWKfOUTOFig2tGnu/bQ0i1RT+572YnYIQM358QiAilrxQhIFgixhY3iyMCOAFBYb8MWKgfsraGjc2G+OrwlEBoH9NPY+yi+ZYGTb0TqqE1pTtx89V+R092lDBNEQfbldEXIHWD61VS9fK24wSdv33o5z1jw6nj7S4k17QGqjhgqw65d9J2yogife6Wq7T2GdvmPz5cNDf5J3IfJloQg0wy1bhKZChk2RWJzxydu2yPtX59cg/+QVsVEVXnWM1lZ4cnCSr0AHbJqUm0GsEEOmF98KTfdRa0hRhdbT5m36gG7FFxwTpprVB8PLJrkHy82ZKIbQ63Kfq6n7plHgFydTLKqcXNuPsRVTNUWHrUaTPib5eKbIkZfhGTetZtYKQMDlj4e0bBmtMAH8z1zlf3j27+EgDOCdak3fRW5mRhtKXkEAQrLVc/yshtCN8NAx+MBrto9MyS/52xF0z2yYACboZ4BTOpSbubkQvmLdaM7ofICge5ez610eQPscyDJIDtvwnkDZmJh4800J2lkgpF8P6K78hXX44hLYGyRdRuWzlDPELekUB56JQ82Tp72R5FcXnpuncWHqrwUGuYS+V+WniB1X5AU2DwtwTeq31Wepslfa98Z+McHw1jjclqrszoU109qTB5Z/GHzQiRnn1f3Yw1dVVt38b7zUK4Oxs8xkraYF8XsXpsK8EeIplxAAi3NVh4zDaMH73FTTJ/J/mTdZVAtgZBwzac5QEcf4TrMNPtpH0deHAayItC+6y3DslayztRaC/BqjX7wY6xlFWKWbXQvwoGkwD3H6nV9+y8sZyms4SsFniQe/Hz/bMMRkIFWRQJ9HZHXPA7hpwus5O0bY4eQ67Ja9j5hsKvkQ/LAV7gAlxGAMpcWYyUAXhAt3KcJuOJicSwatIr40SSpqWsRXqgvWxsBnqm6g+aMXsPxqJdm8nckLxvwjcB3lBIpch+3fprSVPl2VhNK3amRpksuNdWoxMafSniUMdAszaMyfvueBS69XKOJXY6sZdF016GcInHZazjIzGcG5nfgbMTs33iniww29vKg9R9u21lI0vcB4K6IT+JMofcQ2K51FLpOkEslU1o2T48kNxWQEHRBIv+rXwQmxwLMZHkZio+D09W7/fTj4+fDYmbQvu3vtOEoqcwnar7uqxdmAtmNfzsnp3z+lnzxv9Yo8rVCWFOv5zMXifbou2jnNsxwgLWs7128liVvLMCZU+/SDKvlS9nVEkFSsETQqJxrPEQtjGfsxazE9R47wzHIsBCaT/N12CmW918U+yvtJAg1w8Egchvd2q5LIYKIrHsWcGD1YTg0qd7HWbYV+yVDbMXgVw3UMYswb7Yy0bScKG20M5NsnT443YjNiWcnGrjpcQFRKgCi+DUyolCetWrEZkyhSSwHNPwth8ajfOr3C1eqixOTCnr0g0omeMtHO3VkDCA0a1xac8qxwRMqIXxVETfo96Lr+CCr+UYs/6kbpYq+4z+5b4YdJhCvmBXGmhar4tXVuFsoNsGPZLLz452OCFuQVzne3lO3Od7OJpReAuU5FitXTr2ZQES3Pv3dwVYgCy/YMOwJvIzBKzMHQmBXx+WzdCDKGgzl+84I14wMYoUs0S+8v0+6jAKq1FkIzHIn+z28KE1UXt2zCnry/8ce7+R/imUKlPhE8oJzv327RD2d1m3fc8zcHIsv+sukbInJj6E5/WnbiKkfpEU3OUNBGJfUPCLwcESZziIp/n/Frza63anQchRU4y6L0LOPYifQf3fEv8AzJ2xYCnqkVJGEpL9OOz6/J9u/xfDvU5cirGTnoPtxEFuDri4ShZpOGLFpnb9JgTH9/AV43ACLr8D/Yi8v184ehtnsYLj9gYI+3o/NmQiRDiIOkIvQKH9uDrNv/+uMy2ZrcVZHI0Wz7FIPafoZB+1nFM8QdnfeJoqVFAW4+g+LJLsr7WZxW0Z4o1OdipCD8pEJ6kMBGN8FC5ML6pEmPpaUMoBH5A1VFwwAxyBItm4FpUXxEs9GySTNmKUM1VjFqFbMrMsafpUk+X8DKxzrxhH9ofyQDELtrXrDUtCHDPsedbyqcc3FSycJ8A3tFTOwcacbqNK/gpp10C7wAtM8vZIrWYygZRl9LUeXrfu44gVpDt+iBF3IUkMFIB92YZDC4+dAuAFGDje6vMLKHCvAzwd1X5QPlH91Y+CB/NBCmBareyUA4x45NY6xyiYTGS/cGZq36E9xHxSJOMbb2fmB9sB9lzXFqYXoqJ/NF5XPHPi6Tb7LXiyKVxVhdenGfspuptOskcPq+hGdFvwxUh+Tcp5pNObTwUKPcTX1eWp/lFs/QlOjgYPqp+pK77ctKbQ81jfxaIKislNuo1wZ+MTLJa4TZokXApaLJulolhrUS1li9PS86blVEJKChdxmA2BWddEpSCz0zoRHr7d3HjcrZ5x4Pbd3Rql88bd0qQGXjgtUdiNW7/IrxhhCwgRPz35uLyKcG7c00/giFAd59kJL95Y1G7/OKQq5BBaJJRy1xUKkRc/F8jjvBPZjYrlerH5KabRI72KxiMGFkMeaEjHb58WbI2XK4cwcmJuuZjChDTSts/NMqq6k+bQrDnUvV8TAyB6+lO+x0PeiMqtklwSgzLXEoyu0qv2LNcjNA1WMIiHafxA0qv6Xc7eFAIhNRQc0ZlqAMhZwQbAUzO4TKRrYyO+mzMpEWX1SvGFGLi639sm8mF8f9f/CnR1MHL9czxJZPEA2mFj/DFW+paZP90uGEbpcdILzMOT4YGZFuJwNiabZqpNN+xYcBZUirDSBa6DVhmZOwEcPamBR4vPNFt3iHhd2ZcXyte/uBCw5omLvSspBky0u32yJkgasIhlZTI+40fzP1pxXZquh53dHusn7Ylbu4QtJ71PV3Gabb4FDvjh39QaFbH4hT7uAmKulWUiOceeA0/IYorDjnK8nQs4Ju5h88hmmwM2af6Zu8iTZ/J4QVsLLDsmiCOit9FMjPJ7oRM+v2ry3RSBQ/K+nTKiE4VTYepVMsmyUpekYf0EJ0xYqxv9U0u5pXccQcejcCBqQnXPcbKZ7yGcptQ8JdEPsaI7Uh40gGAAbBiO4IaPomC3GvYg3+q8X7bclV4LBH94SuGOe9aqxRQ4+HynfQGcP3MvILycaNLfak9fYzcYNnoCBOdQqag28VGUCLpkEX8Li1UHlKQgROhNY8zTLayBK5qIXD39Hnxd+JN3SITIaINmyRQspJwnANzNQDDHNT7e0TwLFqfXuxOpeGj1VzSMNsbBrLaD3My4IKdu2oJSdHiEFXIFRPu6SO6L1TiWF1M28oyG7O+aaR7+sVaOcZX+zWTYl+IY19x72cbbsOqWMY7i6CtXZXXaQzrNS7BvyqtGuJxhUbEt0elpUOEghA1AgIYR7Xqj3ELuo4N6Fe6pL5IKBTclYAAhTaBzBYNdjzFqI/EFukUNaNE0u+Q8YM0bUYMd370ojGoCy9xQeV0IBcY4PjV5LfddQBduBR3TTqw4f1CB3/8Lpq0jSy94C+yxJZ4rRnIOsZn1ukNCfkCoH73Zch79HWUsoK/GhdIMWF92MZ2hg/iGfuG+KHYowSQB4Mb2z+Y65yKCcihk7Ha2b1VCt76mV5gEPkOTkzP/YeNSpK+f4juBFjLFYQsprtWpSRYROiD37nsMD4XDDaCePWlgiVKAkFf6jCn3uLE3z3RmvCJ3XOeBa9Q06usVGVv+E635sDa5D8Evf9d6XA/c86mAip5tjxSGcYzcPy2mvKnBAUJ1dyPXzjMHlEDRmHoQ/i+4M9kf79LWRV5zoCtx0MjfYhlgCqLid5N5HkOV/zA32vMyGR6NZI5d+CPKV54XGkEQzVMtr8dlK/FzTZveRdqqsypZG0fo7QQretsXMiRBEHdVsawc8PzE/EkBye6ZCT0/0C85Bm0sOP0acWCmSyQAuvYm4x+ZZDGnXJ8j6ZgTxFMiMofD3FjaHeRMZBDUBuBhYgSuiFF3jlGjzbwpXtg/rcjvAY92ISHMvxSn0QVJtdqZ8dayzFnPX4pQx0YTovSD7cKZh9rdd6oFkaZ1ZcCJwl66raZXfZUFjwNcO2au7qdV8AngzDiZOE+fpg8bpJi1Mu4SuHYhU3b7gJwN5JXZG0kCD/lw1vKMJ3kXjbrY6JAOxFBnLDnAgpVUoZKwVrV1OYDWqZTF+k23H8VyzCE93li9585W1/9BQzekYbdUyu3WRrF6BwfcKvXYODUBKB2T1dkdJrdO+4q8sT/FbuexADMs6lYHcUYV98Uff3K/+kQgoUoUbZbgxMa+ljBHJ2zpiDOM01skaDmagy7cAjw+U5UAjYk6qoABVV8W8V8CQ1/ekzacDBc9NClLe8NtLRJ/pk6PQ+NdBSI/SgUJhcqkyA5hvg4Z0g13/kFP6xIYykK6Cuu4Cgnumrg3+2blxvJU2ldsQZ14s4rfJBU2Mqc0Vl1qvvFlilvF6MxWGdXRV8mEIaXvZ/fJc2eNUcR57IzqVdwqc9e4iyZ+UgikI95Rx14Pw56rVutUJ8CsdNiMcwNrv4TFaQZNXYEpXMF1Oe0UH+71Nijriyr5JUtCcQBl6emZgPjbirAU/MK8q4ZBw86ZiRHzIU/tRhqgJW5YRRwqFjiHVJ0D3YdM5fVXGXsP1QNOUtpBxiWufpYsv+xnuBd5dbqGtWEn4ZRqHtNTp1L+anpISxCi5czY9CSyprIhmzMklTBIwcor36AQHNoMnmsySCLfcIVVqel5N8vHp7my/FUGEtfRgn2Z9nrQ45E4SwKlzC0RCe52+IFsFn8s88klODBmdpb3HfL/c0dOqvVGLffhmWKFJcdahRk+Fmx0cGgF/qvhoEiAhRGFPB264jKvAV4u54q6+2J8tq2eo7FUkT0avj2rGSIws4yOVvbgb3KEh8eKfydj/dxK2eVYRKJzE5vIgMuXhlGwNgoX/xbQlkCQ5SRv0BO4u8QVaGeGGuJE0ASSn74Ga8fS0eGM1Q72zwoRH6DQkKWsYX4bDNwHiRVn4iT8DPl6E67zqvt+heTstnaH8+x7UkSnILQ3nXz6mRWluU9sVb2cC+L0yjw6m9wnhsW/I2Hyt7osF/exT+nZN85pnI0hOHUt7jhG6sx9L1WSSYROQKxE4+oKXVrgcthgOml/lir4/YnzOisej05raAk0Ge5N36Yvlc4+GRrrpyFDLCsf9h9yJ357e8B/q/sZxnZBE7g/6Eji9G5xzUDw62ebXrZu4Slr05J9ATqxCBP+teLu8guTtAAAulv8Ifii+Sql9bcdlF7tZzksSh/7XDMl9+jRRBfiBMXkAi3Sy5G6dHkApt6vw0Cmbdo5pCDr67hTWFK2HdPJ2nR+O3/k1bC9GW1vuQy03OTzdNnqkv+M9FQikr41KxDp5qOHmlDZvuxev8/xwnhZlBGNLkcTOY299DhHw/h7NJ6ITCTF/6HKOKpHUpEdNuKsJeU+gP7lCQhTFDDHKWn0cFpZLQd78+1nAPVc3dNQd5dLTrftQmHiFtjiY7BjNNso0L7J5v+P+Te2DeyItVxP4MQrtM51slDMLqnDpTxlFPRJjuNGojgPFRcTDe7o2vAbh8JtxUeiqC9fOKX6h7qkyiiZXI7H6e3ewv3bUoTKLSl2xYOQiAvef97CgJiH4a84ogPFjSySmKaqH5ixZmrB4EcvfAS8sXyxRJXUeGa5mMCOKNUJqhPuC91f0ISWzjKBaZ3vXyQKZzUdffiI6gRxQi/2Oq9snRJAU5cjdKVF5PTw34El11qpDBxXZP7VhiovkCTRHNGoZTqhSTpxg5g7tzlbO9HWQhFuXEAto77xVGdeVSW788tZfLwEv5w5EazyVw2haudtBReq8tdgjaWTkdCUPnrkxWrz64rJJf3IGwTEfHBJKPE4Od3cO0+xDw0Z21VlZWkBUKEpDKdkJCJW2kQgELPtAKO/YF0IzepaQEfSinW2vQHNSoNZ/qrHiUSE8xSM8t8cSFkLLvD8hpKsF55zqx0xaHawZFRKrDIPsXchtOy3DgTGE/dtOMK/k9E0ZSX4QxTAqj2rXOeSM+ijNfvYuYgs9WsKeDdLXvfubtGsmJtzIDs5uNTvecoh7e4xkjKBnXHC9Jfb8J1Nnq5GBC16hJmYpmcRCiVpgq5sJIVZJp1PRcsme2CwBh2mRHBfb0GHnVG5TAxNBOp9/viFmlLCp4iuQ7/WJ0by5SNpktU/s3WeWKt/XC9XQVGtRRZTvOibkWizgyqrwzyNPkE9KB9VFKVrQIL9EdjJlUFb+EUVepuoDNPiBwKxQZvfPTTsIrp6k9d/W0hUMwYF7WcdtqFG7BliHdLheAyoYCZKEVfiYlsnYKg6o6iQCkxP9ZWSVKb73o0ZReAhs45PevqKaJMnqGnFYl1UuxOL9sB7Vuuzbs6B6baVioTzZVLAX6AUinBI661lxNQ4TuoGL5pSyFu72TsUnQopcxD6wItctjwXzrZiXqL066xljpDLbhZBC7w8PkmmAk057aL151L4xGYsVZT35B/T39BATXTNfi/4xMPM9KR741tdz8zXLZOBGLTUQ8A4PVL5JshaAw4pqzJS/uue2F2kc4S+L7KGiKi0PuHN7d08OZWoS2/JQXRV9Bw3mjUI8HdbIEgSfGJIWnvmiJH8rsqHc9eJsjhSxtoEptXelbdy2EauWrvHLfaE+dIcMEU9eu0qdDTYZgZB0Wb0XtsAd27JlOqlBDczR5GVVBoBB/VbpjLPJT+SNgfh+fswTvK6bMObAON4vffjF6UHrRisgXT1n3glceUd90fdO4Lk425penrrDuCJwiBpZ86xi35mRhLPN+YFHdhQkkM0Rr8reAi33UyBC+8se7yWMWxn0Vj04xZIhWxaU6wUN4ibvYzzIYEJPIA5DReSGFUYI5un7zaUZG4bNeRqY4vL/vxVb9Bw/M+b3YZ4kLQJqVzl3Mkx2uNY1rXnEu/Hxx/bugz1t7Nay/Dsb9UX5yRY82kdNvciOAPrLj4jKVDcBOHCcCEQdmq+uPqVijxRTR4qIcYkegxk/8ujhRK7RIENYt9la+1rqGxvB2RMvcrvWhXd+ndf3ZdKyl2CeFojvzi7HunU+BSlCZStlG3gkxFxiza8Trc77FsLwIOBdImuTnU9qV03gFkYbQM2GFhLcllcr8IdMATX1cWUf2FmI7rEEkbqdhQnKbh5/PtatergkjV+qrYtejdTxnIkFEqqJ3X62UP1DZ/LGsSiM+AgeWB2FnFAfGLp6X74bJrnUvpPyTasGZiLa5eB59F1aJ4qLBtH0wHEL1aprq5TWu/KpXPu94+amrvtPn0c2jxdavviQr5mW0TcK2Kc4fvUP9Pcem15IYjnIMdt8Vbkhju60+7ow0EiY9we87EDOR5RZiaexndpIUGmaeTsjrIno6S1BgXkZvUJK31+0JhOL2Nn0vH5MxRxPB9GW6DnXq9ZKU8ogHAwVkMnvfEcIn6ltO+i23p8QJ6turctZ3ITMBLGxqFu0ZQLK31jSroppwwb/CuvIYIzf/JSK8PbFBrjfDkupOb21RMgDCndEO4PHiw3W6gNkWFYGdc39mgAXeYfM0m4va6prjw7HV5bGdCjLRdnqguOMhedB9a9Yn3/bs6qOk69sDYprdWbDIcDKCe0ckXwoUB+CCkULlbkvd99UVO9uHUyTd0/6R+R7NHDqc1zUWjFFZhDCK0x8dfuhb3FRXs3jHviFuvvhKRUnos5oAK5HRw7Ifh11bvT9ti2hGctyExLSGktTyDa8fJccCH1yh+uca+gIfn/f6jhUa3xXvqs6Wxt0W8JEo6X+MTbQqYMFugdmPJPwVKko0wl/cfae1HVmqPCl1Bm8TuYivqoRBCFU/eZSSKr4uWYqoO4MqZRJsiM2HCStPmAoOuJtDYRRQ4sQwv7Zzh9k8S8PtCmo8frJu65ZsOp3MxFuVvUWSx962zzMET1G5d0XzV06Bj1ruu18CLw8+qUd9vLGL5A5miNlMtlCsoQWfMDokgrYZqi/XsNr28aSq/U4qckZ0ixF2C2FQbvVCMalbvZvbnIwzSzY5/PO61N0ZEoRTlkzMOKgZBxAPu6Y/JVPlUtCxoBa3alA2+CRCrW46EgWJ5qHgcFMvhczfui7Ih+WZ81Hizi+Cce8IPcq+OjrI6S8l+ih3mmjwipLSC/PzQPw/CCsQg01NCLNRoBGtDplmq4w8DKgS32fls0kuJkdO4MLgQaM0LxvRjgDIN91mnDM6mDiE/xJ5q7kChqzv7Dw78YH8wT2GrJwVB/pWBoru1JropyPFBmal4RLgP3b9sSD2Wa+aQDn4EoDrdemBuoopwPQYDENZpXPKRsGyCuBRECbz17SEEl7XopKl09MolEBZrb1Q0Ak6pmhU/hAFbw+cXgwUmtFdk9uLm393zqbuTEc8asW5/PnetWe7lpp99yflqT91nSYKg9EMroQhyFntrluudshAna4bdgWeVEflu6KXFUhTnbbvDEHl9ZCkR6uGLOspuYifv0m4+uMtoQN7ok60YbvJs3eYGMHfF0T/u+pI9WBMldOlVZcFB4Tq+OTggmZy5/05H5nS+vTUsoiFbtMfgaiuVaQTeLytI6UU7cg87YWXcWVxKmkPGFOlB4WrlQXnKomw5U5aUFdZEQYr4EOqDtes9r/9PY7deb9cVBOaarSW2qcnn/bG2RrzI/rgkIKmEZHJVOL0EShgNMijGjkDOoG7c/gvvM7lVN+ovB+F4KL/xnDGQdySDCYRqItVihiZaAPrR68hZE8AV31iGOaNc62tsf0GYTc0LRmm+Iq+4FRv3AgmawaU0hPHXYoDYDU0Tro5YRnYKWkE7217MC/+ZjtlEmPwTOLFEebthcJQs+FVAPwKNHNnyPCA1D2aq8B1Z+e+qgUbRnKhtwAaSA1z5JuSn2EELY6GoqQJ7zTMcI1fp9bJWrodamqmDZicNajAAC0sOVowfDEBhshxME22EdbyU4cxZ6r1AtkjqwrK9qYwkfv2Qg+thbCttjYceWV3YEAJhZnZdcBe5rFI9ybzgCVhfUOZ3ubz4mWnnlTcn0k9XqoYnxRLbxSxiWLx0R9qIQ0UIBJBKRWCiL2x1USThpELJQzdE5MMsc3ksX1Dts+1E7nuJ9GR3vn/Xt3Mg9+6TIqSugJPZoOAtFuDwW9MUgs6qmVb8Tr0Fhb1JJD6qKftH0X5lOl26VHrBiuyem2YjpCBVICFVkDSzGfN3Ow8Lp6XoELmHOqIQfbr/lif5gn7Q/iKKRpD6M8Lqj2bvG3gTHRD6esO8W8jXHYQ6ILYgiW43DDGvECTxxEj6L6c/1EGgJQkMbgaa61govBkopEQBJlTKLDyiVBaWj200lGHC2r+jQlisBIUkNSi5YVHtNZnIhyz1EEcZoygBIG1t01qyI6+l/6yr9M9DWilz6BgJLDHcyiA2g1tC1WhiRFsAZN1OiG0Ezpjk8jM0+XmrM3oHRnKr1OVrQraMASrMp+mvQpTClAA==</Value></TokenEntry></Values></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[16]"><TokenEntry><Name>SessionKey</Name><Value>V6Sv59yde2+MHZpRp4mhrqTctWTstPpCwCTHfXsICzJaRzXV03tCmx9kR38vOW7ojw1a+j56t+n3jHh5hocWTdlaWOW68gYbRLUhRlXvYUEPjVOAdtCUqKkq7RxdUGzlU1N9koGRFFFU1hGtunUbzY++kQgaEIOhTOjToaikiEXptMju0Tt/DmJQWTFIcN7QqpBpG93alU57e58ACqCRs/SesWSoJiINisSMBGE4yoTfPVVNGO7VunZU84ipUp7QvpzDklTN26+YP3cRXuCqN53vlcsLY9jZh2K14nH7U2YVQPGRUR4wSYHpv4V1vgA21fdj+UY2PDv3NwyTe6MEhQ==</Value></TokenEntry><TokenEntry><Name>BindingType</Name><Value>sKmz0DF1OEn50BxPP7rDbFfbRo8hfQvVjaoC7mU3YDU=</Value></TokenEntry><TokenEntry><Name>Binding</Name><Value>73B7Mr1OIfYNFv/FhN/z3kpNfqEsDoTjdLot9JZBUpj2ySsBP1W0uixgUjM321y2Ezhfe0JAK16OomAVi5QuEnxqjWepr8JqWfmBOIQCg6o=</Value></TokenEntry><TokenEntry><Name>ProductKey</Name><Value>KyfVtjp/JnORlK9BvqG3XDrUwOGEBSr6e8l1coa3Ve4=</Value></TokenEntry><TokenEntry><Name>ProductKeyType</Name><Value>sKmz0DF1OEn50BxPP7rDbNYtY90b/8YlyZ+lbyfmqjw=</Value></TokenEntry><TokenEntry><Name>ProductKeyActConfigId</Name><Value>OClASulsbenisG6+JNOFhCQBbIoBxA0nxZdVD5RdvQSQllQhf9RGWc9XJodCEa7e8sxg+sbqGwPJtGN+sMcQe2TONXtwvtmXaA4koHi1oDw=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.licenseCategory</Name><Value>RyoYVjtC2lYS20jDufBowKIGgXtunFeL3Cw2J+jKBUc=</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.licenseCategory</Name><Value>RyoYVjtC2lYS20jDufBowC7S3ZpT8DtffFco3VEPlec=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.sysprepAction</Name><Value>DDa5c/rq1BF0ZNflVj3jag==</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.sysprepAction</Name><Value>DDa5c/rq1BF0ZNflVj3jag==</Value></TokenEntry><TokenEntry><Name>ClientInformation</Name><Value>DeSqgobDa98t6uDU71t6kdcz9n+fTK2UOiB0QEnAw/xJgVmOMNblI8XZVqZYE8tdvSoPtMBFI3xITuXXhqDMtA==</Value></TokenEntry><TokenEntry><Name>ReferralInformation</Name><Value>3l7E0RNKu7rXm4cAHM8iIEhHQtwQaoMVZzggjrQ+IF5IG6gyyYEpfRLX75X+vQ4mxxv1pYpjrv2SxSxke8kZzw==</Value></TokenEntry><TokenEntry><Name>ClientSystemTime</Name><Value>4nsEYb0GZb0W6etrPnsh0WyK+UnpUcgllXLDM4mqSmk=</Value></TokenEntry><TokenEntry><Name>ClientSystemTimeUtc</Name><Value>4nsEYb0GZb0W6etrPnsh0WyK+UnpUcgllXLDM4mqSmk=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.secureStoreId</Name><Value>1zctgHmE0en5Ac4nJKIEsltosN/5FPl4j6ntR6U/AVI6BNT0FLMbNLinE+yddDbu</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.secureStoreId</Name><Value>1zctgHmE0en5Ac4nJKIEsltosN/5FPl4j6ntR6U/AVI6BNT0FLMbNLinE+yddDbu</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EE7, 09:57:04:891 - <NULL>)
00010003(0x80072EE7, 09:57:04:891)

Error: (09/04/2014 09:57:00 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: hr=0x80072EE79e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:57:00 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EE700010001(0x00000000, 09:57:00:406 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM)
00020001(0x00000000, 09:57:00:406)
00030001(0x00000000, 09:57:00:406 - https://activation.sls.microsoft.com)
00030002(0x00000000, 09:57:00:406 - 0)
00040001(0x00000000, 09:57:00:406 - https://activation.sls.microsoft.com)
00040002(0x00000000, 09:57:00:406 - 1, <NULL>, <NULL>, <NULL>)
00050002(0x80072F94, 09:57:00:422 - 0, 1)
00040006(0x00000001, 09:57:00:422 - 0, https://activation.sls.microsoft.com, <N/A>, <N/A>)
00020005(0x00000000, 09:57:00:422 - 0)
00020008(0x80072EE7, 09:57:00:422 - SOAPAction: "hxxp://microsoft.com/SL/ProductActivationService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>ProductActivation</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[1]"><TokenEntry><Name>PublishLicense</Name><Value>shK2gSw2wiM33Ckzsi6uVG9oZzGBUhLQtZqLOqtLSoUp3S3lYFsS9vQmvv/rCwukcTsoI3GmTDX7iYswLDjYvv7wmabQdZdUjNWBPL+CJHeaq2vJ2IPjrvGEtMMbR5OMF1ivDq5nl6zQk0Ud0e4BqNWkl1t9NEGnbJRiIIulSYSFG4kIAslK2nw92ly7DiJRTWCCjH/0xrdOcRggJVHWbd77o6HIxq+AMcATLwANv1GrEqeS/EYDFF1iO1ZvOeIT6A4GJL9CdjbY0O0c2XbN5ipySwK/6RmWwDe2zS5VleN5WLcg11ClQaqjI4YeJwf4ORNUn6DL77QRPJDjWbgUSeCo6wktOdr7mZlPPGTcawA7fm3+B69wZV8lvurzgf1YhF+XY+MPHnVmjW5SrfNQqNXjrPXKpAa2WDxh/XXfQw4WFxlVGlAztCCZ1AVuVt/JtrtMwcYvn1VAQ9Itqn+TZLo54xCl83TdioW1jj1amGZKDsq/jhoPbErmYowdmegl3LdbpFArUrHdbeWZxlTmlMJUQGote6cJisDI5nY0lwtLbOZodp1Q8yX9TE4ynqgkGJ8tPBV2/TZBrIS+jbWt6s6sJ0JktGfQUnRznuIkNIhd9AkOyyxxkIyo/HQIvh+XHBaPcrmj+KApmcpFiAHpiDytzL35jsEHazntV42MTy60RM3OdnhSgYO+D8jXTxhlfVU98cm15B35Lh6/ix0TDFkxZUahUAs8H2Ey8814FSebB2tJIEuiFPSmpNV4+3+I9NQRrzPtPAwiaoMXvhbUQE6OaefQtQsJ1ngzRlCRszcgbty8ySlIRGSmLQHn9iQMc7j9kiNwXA20JTaEeoymX0M28w2OVW4gQDRf7DbJ8Zbb6M08u/Zrs2mChUIUXD/Ubm/BwE1NpLj/berI8bru51wWSWCBqpy/QDMuHaAsC8tJxWormMaYCc8Mm7Z6x/AQcjuML8Ph2bxZlzw2mJaz0nvBJTMZpav0JwvwR6qsKUUmlNdVa4jsQyr0B56MWg1YT/vyzkM9B/1KItSBK+kKZOqzoh7LtkIs4JNY+2lVDnIcza6EO2tf7zPR34QANYu/fQzBjtECCkCt0UaJ/EpcIp+z1Np7v9C927UXdKNBxnlQvW8BgsBbzf3bdQWQ/Ls6SrLlpI42h9Gx6y0363yDm8KG5GwLJjk7Z6n0PBGfjxpBx6wTURMp8g+/LSiqLlcEq7l6br4IBQgIczjyEa2ss5dRafCWK0wETdTc3MmnpGGlAeTHMF4UEBf95x8buAAroalawMBvEquLLNGVaaSfYG71Dvnt7QwUsn/7Ix5mkgr6TXBJ2cmmpbMkApCgxBIaRIsFwMzaOLFpaxllhdV5bTLmd3gLs4v2NeLtjzld+0/LwSG3Y7OjRpa8Jn6u+hENosryZ7hlp8juxh8INEfO+TKQDGBOoGD2PE/yiXz6HHpc8e12mWaIfMd+gAXvO2OI+TIljGIJywQXttuqVj9aVAU5/AzP3moCSkhHi9c8atIK7S5eC3gJIot1n2infZLQFl1Sy7IqcCFWhUQq/ZZ4nDG25PAakCRwUFwcu/7P7hjXJEt1Ly1JCiWJnoUtDoRzNz+lR3HsQvUJbGNvZnOArF8hfgRWnjTAyodTZAQgpnuzjezy5ASGj8w93zdcBS9NRe2eCRa7ETvxOH7sO6Wy0o/8L04gl07M7a41gkIS+JsuUuYfIzs/PE0oGJ7b59mwGfi9ZZgdRHcg1DJhWUaRCAkYmxTOnlrmT2i8nbutrq/b0Jkx5fPDYOUDR+y0u2QUOQFwjNwKza1bWSvtei6AJCETN3zR0RKy0IWcGQj9JBqSm8VGU0fe/FckuXEqHoxPxvxAkyTvBmH88m0r8J8NzSnfnwrA4zs8Nj3/QKq4+t2vPEXORs3LsU5A998SRnUK3ao0XeSd877/TUpe+pEvLe5GYkOX6DZCdfkND5DPWAJM/OuuOPWz7IRUKF90g1acRYuEZRKyW+hJKNAuG067/Bfd/2BGyZVdmsZ1QmGlbksLGsj8Id3a4GQJaiASDZaKyFCC58hOOl459xJP1bb7GcxN349pzvPli7VoLtW3U73lPu80caFZw5ogO/addEyVXaO4T38UmMu9me3nhECo5dWy/I9mV/Zwzdzmy1OfyqEfv/0lh7SOKt212QiqwbpGc06t2WcaXjQYMMk4IqMMzJsOGrRuW4xsj7o2h/BnzMH97D4RFAlV2QOQSTVbD6r5rVw1pP1Ksj+TD9IvVCHnJNQaPPcnoSvTEtA6hHlErphkfHzgnCEEzlcq3aQVckK0R3wON2mjkdrxM83prg25gb2ZXolgW8JSC2nFJBn2KcmIBJwNyNXdk+jBCNKzMieKgRQHMyU+VKI70+4ZralbiDWPBfsxfYL1iT6u9hLMCbC1Rm0/TnPVe0jchKnRDAR9Yh4aDyI9F1SU2rm+Sr9GtEicGvBSQFmUNGd2TIKSEsLAqg39XTnIKporEtUeLkMtsB3YHMHuMVfEYuwj01wf+fJjDm0ESkS0qCXRgftQRKP729acB3x/f7/DnWs3vj1nDp30m5xbE3PF81V6jRGcWNkpHsUlxLzq7qW4VIPTHATM+/foJP3zn8czu+Kh+KxFNFTWg0eJXlpiHq79c99LaUKfIxCv6FG1vNF9ZmkttZMM6ci7W5k8kTFvvRinqqcky8RC/O+GAaXYBduXuwfXyYdqYv3uqiqPSSxkrAcoL4mQMbYDRcLDo3nh9H2xvdzod6eElYfJ7vyR7LL83FhZeflbIDSXapDtHPkBk1GlPp+rd96yq3RsQCzN8sBd3uKR9241bJk4yxqG4KViv5adQBhcaaY81YkK35NeSzEBwrYI8UCCwrBmdPzRTUqtDKKrGUPpSmzdaYIzxlY3IztO72qncuV0LtokJ35ci2rEJCDsVYyDYyZ14xYLRzHZnS77JTvnA510juVl60fLNHcxXEToPFTHNcRjHoFM/EjKc03JIg4NgVyCoYxGlcQDeB+SWEK3vQeytaMdQyQROawU2GM2i4elz/PUDngTelDRxmT0QICgvI7M+a5KobkP3bA4NcwvrGQFBybCgC1rX6I0qh2rnfhNIXYndIk1MeWvDQ44C4/JS3clJuGK3UbDZiCsaBkmPx1jdir/PL61PegFBqm4Wu85CvmiIkebxTpJzZQRD8GX1FQm+CN4hVsb/TtXlqOBBVCMBrtf4/dc/pCnBRZAlXxxcGooJK40/OZKMLxRRrsXBllGZlcxANNezrnQ5sv4+h9YudhXZ0Z5zkdsfWi2I44daHnHsOlsWZiE4M5USdrT8v0h++bZsky7jR61zzpF1cwlIlpBf1Pz+Ni6e+0UBCV0vcDy03zcl1ywK+tg+98xxeCmuwy1EP0t9WX207BS2NZYC7HG8MkMWJCmm+jdg+JBe50MFPGXyKxlN4Wik0GCESWUww5d80lX2dKXJ7oAfTvQpa/+lSnHBGhQMhmyt65GNPX272wKWyMWis3mXJymtayoWUSHmosdXNP12sZnzibwuX7jqdNc53PxEbt7rCAxOvUCiYSWiDRphFruKe2YvZtg+uMXxBqm4IhWB4CeizmbJuHhkDICh9tN/51IDfccOyi/3xZm5kC04s9S0mb7UVJ6Vrykdcfukf8Q4FHF6wAUpg6a5xjuayJ9D0PAeaFp93o/Mr12mSAECP4mPPaDMvXQszPeFk7YxmeaPvQVxtMvimbjxXAyQvug6het12WJ7TVFA8xYsu3524Pw9S6dvoBLyZdt3w6hAMd09Y7oGOkqRlw7HBU8zb/XVKd5otnlbzQhAotxJ6lspFBYm/he9Rc3w1AmHcWFPU1MS/im0KOSEO7IY/7EWUH2LOgicfOQLsk4Tr9sEzkhs44S2aKWlWHqda/Vdpueg/daveDJwB76dz7VNFMwNSO/INhL1R3HxK/7nKE3WeGZyiXpzOeL6l0loiZdmwrQpWqzIYAPHZfUFpVRlOSNOvB6Ah844B05cWDOMnBl+/QQKDAdCsIdeACzerApcmV/i/2FCG1y0Vndh8pLhEtC5/A7VdK4ew6EDOHBZEOQLrqSv1j6ireyICDy+fPItMnB9cME5OuPsdVvxVFsXOoNIvZLuTkLFdNcDICH2vZJy9wf7WsHuaqZmGZ5lE0nNrzeOm9YaERKESddrrPHMysAnhlzhMUcZ98NjmaBJQzKtjfhTC9/EkpfGcKCN7zP6Y414WNanPbgRxyjcX7KQ0K06GQ9FbMM9rt8v0cRpecbDmvZ+9Ct43ul6u1Mgc564PTem0IpIDwUVlFuzu5+s5dWqxog5XnVRpOkLiYBy6b1nO36SEeJlPKc9/MbX4oNIzpbHQG5vGdLmZf5Ma0SPS7K7Gt0/IvYPnfBLnZGCduiES1JS5+XlxojinI2KFGg5kQCaFPykMRCjARFa27Gcuwu/V+LePSyapK3mIWjQgEsT1bmTaBixo+c16QLgtWQZny+mmr2L/EC0p4WQ/Fl+3j2cu9lfOCGofxsx3e6zTSnn2viAmSmta+6LvIJEliDyEIaClzpdERL1fDUZOswIw3rjc9EOZH2BWOmaCwLrlYlfzPIMe7tLsu2QZ472jJGo+IPZqXZtG0OgMTDbgYiefOhNkSMPBIA0zb75+X+z2DXwQeChzC9RlTbORhhbmKvzwA3LkT4h5kVKbANHu7zREcBzmMr4w0b5bamq9m27xHYG10FFfD1rgCW7jhAgXQWpYY3MWrdqF+z0H2PFK4QcjH/aelHESpsWe85MV+H+VYWsVjHao2hnTT6kXPeLCV4VD7wJffDV93eBBmxxXD4eDln+VBjLwgL+NRtD0VLI/kH3kJaOALe2tOVWQzdtwXqK83M66sVWfqF+y0Llze6j0t4iNAABurWlcSIn+3En1iN5HMnX60KsrK8f1Cesw9KXT3OykQ3VZ3MCusZyUoHvaL3+ATezsQBOZWE/sQ007RffKCB9EqtQQBKbWzwO/2uaaUXKYYLysuwC+X+Co9JCHV/bIwCpamuwv/hpuyL7dY2Y9vlNEjxX4Va93Ark8S/shJUA26GEuMil955dLwhc05rJzsHoCr0h+sQOCoObqrb7gCrbP0I7nAjQ2YSO0HzOc2gg/jFlmcUjQZHtS35qw/psPUtPQjPRlJihAmEsB3wR0VJAK2vISzhhSNtP1pKhSivN5RbtFuIkYZtBURR2Zrbhag6+OqMSHKAt1UjsR7kAFMtNsFXdN44zdn5iMpJRwBYJ8e0h3wDnuM63zKHJl2ZEdSMk7pFrA2/5EeqtjKLMmFHC5RvLaB2C082x+dkZfaFNZmmg5BoHbqldR5CcKr3nijkWWnlbTyH1iau3G9OiLSbUwTGd1vygYgpW6BKLhV0ep4QA+vZFjya3GYgCZTCmB2R2sy1L1+0gan2HUU4ZYD6lP8imjBDLz55Uz0PLHqLaUTI9P9PvBfSIMN5GF7hioa/skcZYH+TAceDoGXjX+OItxI8CdPPQa7RQ2NxdY6Q18/lpgt+95ruSmDFxI+MiPtDZ7UKcNiCUg3jhz4/J5FYFeoDIMjkYJQj7BmeUEp5/wkTshxv4XSSFnI3TUaj7cS05o2r5EShP2V6xy428eK17r94Z04JrtQpe5TsXx2hTRR8yIDT5qxG/BNfPvshyogAyVhXy7/cjE4XsUEdgGy2pLTGStGjfNI5Xi95Bp84aU8pRtTI/1MRbr3fkK8bOiOtPixGEXeS5XRiuBD+1HSFDP+D8nrRPo5DuAxXeiTkg+xaYnMuwdtUc6TkI8xL6AOVTzgm4KGiK5mttqZdXQkT7IbexGOsA/GK9IDaOVrvnjzr9D5gGiSBXG4voRtJR+lmdF0tgMXAOypLZlludQrcsPBCWSGiDuhVhc2Xy9n96SVrLfDfaGzt+2IAdYM56aDtCNw+tDxTKueciX7RrkfzwdU6/SN0gNfItxu+RFkWYIxCtG4Cr1Hc97KIt4Qy6KeGiGmf7rxNEVo98doSpiJZtUHnN+YIX21a75kgA5gqHzaV/1bywbk8WJQneqpZbYKjQGvJ6HWr5fzH5cJrHxLUqMPY6p7Xe9MNPq//rBYillu7ZY3UUXMqDJ7a8SEZBwLNQgRVsFD7tM9S5+Wo7gkUTEMA7nAUe9vW4jS0uN4Px3H/agFT7sLueO7w5KTKi4713CS6Qhtwtx+BZnZ4QPlVHA0jo8YFqewE0wADs0VhFqXoh6grIB/XFxucuxp7pCfH00v6T+hwfdzMXMscgVGvkKoGJ4fyHfWeSlXQfI9S4sU6mZXjoYwwdXziBF6rew9hzXyOUFxu1Me/LG5RAYfBgHDM2MrFPRwK+PZC96magboRmc3NZ7Zp8SmFav4h/OKa0eRvHmNsSTAk4s6m0+/zhn5Ms21/661V0wKq9KEsYpM7XWzSg7WxJpWBTZzxto+bpab7Y7u5eJAe+1BWnHN7ZY+r6WV/ViIhvM2TgNrSrIJh+x7m757PfF/fPrE75WRSdcbwxedTksckDOfQYfciNqz66OsEem7zGyNv0NIFVqr4C1GwGcNV99TRiaGMHrl5m4rfGwFNlXS2D+KjFC8WhSyVirPdVCOHzzqbIqLgHw5PHzo9Z3bK5SQM8gh4k0JPvNOF8KK4kr2Hk4G6Cqepcd7qJ6AJMr1VFWhAsM9g/OKu49w/PdLeylYnXf7Rfx+PiqyyuC/3e4pu5fYXTMDQFKT9b8/ULtRC9wishJo46btuM8a1NarMa7xBBqmyzAd9tbROW/TH+WBatwITfILNdBbePccu/cMqkGTY7LgTNvu10kOSKtckaT0aT6tMaaa2JqfdAKiEXmyog04Dg29cNEQKRkhVkH8Y70p/6fEgxeqz0cIuv0wUJQn1CtChWxlmUDYlNmos5oY94wmzhpTqNKKrogiPPGZz0JvupyEdcw27ZeEckyCYNpPKBXWg2U/3MX177f/Ounu28sIUJYDsYjagYkdap4HR5P0yJrr6qqlmPK3TDJg8xiwQfECStHbFsPLVFPzbZ7IZvGD72h7q/yI932U/R3pMlc+bzoBvuoOX/VJtvUMEtxFpAxyfb1z9vBWnI8Z+G5toeo8hSoUBxmsWNNhTpiGTj64430D5Z38eSEyWmpGYoZi9x6LKBWh85SbGmf/zG0CdhqcdZYA02+K7BmpsN7orW6xvTDdQUae0j2caR7J3FbjoyljUmC+iBwxJmhiNndHxQJQt+CpP1asGs6QMitZuUeS7hG/5G7p62mbJNMF6TW4XWMU9BZjm/2nP0E6hjrjRyt6I7xtsvF/rQYFvXekYuW9LqNaa6lCvIGhpgbj7Aec9xqem3I/zixIKEzyTT4yzpZW2xLsZ9V8dE21uZZmvx7ZCEffXiqQVOvZjlDTTh2GX57gWItojQdL7mvmcd2E7gC3IJYBfnDFp0APat5UhjiJfVK9AokNVWV51/fESvoIE1+DiMAOhnvfpYhYdluFd6GgP2x2WnCJoaQtR6q9QphWqqSDZlz/RIqI1t5a1JzgutuUGxTmALR3NF+m9gaD8qxZryHUBcaDE/ouIpLf0ptRspHgts1PpAgTZ2EPMsJFkdSrN+mdpOwcvjG4rZQ0luRhqM21PgvsrUk9dN7090ShI/QdnXWaFtYVv9gshg+Cb7UNGZn5J07gnA7G8MIZjaIsCQEU5ECV5b2wYkOxEsNLBZjBn3ChI5vGp8FxBAMV2vuUGCwxi7jUFTzyJThZidjkvmMAMSo6pB7MTTKhUWRYUY4rFn1CKzgLw4l1bTkCxfxhzXVUNWm/nZAV56FTHljcyTDCWlISUXRZQsxnRwIZ2B4Lq2iZMh3/hbLsE/DHH6mY4WGq+4FRkHar8b/eWqqlTEkRzLYv4SutmEDVg7rsqZPL0vUquFnPUrQopm4HQbS4/qb8kXrmvZx1gjOLUshbXN3r9pPE20XsHTHl31ABcjpspWtBiG1FIyd9DIrs4ZRaAFUvBBMiLrtWRFM4SIB1GWkMzMh1uSnJZn8HtV83X3bUaX1p8NFrSJ2RZzXs3BjEFNl31LFy5PQB2iXnDVbDG1NQc4tfP+IUNVAO+4iXg1CzN42mSqXe9rgxhxL/jUoECY4T8DuU7p6BwMIve9w4Rnh016oyNpPiM1bZCRRCj4FG8GGc10TxVlrX549o9OHHDDIld06Tiqk3joUhCHCncnRzWe15dQnPdLG0lOX2dx4bfr17JiD2B3/4ka80WRh8kM7yfzliJv8ATj/tkIFdB5fcP4VHW+7Wf+/9Oo9xYnpedcVtSc5az6qEQfNJ8/vzu+iUllMHxfP7ZcC0wVtON5DpwlX2VFQpWer/y8lasn69LFQRdbMspJXYmdWMnNvbdw03jOKIeXeoBuGMXWG3IV7qZoeP9Ea5+kj/skLapS/723NueXGfGNYkBmNhvBRCNnoAs8dd7TUJhEprA1iHh1bzbgoRlP3f3usYSeOCQU8lLRQpigG+0ZuefcQTNyCaIP+uVkZWYlz3OEuGCUKy9rdpTWVvXUL4tx8LDAUgywhjY4GoUGYTdPeQ9Lv0gdKjenXa2ObqRmicoLFG4KRGu8fM/M9fopjQgxrVURExcB4YNKUH4ifD9mIuT4xuMXJYwE7LsP6rny78voHXZZUASyGrIVzxb1+k0Dt+3YNW48MJLOI/W3lQ8uOFAsuLnOq8xoLJn5p9wA9peq3ArfjSjKAIGqYUzcKWn5Bxx1yUHX3xvL5WYMO4JTK4+6LHm0ZxBaFLmjghqRIhDPChlvXoaHgsbsFSUVJLe7DXR1W/mfN0LrDOVSHbFlJon+PSinPMPNsZi/kn5ErKQCCtEUI3gmIrv0WFn3Ns+Ylq1E1OHY7lPvskHQmqErrCyETrlheF0r/oqiQMVMI75ISRI9QbU4M93qOPoJW2mm1z8kymSRY/v/76C8R7vpbsJjisZ8v3WFO1EEcLWlmW+Lu+uSkh6kzkXjiScSbKr2zgATM9+DKcUfJ9MMaUhI1wmpRMe0hL39hf/4tzykjTYtc2Jd/AS/Y3knAKH8suVEbTWNA+WavT8DwmhcFnNpBi8dsdTFxkpe3EgrhMMoyjYxE8qVcRTQXbnEKKXVK9OGJNGnVp1R9t9gO1cMBoWVNsu73JOMKzzUa4OAKMZTqd8eBzyJfeSpRJ1qSIy/twWujxulodF0x1SmNqxtsY4JlmKV/UVYTTCnEZdF9Evv6dU/3ZmzQczdUQHeopCTsI6Xt26A9rK6j9u343YJoUqnNKZN3lpeRNXX5j8Gz/ycMCfZH7buuEb+jLs8fymA5Vd03DyTlbeT9Yq2hf+HDTG3aif4U96gCJH5RWFHCMJ/wh/B2zy6hSw1lX7E6offijNgAId4AsFFJWowJxNo35nnbSQICYZ/I/TVqPSWJ2MCdXhWlKeIYcQ1kusPeF/zu0r3JxL2vAP/jLNx2VkPBdCRcgl03SVbVIAiorg6NG6s9QYRw7LtfSCEvP/FkboTUvD4HihzUkIfh97qUfpNTN/PacDQPIDcgQetUVlolLqeNs2ChUKxVuG3gr/uTUQsMY9ACfXz4ksm4kfoKkfZuzFS6F/6lkymYNHjoojwEvWTXStyp/e3wBKdfgYRnG3+Anvf9RpxA2z9SiPLxBM+HvHJgOHQayBFcird0xZGhCgEk12F6mgq3wqUEEr5kA62YXVtBoWMAgutjoibsCxpAuisKVcHR0mjDXjg5yqWHbWZAGAwwuEPlxlq71Ok7GCIJKaWyLPDcwvZUixvGpXuJrKqP1gh57yHmOsmzWmEEDKOw8qqi+R+QZvsyp/+P4Owd1k34Zto2aJAFTMhNe52AQIyR3xF+6iP4D7ENYiugHW81Jx/oZUKb0hgWVgCp/PH23FQiKPsgZVzhFNXzpqpKKc/eqfRKd6CL0Vnd2M/hXYwV34hYAPOqOZ79ZglrMe6SzZ5fwd92EBcay4lfUgNd1ApESNtxnF9wTiHPLzhiOaQmfFWL+BFFOAk3+HgIEmBiLunq3AgUxJ37r8yrtA/DhIpkiLuFRrvruMHcUzDq5IWD7Ufkjq1bsSm9NxHPVoDhEp/7LH2GaCmL6yv63YtVwGdrglyKzJcDCSEuu3UOlxQK1DzEbAYcD1DyTYmFgqKwGAsh2jMoUlLaYkEpbMURboTYM3D1LSj/7rjk5LrHCbiBwgW7AmtpK3D1/qB6gyRx8dnRmrSHHrvaPXXuQ1vpEVe75v/e/283b9uqCAKHauCHd58/D7qDy5jb4qCOLYxnYqMArAy68P4kCuERYoNk/IESE+ZhIW7UiuiWkisY7spBJZ4xrosT/LuJPcER+Xw7us91a/L3V5IESXt6cT0wUdlB2F5MAXo/dNsoIbRJYpK6jPMTRq65OAjl3pPGwBg8vUbrLJBpL7bupG01AvfsECWzggLtehiXTSMUhCd6BXSTSn0T9LZF9mukbL9TVB16CzeNnyFACJLMkNkYWH7cr75hFpdgIZX9+M65kzV+0qGTqPjbEYtwYjDT52YZajEnn9Bl25SwsjYS3zfGK+CLPbL5UbmtoP7B1Xg0YNPMUk4LjJAGZqc1Akp/RWPPnB4ziSYe1x10JX/hFQUDAP63SztDPVnOSXKK41VUiwmD6He8WD0rXgo9ZzSwV9olGPA7GhcmRzkTrq3uH0OBRhS/zULi2prwiFxQOYpb7KKnNrkmD8UhinB/8yLoQerY+TR9qcYD+2e8Sln8Ogxx1A3qIK3u/lOWpneYmc1KtBdoYU7RzNjH5XWAfnEAeq9FYAkRq9bXLUTrZKanlwgyo0jjfMCtVYkjg4hnjdTPyXY1q12mM3bkMeejzB8jwPidcbP+tZHT3Wdhl9OTkK5XJqGlvmeA0/DiZTuMBzQm+dc0MHWWiPhjUSC0IguotW97CUPAApBJMPmhiAPG6IQhb/PCGlZ1uL2MuGHMtsJFhehvKBcH7dZ2xKja26ZOYwu4jFOnKn7mY30DwK9aVR+nBCLfEPietJRjJGwNv6yjF2Cj68KkX6QC1Pxq4iwixIDbNTwEX0ZPeAt/QHbze8YpCQ831M+OqDQEqZ8S7XqaD7OyUX/U4zcmZIPDdltqnPtcs9xt2YeXC0k/qmJpvbccabitSFHVUWdAg16UOledvA3s48cUOfUkouCbyN37XMeBa1hPD01TXr6GkLU8Fl50FsNEQoh8U3yq+tVhJAT9WdbsqlmZyvAL+TiiacpR42aKgGF771FFKteD0ennRBqvB41cgzar44YAp6PN2dbAqJ0hD3fPhTU78BSQ33BZV9ew4c1A50qaswBwL89OhnUvp3rLyttdnOayXFRezDwML4W2GZXsRgc0PSHBTpV6Z+2Lwk86hb8GVEVeb2xwvVwhynSHynzw1t3Rr8cuVtUN+srgmvXW1k7xb99Lm8QGQEmyvMB9f02uFOP8bn245wM9zseOa0Q/e/ff+f79g64FTu0U04le+xyZY50PFmqFTGnz0TeIKHxK68eMcqEkzQcAmi3jRxVlpEc61aQAAuIppPuOYluQEJ7K1OKfMQ+xS2T7AgnHLpIHWJTPxexGnIO0qor7V59EocoDyXhx/ROB6QjkorsYFiwb70EyNXM75MoHr+ZBTLRpgFJMISD1xt7vZu3uQb9oYoSlyHc4rFkpUA2vDNDg5GPpCJJ95LlGpQSbPcXuXqPvscl0rLITwtYk1tTg1Pb6h3l4lqqoknCGy/DSj8efl6JRruDIZ+RpKGnt2raKMB1YMgTWRkM4rvcTASeaKFz/mJcnSMEIZd2xxa0mYZNCMOxqULJ8FosrOPjy0GdNokXpjC0Nu+Zaq7wyp4MPvQhODVkaejjlXf9Q8IReoZNS2EwzRyZKfVSX/rtUrdxSjr9aZ5FKlwspGiX14OEqXNCFLpxGjQPdx4G0KCibspS0zfRRBzTC48JmC/RARnLmjOen+mr9rHkSMYr7hvmZYysXAgST6Fu1fUDhsPOu67grlcCizGApZkkwbm3n0qlFVmwY8UAtCdO5Su7lsTwz4Gj9pbQ1xf1WhVxiHFc+o1YgGak1iyFiwsrQTBciFomXiH/ABC8VjJ3MVbhPZ2rlU6+qvb9kkJ4d5lD6lSekEtiNgD2oHrtPjdtdh3dDjTlgLogR6hPhd3o+7dLEQ30tZ9Yw+Wc5sJN0jo5Xa46qtiXALBS4ase7WlXIBQVizBdqpqdbW8MTlG8tC/ZiQHHSx5kXkY3M9hSJq68CZf3nI31xG/uH/xgVW+iLm2+uvJHWNxk50oz6YKlFOADs0Lt7+fkTvt2OrN1z/B6QqpT64kRWMtCA9htbv6WP5ILGDjuOkUfvkMhwTJWnR1u7ntFj/Hnob/Aj6Gx4uIEleH9BZruh6Lm3Xt0aWRQ/sNE/RNIpMsUT7CC2KjsgVzTINe6ZMvIOToKfv5BUC6H5iX2yPG6XreBuCh5kp5/qaUyE9WBjnVy0DAvvRmcuanm+G7ti7qRlXk5xo43K0cdpkjF/qHeVZvv+gi6HnmRI3H0W5SsQOozV0d01pcL6ZIr1SxVM4Pm5DvkMx/tWd53LR9ViHUGSqIE3n4HVgtxDqRCRw9zPIJsfMt/hhsnqOaiuvz86x5/vGnN4RwGJlUsAr78KDqWt6Y3pCyWkQE1bCI0TIQRXmEWYkS7WZSmZHQDYifr56YSDPOkzjrAQUe64OjWXHL57fjUFl7xWSivwz4WyyrXaNBVwQ8ftLdjktuBrJXoV7AYoaYZlTaxJN+e8ZqrcPiURYelURvBQM48/wwbzaBCpJKMDk/JPAI2aecjbsCuwODOjpyQBlzqEEKpitPLdT0tJ7KbB67js4vUNB+zVoD1ow3ICiwjhfTSgBQ6gUC4f1AENdzm9Mf5bvQ9E2jM8/IhYZ5W4RFJM4P+mMNy1j9Ac6RH/NhWV0rqlEJp2OFIt+CfyRk5W8hHjRI9H1Bz7kIVIYDyL5GCFl5SVKxWLnUoXoLxzxqOI3ot2pVckgUyl9LBtoR6F3yAJR5keOL1Q9foaFu1Rhtau1hGFdSIK3gjuJSMpcVRThTcjL/V+kHG/r+8Fm5V4OHL5n5qSTsZOujiay6RIFE4IxWroSrGPOayt8R6SVP68NJnDdJjAgU/pIonMrrztSXjDGrloAYRknrMhH0OSalYNRmjUeZkpsf+5Ozja19sgJhqZ318nFoc0d8VAdHAepWFourpiYe7hOYcsZjPqnBjVHMST0W6BSnFZOJ8tJDo1lNlCe1xQbRIlzaZxUVpNZs3a7Lu9uLWhW24hs5W5XS34R0gddfbHYXFjlelsgHuZJtPFfUfDBIzNAD2n5fXIST16TPlibLT/RcA2akrPqd8G5WelCzfRm26XMHjVNUFit7FS//ttcQZQ4VxzaLcP/T0lEyyfpLwQLbPoEh3fg35f7nBtNdt6hzZAUy5BgzROJIyAWn/8Rxke6zCNcEYsZ3EQ02m/pOjXlEL91PGeWCKU5ngKVI6IBk63lGSn3AtHaVdJXA+3cqUYzqVEqJ2BlpprIZ87/liWOWTWp4eyfA/oWKhvBcVYiPRsIcyvkcaW32QIFNZSzre/HIfl78TKtkLleZOxy0OGO+bqImCYWG/tnGxf48XFlg1Z5PqPngVK7dlGF0hhOhk3JmrhmrBNCSz8FLVPpcSBmv7R4vJ8h7hsQug9hi09CiiinyQCiOZJkUqum+1d+9/InmrEOKKyvMLQgT/MAaZ5Hu34QMtLagtmAP06AQf7Zfc3SEF3qYNd0flkLPmC3Squw8z1u+hFUjrn7inkDTxFwBdhrpw9qaeqVryqU6a+/8q/pm6hyCMk7ZiZa9qg85Znrup7OtpNJvn9n/OAKNGKAqFTwhkPLwmPPG5L9Fbg1lvoeYAtXYG+is2ClcBZ67arFj8GbgtxSqMPKUcOFAl84mzCubKOxTpA7ppZWrHA5Z9E6macpOna3vVQopSCVkXhWlUAmABLSKCrdTLKc8l8xtSjhm4XyAoaXID/Wgz/Hv3RBAhe//Z92gTUIDg5HUzFknkblMT8t5gyFTtMaj27DJpshZwR43ibzG4QOQ/OiexcjNlCrbtCiHU/+el0TZSaCOmH45uXXhID7KvxcPf2hTm/2pc41aBwcrBGLqBczuiMEjBUza4rvvpgq2FdaKywodhRT5n9LFkiimVl8n1mzN34vKlgqOKBM8qJOnIRAhQiulWVGcmQhZ8gaCYTWV4JY4rZ8tjS7MO0JaOD1Iv7X1dt72Zx13zNbsIDzNrxddASXJu1A4QttD/To/BsrVrHxCqjoSEX4XXZGux0Ir2KImyJbv8JQvEiA8gNnjFrLHnviQIrUyXNRt6Hf0ah3PI1u2DuOOZbIGBds453mGEA==</Value></TokenEntry></Values></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[16]"><TokenEntry><Name>SessionKey</Name><Value>KR9Er1jA4BAeKs9C255NTr/FJUfLOxoDrLDwJmfb99waW1k0BI8reZk4bSdGDWr8hCscDOmkHO7nhbbrK3nIa9Iz1kevO3MlUNFfrA2wbZPUfkt0sXmX87TD0TkMWXxGL59oUi7JQJ3LYopPKdR4V4lzLupyOd4kTOhGYIgi+eo/cLNmYxZd1P+taIIwXCw24lFoLRw2rpuDvOT+bgZG6bOQpeRvvyFNvhiStYvzv5XoUtYUEmcQ7EwxIJFiKG++dG5SEErst2RVaHcTu/MmKEZUCmzWPp/Uh3WMlLUU5olnHYr1TSojcQNss1NkkwFbrhnjwVL96cb3nDG0iyqB/g==</Value></TokenEntry><TokenEntry><Name>BindingType</Name><Value>13u6H3HvHjk2ns2LY8H4UEVpHNobB2y2FQ9Zz2em3UY=</Value></TokenEntry><TokenEntry><Name>Binding</Name><Value>Q9uWKEYF2sCIbVMKmaQXQZo2OtFPDCbfiYe+JP2tY8ZHTiX0WC/ZXEqf4P50plpbwOdymAekNpj9LRtJNfBS+zsv9Caa07Jc4tPu/i0RokQ=</Value></TokenEntry><TokenEntry><Name>ProductKey</Name><Value>EI+wvYpt5HiFUqwvAmvS5elV7+iZ3uEQ26OUFJ0t2D8=</Value></TokenEntry><TokenEntry><Name>ProductKeyType</Name><Value>13u6H3HvHjk2ns2LY8H4UD2LMN+QYJH9GHFKZIR7BwY=</Value></TokenEntry><TokenEntry><Name>ProductKeyActConfigId</Name><Value>BILYSXaHywJpNZKV94qowy9U55+hZn5CCYwhlPiIh833OyKG3Vomlrzmfetwj9mtpeLseJJntEqRUiFcNeGwDUCe3TwNqTzh1sH+6AL8bSM=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.licenseCategory</Name><Value>C9HpS5CPgKkesZdkHqd5HgQdpLINg3H2E/0jxSpJBms=</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.licenseCategory</Name><Value>C9HpS5CPgKkesZdkHqd5Hnw2Nn77NRNRk2yOMRVj9Ok=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.sysprepAction</Name><Value>Pv2a67ufjFY2fiz8o56wLQ==</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.sysprepAction</Name><Value>Pv2a67ufjFY2fiz8o56wLQ==</Value></TokenEntry><TokenEntry><Name>ClientInformation</Name><Value>WF2gkntz8rjjp2jCnL06KmfJhEvKbdKuEm9D/fgY7r13Mo44BdUx3JveMqZrzWeTc+P0/TE0OkPDfr+vJwWeLQ==</Value></TokenEntry><TokenEntry><Name>ReferralInformation</Name><Value>3sEaJD3/d2Lp7G0CKkvXpIU4Do5w94PDXyv6pSuRvetoXT9wv/3KwoLz72lE/GCaAghkjUgSOYwtHRtYPMuh3A==</Value></TokenEntry><TokenEntry><Name>ClientSystemTime</Name><Value>gGVYMnxi8fIumaH0pROuIu4gYMyx9uFH86+VVi58d8A=</Value></TokenEntry><TokenEntry><Name>ClientSystemTimeUtc</Name><Value>gGVYMnxi8fIumaH0pROuIu4gYMyx9uFH86+VVi58d8A=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.secureStoreId</Name><Value>j3MVrTTLQaoiGk4q0C8SfUEsCTvGlJcW6w7nYjK0sQ8Xd54sDfMEghBtqM/AMy9y</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.secureStoreId</Name><Value>j3MVrTTLQaoiGk4q0C8SfUEsCTvGlJcW6w7nYjK0sQ8Xd54sDfMEghBtqM/AMy9y</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EE7, 09:57:00:422 - <NULL>)
00010003(0x80072EE7, 09:57:00:422)

Error: (09/04/2014 09:56:55 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: hr=0x80072EE79e4b231b-3e45-41f4-967f-c914f178b6ac

Error: (09/04/2014 09:56:55 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EE700010001(0x00000000, 09:56:55:968 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM)
00020001(0x00000000, 09:56:55:968)
00030001(0x00000000, 09:56:55:968 - https://activation.sls.microsoft.com)
00030002(0x00000000, 09:56:55:968 - 0)
00040001(0x00000000, 09:56:55:968 - https://activation.sls.microsoft.com)
00040002(0x00000000, 09:56:55:968 - 1, <NULL>, <NULL>, <NULL>)
00050002(0x80072F94, 09:56:55:968 - 0, 1)
00040006(0x00000001, 09:56:55:968 - 0, https://activation.sls.microsoft.com, <N/A>, <N/A>)
00020005(0x00000000, 09:56:55:968 - 0)
00020008(0x80072EE7, 09:56:55:968 - SOAPAction: "hxxp://microsoft.com/SL/ProductActivationService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>ProductActivation</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[1]"><TokenEntry><Name>PublishLicense</Name><Value>zg1AHNwfYYX8cLc5GKq0HLKH5tizcEXZM6mX3BBmXfTkh8aetEvL0LrIEnlkV7xAFGl00XYsVuiIcD75hJ5msa6p59AglHz15xG1z6jF/yTMZTUvLaqdOlNAkvJbwsImZ1Kwl+/YlabmqB93wDq6oZExtN4OkMTcNitSbcMm9Kj3ZaJtM10mQ31p0yyBVxUCVYLJpuGEzKg7WddY7nKpba9XXkqJ3kWKXIuZ+MAqf+uub/GW9X86DR3WgMJvxhxChpIbkUrsQ0R19GSMB8hnVNCT1g0CojSTxWkJjr1s66apLSnf6MQmySIwVclsINJupfEI2J1ojaGTYByd4orfRX11fGdzGtuUAw6fVUhC6fJBarQ6DiEt4lbKfh33ouCelgvgdMf9JvLsg4eMih5D0yEOjPXzr6fNe4HA3jpBiyn2CHPprcheswy7VzpYmYMWUqX33DMqGdHnAxgEpdV6Ik5fM7r2dTOhd/bChlXYYWFPhZc55MDthWQzxjAw88FQrHER0whgkkcMhKgqxzzqviWWdmJYcXhaoeU3xVP4u9LFhYShrWHd0FwnHzukU5n615gjZHGYLngZkjXcwrX5rpSp8eAi1yW9JUM1AFFYfVWetzQc76Bimt/7RR5kMlDuYKTTsjhciqGKSoNtDLNKZMS8PWZLHwAcMEevPBNASKMNQpBrTVXAzSfJinBNRDMeEQmsTb2OqIb0UG0KFNvUeBy0VRcWx5asM/cFuiP1MvSJNad6Io8Dixuo/FijIK7XYcJRAPgjgr+6dfEfPmddV+zKHhAjBo7RPZnNAuMzdS88nl4wedwrX5gDd/TPxZLhEkevT7Fb13AMG/2cqAtvQPCibQIQbFlLH5egEhSnHrAuLTBp6WaKaj6O3HHRybCLUCgtIMJp//+q1F0DYxjMmxtESbci4RFIj3CIo4+j8+9zg4bsAoxdcjId4+mqUeXZjIOTbleLyUai1wGah9UiUBG0JZhloB8DzH0G6jujnzE0u2AIVv7rbxFZCOwVFhvZbKq7lDd0IpO7y0uVk0AT4iW2kwOfGI4MSHYJ3MJkfT1FMIsrUclQfKSDGMbguk47YP2BYKwwhWftxnwywepoLW6YlAevTXLEOv4Fb/tDZrvp4bvtHb4kGEEJ8Wnk2cfKczOfPoYhMC2FfQuAGdddZbUEM48FxOIqYcVsyTz/3s+tcayAogRos+mZYH1Th1tpHXlxpEB3A/T6HbgXZuoiVkut1pE8p+HuZWRLr9yLM4jJLNa2ie7kd31lRAAk2q13m5t5lHLM0m+96DHN01qG+9rjayGCjK4iZgK0Qf/uQ0z1B9I4E1hxTLP9+PDALbqKwihUyXuMNTcePcVn0m8dYpsFo76rX1RynhnyxUs1EJuVm4GW9xqZqwmuvQ48DuEWwXgjpDFNZJNXrmmuZflnah07Rq/NGrwvN0V2IP1OvVtfA5S005JC1KSMP8om5umVWvVPDXpde4kABm8cr7qDhT+Dwc5qzOIvhdW3R2IGCNv2Q4yRzAQSdgxBlbYnEIepQOdGykQUaQAnHDVzAvqAFlu7oVid3VICl595kRq/PikFLV3d5sOS/d/ZogYUDGdiYO8gFmPFC5s7/Rf46DAtje5NHfbrY0Qr7U4gcCza56xgDG9U3UICNmNBonfgk9MnZ5UIGFmG0Hjs1PVEtm847UZ/jtDpuJaO0CmcUrc3g3xuXpQcFXclBmlqJZBUAuBERSIcXNfA8Kq+ivvj0dtV9p9UzoqgiE5rwF8U43prOpISUOl0DGzALXxAWABxEV+90tK3zFLMku3U5dmbblMk0v7UuZJFwxGiQyo3awGhqa6hP7Bs8r4lAki3TSmUQpzUZ+8BvMtNKk5MCJISM/iN3tAsitPj7jHQkIw96eJjJtjVH/h2eGlO2PBvEM7A5Fz/3Gv7nH8bQ2LN5ZCNE/nmDz9xUh0rWpzmyOH+3dLZA6stRcj3wnfGKQj6wiON3CYpr4n52ydpAaqNQ/g5L98q1q8VbMr0SY+ZVS47iXP7odC1kCxKW7aeNpEYWmSwbfa06/tAvIPFBofooSCcqF8qACD6oy0Wl/Usb6TXdJIiYDyxiuFRBmpcupqK4rb/jwNha7RGG8ZCFEBXfIjqDnbHxTlBX5aXaBRSGXgFtNbLtqoENMJld5QQ9ifYVskmIX+JugACl/DuYt6qIDoEVn1xwbu6l06PZk4oiaAbKOcbPhkAIduU0LVf5441y9HjetcWJ2d+1rATnz4gyVSo0gqZIuT+DwnyX7NXXZUBox53JGIaq3re5yjFxEL9frEMCMC6yYgnueB3NelXqfVi/MkcxHuDBDfKa6ZPtFkrH6Sl37nVl5rHc9Z3hEr6J/S4LrwAxfDFLi15EJAKmFrZsei8Eh5IB0g261JUMZqjnw4UcyaudWQ7dskGFiDk4snCnafTKdv4kAfQdL5Q5wN/ZvmG0C2XkgwlpBNYMaUZ8SbiqvnkTEhOL18ielvGfNv+8FQDzF4hRexDypcPEYir3L8ugeupP142xg7C8tcWLQ3zi8YlpsDFBsSv7qV16hlRWNwFMTk6DJiftqss+qjNnvq1P/wBmNNdWmiCQDJwoBy8ibuUSLHLix/cWpZlZisv8PY2yKVXSuXXopcGBVppmF71ZH4IMloctOO/65kecR5sJ5Js0j+P2AodFso+ZeFvjyHkgCMc0H4ZmbIijWbumxObAdriDhfhjOxH/giZSD67gcJayR8ZmeCemlCts/LTq065yH4QO3ILIzSkYEf9KdxL9ePDwgV0ui6+uADsRRsPbNqS4SGwVArqEZVJAZ8UslML2Y6X5FRlJNDswKz2UlrMfQjY+RYHCKJ3QtW+OEaiNdwxBX85jd4UnLFbCBqTkowwvrHZPN/v7XWQP60ZThydCrx8u8p/0CRrnVsXSGmDEPF2Aj/wYWIPQtkU7MuDQibO0KHPPYWIihjzbfyt+kPTsM8u/M8aymEAujGAvhbYr53pkdmqYWUnG1mLDoqDY2j4j3xIK0SVbPbb2+qyntF3eHjoBw7vZXF+KelR06s5oZuiMts+ZF8lD9bWzDtNWv5IRCPSULporISU4RoWkk61RGIHvK6bQ0+fktUPEg4mEwJc2RksSfzoIhRiaSAgAp+ugrIp9Nl9qrq58FuHVZp+pUh0ByHDSMVLfKk2fkXYueTyVJZ34rbG2w3dBVVtSoulux/Eijs1L9JTSEqUiqDhPn81EPQvs0fvEB37I1/uyMa5qAZzQ9jXkWXWukdFMXbVJ9KEoXvssxZy+oI/ubyiV5c4A5p4c2pBRXaI4zGr1EMDiZ6nOZ2zdK4p2Sv+diBtTYamh8evMEwWnc/LNnugzd9Ap7MXiAO04Oh8KZnO0Wzr25HmLBgaUoNMVSgQy0AfIgNgGb/ij+Hsc0B/ToOrRkFDfGSJPd2tiSsnmvzOxwlFxIJz8lgwvKpUxwMn092yDQYqI0QM/XLo/Fi7OIaNOMUWefu1F4N4Gyy2n47Mm0XLHS4fvvBctH2L2tgci4oruF9IkwUx1pKvOknomUP9cG/yamogwwl80N6FRB/nauEiSbyzvAub4g1EYEY/fAMRGIJtepp5e+HtKS7Q6RIHSslCW/rl3Qmqfn8Ga0BONnQYFC+cTvqnVUOspIxnprsbjDs+C55oBQ966LCtsf4xElQT4QM+9mlZcMHVKmVpND+1prNWRORFpd/GyeDcdL08cfiStedCd5X1GTAI+ZuHe3XicF9P+DsBGLib/GBUHmVcL5Bkl78FZWSAyctiuvXXJUkLRuGZhhNTI2YOmY6j/kNYR6UqlPk53LqVCARQrNOIBSk2XF1hG3Fc1sjEdjMDzFpquJYusHpbj5vIlerJ26cf/wNnnWVcT5Hk71kvqfDU4HdEPDDYJzE2o8hsZ6at4UTtRQ+6dI1pOI7EhPVq6J4c50AUpxEJqqlUJe39rqFUI3Yof2TMgzhBxqWUi2S0C/GtKxkt19dDjUC7dEOcJTMGoOa7OV/zERRc4a+tBcAcdTOUA2Fmd3D9tGn1KSGWLgPufJKUS7mujt/8LYZfpAA2jCBvTJogIknrv3bw1GbBbVTl9wpRSywevUyrWvlKwQFxjGf3ScujAYO3QgWV9C2ABbcZ7v67cL0+rcLhr39SpnAdsgozwLR4RcydDdCdIsvmU+Afm27vj+r+WVzB24hgWcyO9M9GVfx9dABrcovLliYxpGeB6jL7OhkWJ7cDKwAzpGXCM9MnE53ILIk8pVnfwoGxir6RQCJStyIwli/SBREEgcQVUUBKLDTTW7BwslFbY+CQgDmPs53JWf9IUdNQzs80iiuTsBcJbWWEBFj1AYvKvtZncbcxU8IKxgUIR17rZXwoQK2maUZy4Yzeh15uIXBbCSugBB22DSK1blFiw5hs685+ahOmD+RO5iNz9tfpnOvH5hWH16Ap09mLfL905nUhwE6RNFuEDZMtOmylZO2KWSVt8KpZXFR2OriOSsX9MXWJicUwg5fFyjUjV+3sQA0b8xxgwoMPHEAFgK6kgKEXwM0LRNZKGsDe8wYuZJspJhXUn1G5IOVztRSTu6AcrTiuqrHEJ+XlZLndZd/RmPo6Y4RLR+8Ht9MryhD80jxI1FZ+9Th4i4OC0soLvxSAC8cW6IZVyUycduPmhV9FwKWE6207LJ1pYTiCaA4uxk1Yjym9AZZebQKm+YIrI1N6N4JLyyFzYaulueHEouvxMaksq/FIeAWZMRJGs4bIUqoEhIJYqxUyJXdo0f2BpGJblQiceP1c/WL6AtnKVlNF/Kia60LCS0XS1DQpIzfoMnZYO3xzkeOxxuIVH+cfywmEGchKsVn1Lk+l/pJFdaEHMYHE+cOYf23VEEKk4spp0V37mOvt0XLTpiyqDNvjlJIStk+rPhkbCJat8JicpPGx9etgbf+lCiZwISJHuIlD+5t/YUWT5qV1GwbgSDgTaFMGa5X8jp6tHGA/FMk33F77zbxCiCzLxOyYI2ZRNm889k6mhsl0xZT219qGolbHtARpbP0d5CaVHQRJFY4OYN3DFuaFFUuhXIM3QxZsIHu08CTNWSkmq76ef7/t2FUS2fQgA5c3+QemO9J0Cx0qhd1mNatj3i1MAOuMqOaw+bzynqGWnbZ81pcrkmZa9sKwrKfUR9Hk/R06QfFT8qtQD/8ABfQSA+p+pSDGaMMjH/yumDSI/ibEwiRnbsVPahUbIhDSEz260EZbd2FcR1gvWH3gTdGhOjCSfqo332/9f2AhsEjvprBx9UPF6ZZT7prRa6CWyuDhQXS5aUWpj93HYiy2/qnNvF9rlRbR5gzDaebkfIUN7k4n7mS1KonZugDVdiwBb109o19S2jB1rDpkxY1vOBGOk9+JZ9orMC0UBL2j5r2vZnYG0+yznP9EIXZYqvOpmlwYKT0roYR8HTzqNsrz0p3MoxkUDrrIDsRfjdoZqmYzdsBhprPICqDpQ1XHVo3x7qruvSmOsiqrN6CRExdDnfiUzl8/hHjNKLSfTMysKHc8wU2LOZ6hekWhUoJIfWoQAgX+pDdTcXDrcr3q6NWYS3Heujur8tRHl7HsF+whod1nQQWf0C77PY0IIxHJj2ejxfepjfk8AIhRanGuJ6TlyxPsLfux9++A6mdDv1HWdO2CEHt8I6ufHFqm7uDQ8CDtSMtQgmB1VIkCCcy4or9tGrMb1ILpDmhWQOST9IdGZO+Zo8eGRUfR+GX3avF7rEvMcgnhfWum6cQ8xdV5jvTLM9SnG0ZdXpRnhtwmM7etp34gIYIOa5ao8GEyyZcgoLKxTgYRwbmzeGE82lMkJL8Yd0ha8nkIYUUr8OmMDfy8mOAXmPPiel12cQTjXyBq0R0VTY+UYZI7NyM5nkNcAU4EmN3+ptPowJG7x5TmDjILcX9wejMt9tPXnDU04ZUSZf7RVi80BvCYrloprP7wXJinELvml/6h65fWLfMJKU5kMB6K004zRhTPwE5gn02G2KLaj6xu8Fg4/RRqrlCmT0pLDWolb8HqI5kn/wa0TRHc8pB2sDi9/hFHcqetl4th887XaUX0Ytw2KGPzQy7l7sHSZIaFIS55rXzSPfWpRF6Q5cPPQZGby7J3CfrhlhEg53k2jj4t1kAQr1pRe0rS2VzNEbqs0FZQQ3v0P67bDS+7utZITy4OgsEJPrMDkLmHgkWkt44h6/nTLD9WWTNwgTqq6Mt0lyZ+w4PYPknoSESha0r6AzaC/0oqe9YIWj156jLRVxiNdKa3LHvZor3nJf5ozcjlWW1B+e+VXzggHhKHKg3eYRupG9zS/Dvv8209rQfCR8jxYPSWCrQHwch/BmsEUyFUpYCsVMxpFKSsfG6qrafll/no3NK2JaD0cgscSuImYTh/GVIT4GkvhYx+RwYh8FzqhWOdS+ji8JIXrdPc6eXyqut+82x9Be78xE2H6sY7Q6AIX8JSkWX0HQpHSuyyJcAPBoNMwUYgp9RvaB4kIH1KbZTJY/tL4EHUL08hwRJCuya7HIPcgvxI+2jLIGiaK7aD25frulx7j0BtfzCl9CV2mfyiLKBUKTf7sjafs1X83szajy8snjPU7Fbrgko2ocZT98SiYdv6wxqkCwZC5e3bVWqEZOwRz1BDaEXCmOCKn2nQgJ0BMbPDboRy5sen32Zgx2rripk1WQLqCM7PAk71uMIvVU2QR7620tRjvjLLUpdfvt78YWXTvqclbDLGC14qwiz3bkkMOaZWdO0bviKVv0p2WFwLvDPDUwqKErPY2PAHdTSyIGiE0ME4RAg0f6yDCylEQ8N4JQnnCGrkDv3lbfB6Ab3GZrgnZbRtxsB/YwyTutc000PhgaK5BN7IrNtCzP2IBosSZKFPsSU/BCR/IksSK0303FIsru1HSj//DI6H6Qu7DVMbHjFUcPUPon0hfcjM7fmvNjunzvQdv6nv1iPkKEPLnoYmU2bAzRASlAc7lCy0ZGBugvmPhCdvP+RWB7lsANa2430SxWdiTV9WXyvNLAhRJCYzROtVAc6qhZrgskDfOC6p5hOWw/0SZr/QqXkwalaQTUVx0XeJIMvMe9u88otafx0d9sFBCyL7rF+/MaqDWE3Jpl5ldNwlrdWkBJeR263sz1VQLZqRPi3faQ9FacKIJLsm2w+6eD75+eIXNwDVjBtvmc5tWo9XcMjIxY5CtjPBDfP4e4kNEY8ADFJaFn5i9rWBKGOyccML3yhYBSvL7CbZ0Erdq24GajHSn8B/joxbknL6n6IYo99f7oerDmQp19N7x09hIypMllFFOoPltspbVTwFlLh5iXKMePXe2afe/ZP9N828EQQ4ayvHybLEOHiThFoUaBI13v6zEmQ0Bt1ulUxRJevkYEr1gBDbEI1/gxPQfk99AbxH0exLlcRz4vqWhkaXRazcM0MBwwjxXBM4LITBNXjhamI+MWTq5cIqoTFRUQp1LtOMWNF6s9+gWWl76YM6XlLyKqs4TMS1lUq88NlYdm0iRpMvrgIgyXKuLZV/i3YVqhlS32Owli5NeywuhMmp/b8+3H6i50sLqeUVV0Zg8OymWXlTLVzhWfcmVkXHYgbLnk2TpYu8IqQOzoKuvFEKJ58oQaxvPk0pnPeVRkLPKFYfVMch7RMWS9g6guqMtFSC22Bf5ItLWz9WEIXHz1avoLIfxFYD66p5VBe7brX7fSRCtjt6CvEH4OtMTZ3uyymXzF3IqzildXmpjLBk0YoA7lzzHqIDgNBv3eKjJe8yi+QQxer44+zulF2z3xL4u8YsO7nQUVb4WCyYEt+6qSSI1TBzIDsWTO0jjbk1ccJn8SEfd0H3rXylAiheGwXWjq6GE/bWEL/XyPuqoZKKkSQIzHJkA0YbgbJg3VyLJP2n97PT8yJQ6XkhMJ6RSYJYLfMXEiFLGczUoOIiOVUnoVeX6HaPuth+f6qV70vqVNAoP3lIdNOBfQks+3pmiddn7VIpkaZcpVs2HEdP8sdlqeRwyQQIXaNGzxHIE+Ci8TlBMK+jy0WSe6WxkVZJovQGf/I/FNQk+oKOleypGd41g5Redp53Lgx0c/d8a5P6saWtFB95i9PQP2oWn95AxaTcyz1LiB3bqQlkVhZrpF2kCE+knzP/1VX60LyTCNkpN20V7KisU0fA8xqSvCStoKDRZVSyQFSigrmUkUpIF53LYgUcaUs1H+EALWW2agxrPNoIuVXuMCArbJ5ZwGH3UeXXrUjF0NXACIf/C9ThoBcAPn48ER7aGjuBDIEc/C2uYOdSBTNvhmrn6oD5inIFBp/8wPIqIqTnuNIntXMsKZBlrmnww3dcU4k5J70N67hwOSoopp13N57RyPLo8LUGdTsZOdv/ND7DJ/7Q7fTZigYK19tuYh3RUZgj9Yp6a4wzu6GtCbNT5IL/BbvxGTPxRHtSYM/NxwOtUjNM6+aXFY5sAd56SgBd47QVlpr2OaWohFP/mIM5j/jUVdbOvWY+V8XHvMuRAkeqgvvg78DBP43M9jlZK4xAw2zBaUBBmp2xVHuiCgXkqUtrApJQJJWwwdLV9xeXmXHUyjhcJKp6OxyjzTGT3096lqKq54jFQI1FX/i32A5wGmdTDxyFSGlvtjoeAFsFhpCdSoyoVVohQKbh76mIeSU3p5X4cEhChiT2mdUld+RaqFuVvR373a3DqpGNfx1LcuvQ41UUB3fiycuT8RyW5T67SZCDtE0eAcUGq0zGlc+rHxGyBaotJBA2xgsHPYOLXqYHDaYKF2s8mJZH62u1qYdarCu2S3hsLur/hRGluudPDwK+054JQAtReEjylPqatxzke52B3Om9jt6xCXfdUFbxvs8vMfIIUCawQiFxOXByNt3cUJezPhT0cGCBN2L2LF01mTbNLnBSN14rVl5B/c7JbE5UQv+KbBNUTPBYZZrKAGQaoo0EioXIDzhILJY14kKWJ7/o2S+w7Iht5ZeaTZOAETX+OPnM3G2EC3breKJhUJ6uUFpgtDwf9mBMIYJTTz6q9w/2fwf+5dwVlyNmW35AKIO8r+k2x6+iQw+FZNj383NFm0+q8g1W17obR3Otu2Eba65t+NN0wwCQ2YoOtyttqfuG8MTthCTRTTf+Qz9mamsTqfPWUmb1WvDJ32EQM6BI5Y4WPihnC9XnB/d0ubF1eipERVI8H5f7jZhbq79Vm0GzNl3A5QpBQuIiFO7dVYyl9+3ZojFE9CypioVuI+C5AiiE4C9YJPJw/qApu+YR06rEwp+eEg7GIOrOx8AfMvRArZQwhijB6YEPfXoNYjbvhSAQQmHd3b9rS50Inj9vo/tskdquFpxyDjugW4tQO5e9lD5/fJtTmKWPnOueHLQBYutYgrbUOgzE5ahFBIHmZcP+E3cts1LF2tmRSDaOON2bzFIc0c6ZGdxmrIsaS8xclpaDAkueSdtZsb3zpcR3VeTCl430zcKHQBtRXpI3zlW8Nj/H04/u78xptJWSmxcvW+qK8K061Z1FCEth6WTbHD1FrlzWOTwh3Xe551Sbeo8rLS5EtWagEKA5DYOxdfBAljqIk4bfjOCdeGZDfUVHyYdy8sLQgkTj3E8mX3OIH7VqagXITeZ+2ImvhQlKp1sfi/J1M1NZ/OboyamDRV1vJNwj4cBxtgliAzRFNah5sSrfDDSff7IYzLf/Pl5zovs7h7RzlMn0gMZEGg4rgELfLDqR94nnp9aW7BDjDb2e06OYRn5S00I5kF9YqRGsvpGj5RcnERWLFynRqx0Z9oOfXgUw3Zpehh0XyMB4ameLkTUcKebUiMXbAiEl/8DyUAJ87BmHcOwzBDWqhMEsXeZpJJD4IydiqSfXUZLtRS/e/QS5mae6811FVDdAJiwbYXDf3uGW7iH48sav7Oa53B6dWLuygE4UdWjjzPZK/F7xD/ikNuzwVZW/7A67HLOQDytCuP5mO+Ux/ew8K2FSwoxwgb+EtmtGCBRtodKgJXPub/wbjPT0KVtEhSRQgFVbP1cRnU9YMvlMMhr7VqW6EO0aG2UnjHzNiaVzSi0i+E5reKSFLvTWs1gSymd8hkO/om4ei8F0HCMURn58LnTtI6k0QGQEMBqbzEN5Rgh5xRPKUR1dCiZtXZ+B17sUL8hf0kHBo/Dzjapln4LbOykyJibvZ29KwNBCh9fbO5KH1jS6q/hpIIRYHLq8MzuYif0MXV/H2jwOJevBQMJT+rK8Zxd054DMZlPRizPmJq3CYLYDFodZBrAunynpriXA8dduBWrY7m0TV26ZQQp8Xmvsnugk1AySGqoX9ySCYXBxKVMeh3rrgydRrTrx9sBOE+6GVdVTKVedL82i1Xahky6BsTaIaxqhGtjLEJseqv5wo3ic1TbXOPocOY5/pu3wv3qq+rFaW5foAY1xm3dGaIs5PlNDUK4SMbuOgbetfRaFLtBtTOPV4aVOVqm5GsDhim9CSeYwqMaO2oeNMwMD5v/MnSqcw8Wbc/AS2FyMlUeI7/MICP9S04jYq7lIOElfskg9e+WdRuar7+uOQb3OKJ/O1zLIINJYMHzmfLBp83qYkyucS5S4FUg+jRfNd2GAk693Vnr9ebbLBNDO9Es4SvhQCQP1zqrEa9KQ4DfOHPb2sgV94MOvG0Gylb4XOpb7s9youB3QAsjurRKztjhDgvRkKSPRw/0iBDtacs5c4ZITAuNMkQjLiKhFBtoz8sTO1agRLMoJZrt8E3WzpVKSc8IQ4wQPdI4v0XlawMRszlvAyMQVFq8kSlr+P5gtOrj71c2LqyqdJMPzHmFWg1bnzI1iQH7rdEDq2rnQ6fDQTSRxYosO9BCTxiavXtISaYTGqVRfGWtBNWhUGbOYWF/Se7kv8s73oWuVO9QZMvMfXAhubLPhSwUi2e2MhObcRWM87hgocB89SwbLIoeymFMTLwj3SfbrPS/ofZoRshsID63ZMRMhTZ2r+sIps34/pQOECfUwCUQGe6G3vtyWKrNN2H6NbfIcfIKxueF8UgvFH6PA9nxGVwELQ+yum6+6Kp/ssAYHSXuJDVTt6F7xTls0fV447GCAcbIlCcQb1dUYmjNZRV17akkLJhnsGHYSKU/89+hjsgHaz6VXXLEjCpTT9C6Z1RRvm6NxJYJRWPmZD56eh97jj1oSkdBrFCqqRYANSMkKebeKAiEw3bBTKUXygS9WMHzAMPjPtK6i2ILVjBIFh9MYYMNfIhIow4qpC9SFFtNFv5BvSJB3XLcIKbOgr0FdnX0BwqADRgb3BHNQ6fU8nzwAdTlRMeukCOw0Pczu/BcXourQVy6GUPs6QttN8jkQEoqDzXWV0anKyonurqcWgrhuNUvJCk3Mrt6JNEtNW1925Q6xSJsCQ6elRe4GPtcbooaHNM8quN8hgFxhYQlRskPGo68eOjiytVXzKUCGIgfAixl2m7EWFGdrT/Ter+AclKM25nfQXVEbIgS+p+a5X+UEWwUZ8zAU4tytZmJjtwy7kXZCrGurmKxiY0neSp2L5H09O/r28aJE/68/bu5BIGL4r3eZp5NeFk36IWZR4o+PU9dFpaSMYTlmQ85+KXdcoS58O5fI09ItLglkP49+RITQkeM6vleufJWI+alBuUsQL3wsD3BLkcgTfAmISGNUolW5vEuBG++JFJvlGkRXRdZtwst+B9TT7PWGeoMn9aJxKmaHTTnr0BTsKfbwZOndGmr/7S/O4qIRD7KD+Cgen0n2hwZnU3i17V3uRzEtxKTEtFsLkYHwQOsJ6NvwJlSBxqYgH+SgS74D+OmRuvr1oy0dMDWAjYoOqmcH2x2jxhHcCc3kcG3Dfcsa7DJyKIKtliBH0Z71t5moY8x34CYj6OXOWUSnGInvMPWzKvbG6woVu5WjozFqjuQHwVj01i9UomxMvGUG7PrMjEWiEJzddF/n5z4Fj0ZGwrWxCKNhpL08FeNJ3h18LYzc2/8KNzaJd5YJYdz9uZkJUSgNyW7hB/XYkzc/pJ2U8h80X/7qbmOubl4qbQiJ9HlsE2bgKILif1QTD0pc0Xy1qWiEqhRu+eKx6dIEvKYp4PaKhbyFxGTtIJ2u2yrQocz1bhjG/x2XUcV1hPQ6S1y8kCWD41a50Bn5d28MyDF5EKRa3N9O+uflXtDbP5neDiQQujrrYwz7EkYOt4zo0FszQOebYLamI+s6vzNhaNymVt5ck7R+nDpKR0hCmZjY0BzH64vtXOyvtDVvdQ081DWuf+LdfeR1Uhv7x0xP2sJd4jU3vzX9ocZnVR9firVXgj2E5cw/y0SEOrtOqIktcpMcBN+vaxWhvdwBr8ftUnLWJgVyHDu883M4M6FhsmAw/lSxglBqMuktjDjdM8MLUIqZB2gM9LneyWNPFpH9XteNWurtGokoRGN6MSD35XYSxRAF9GWSM2o0QI1GJyqKECUbTpEaTo/3P6/94q5u6k6VEEcRbA4tBNTt4mpPqXlRHq9GkLWic4vtGb7jjxDgp1N1zung4wf6u51uBDPSmQLet9cI5DiTbjNOaMKvR9dld+C5yQze4a3p/W4t3+wEk8NwUqwMhL7BLSCDvg9tFs4MyAoad+KvvfavG3ZBWUIEwl3op7w2GWylMjl6+MN4DBwRX+hW3x6HbrJBG6Z2cpkW6tcUVTLT15GZfvqvtL0pDZocA/rE44y+tybzvwS1+DYaq7SVsUyY/lbjjXQ62N9xew33r16ayGFICitpHbozP0LP2YPd9sqhPgwxfz6NkhpETeJ3/Dv2A5Oht8bYfTWgNPN+CboQZJEYR0erQYpgc9oAD+PnycquLchkyHiCjD2R8s0O+zdsnMG7x7WB8l0TklnWSbLyyVrfk4pqU0hJKSkFjPs6pFAy3/ah6vGXEPl+U/s8qmDBRBMquWG0pygLaXZ7Lg2cXYHaBHcJjtPm8M77QFHeuqx77oZGJQ3WD0IeiMYeMLhJZ9J68wnvRoJpLv9tkZMFMfYBCoAgrzuIghYCEDKzHtvwVrwj+m4BRY7W3NNHlkDqIayASrcQbyiDDad857zaPpPYjOFn6AInxsL/xU60yg0Vxp05ZfLM5bgNQ/XOUYDlQ2UOQl7iqYE1Z/Uhg1Feq6hfazB83p/U8oWTMJ6BeyEPkGOQconMG7ByJUL1rwgbotT7lUpzZnM9/K+dOkgovZmd18IjhkGN5YJwZpbPiIl2agBX+mBwmG5oo8Ns8VQ0h5OUcPnAipPSy+TUQX07Ldt2Sa9XSiMha8KUWBY9vADm1A+lNslWSW2QYPYpv7mDqeLP2/yNB6YUlKdE9DN5IVDVJBeSTUW+S4ED6FHjKqbqglNCz3XaCVW/LsUi3gY5SZ9CWAjAjXj0l3cCdpbdNN8hzAnaL4U4vJWAshGUDANdG0/6jNODMlGTcUnRfxXclSewDJQ5Bp0hucOVcRzVnZv3kVfDaEMudluKPtPel/lDCznVOrWJPp1/SQCzpDPzt1toaCc4Cqa0HzRToGVZtS1w6q6/t8b/wcVi4Hq3CsunOryN3d+CfPSXQE+5zpmIPVZg2PxSnR5oKSj39b682v+h/SDl0oi+MM0L2WXgXEOpk1ZNthaYuziMQRBN1XoFBAYAVsehXnAffTM9pTaVR4jhpjjKGHH6eqyiMrNYiXUNwtBi0Y0o7x+afDZ4FhCwuQHzEO6xw0prcbNljvkys48zj6oxjUnFElKYmJXCZ3c4p38WHLt3CTmUA7cc33ADUUnxMtfj73ZzV+mZRanDKRBxuDVBbG/AWxDSytD99HDxz+T74tealY1zYSw3R2KL7nxk6VdwBRkTLScufUy+o5DYqdFIGbKG3F90KfCFbMKe5t5WQsM0e00aD+Khn4iGM0s8RPpQ01EVegUkGEn5wTS8xj2V/L0cIw8G7yCwwgSty+hlzCFtGmj19sxX7HLKtxhxOgSfagpQ7XWtcwm1ZktjmHSWm3jZR8Zf9w5VxqP/pOpARJZggBrGkUC2sDqO1nxaL+hnppP0XL2bqkKz2ZADto65rYXhBPuyzMBmBozlyl9aO56meLTzOrVqfFX+IElPtTf3bkagmlIyIC/eCCjpQgc823X6rGhRhEMh7hAyJIfzM3HozPVjRO+bmy2d5ivAjF1ymQ8UL69PIM0bWLDaJgRk7Wam5Kk3iSC6XexnsqbF2u8LvxWkWVJlZn3v4RF46NFLL8hYpPNCqSLye0mfXu2xlLITLWPU3FrQ1lvVEk9k6WLSznu0oLgHjTeATA0r1rz9Y2epUrw6DWrOt/szxCuCDY7bIGb/r0Sy8fOgNvdMekaGHlPIo3NG4BxrShBiah7HMLa9YfuQ5eHFDoXi1F+Ap7w9CkgQwoxSbgKtD4K1KhZGjtZKEtCw86LgB1C8+2KjyKKVF79C/8r3Kss6hQ==</Value></TokenEntry></Values></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[16]"><TokenEntry><Name>SessionKey</Name><Value>ZBLm4CcgxCcIeE2nOgs3kASBAPFiPQ6p2nl+jAEODqGv+j67+BBDF9KGjqBAXI/Y9KOMUh67EedHhdY2oxWOvTNnfYR9kBtZhGpchwvQ0FOo5av4E7uOjVkKdHyIpDYlOG5nTa/kWucKe6u5NwJ4b5+js9Mq6RMCNHLcbM8D+t/8WDDzZ9MhlJwxYcLHB2+G/QmZnZOdinAMuXhCrRxZPReN0kdhor2nhn3ZC23EwdVyHQLs2CNoSn7DDy+Ik3qKoFzv2lffGW27m5q1toz+ExvFnspYPbKsmT9YhR1D1g7AJe7ND4QJiBjdjIoV9xXGj1/2wS0fHipR3XNRwN/g/Q==</Value></TokenEntry><TokenEntry><Name>BindingType</Name><Value>S72/K64AEA0bWZdE4zqrenhR+vewvECXtwhlFy/IVAI=</Value></TokenEntry><TokenEntry><Name>Binding</Name><Value>wNGsbL15zptAqXSFAIpRhZnqxCtjwUylPcOQ+CW4E0XxG3ZU10cWDTOfoqPniAiHilmZp7tQTc30R604l+y7jDgRFqLeIaYTnRZ7TaR4lEk=</Value></TokenEntry><TokenEntry><Name>ProductKey</Name><Value>7z9ePsnGfT/Ule3PND5FFu0e8PRHL7IkEweRbQoZjh8=</Value></TokenEntry><TokenEntry><Name>ProductKeyType</Name><Value>S72/K64AEA0bWZdE4zqretqjHloxe0T2AV82mF1ISLM=</Value></TokenEntry><TokenEntry><Name>ProductKeyActConfigId</Name><Value>Y418wIjzTM6KhM1CGtWYu9V2sUFdctBRuKrCSsBYao4nAntlHzsgX5GzEGtD50/GOUMI53/jis3oDgFsQfGYDgTLQ9vpJeZJW48u8z8Hq4Q=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.licenseCategory</Name><Value>MpHNGhctKhECA0bPD7LCdRMdLQ6WeXhiUec1+WlN5EU=</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.licenseCategory</Name><Value>MpHNGhctKhECA0bPD7LCdaoGuwnh9Gnbl4OkBLJbdkY=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.sysprepAction</Name><Value>t8xlnFKnkjtckTnK+tAnwQ==</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.sysprepAction</Name><Value>t8xlnFKnkjtckTnK+tAnwQ==</Value></TokenEntry><TokenEntry><Name>ClientInformation</Name><Value>a2a2j4bNof+9CSwT/rw36ci0gia2tIcI3oiZqK2dNUvm2gO4g1YxevYqcIfXoIX2QSDbkKbFTLtQo2PzfJNFrg==</Value></TokenEntry><TokenEntry><Name>ReferralInformation</Name><Value>jcGDs1FY8eTJFZPXPtV6QKJj7g5wX5tZnuiod4pBVsG3NQSlctvVQtteSVsjDgl7P8GDfKCuJhItaj5BM+DKfw==</Value></TokenEntry><TokenEntry><Name>ClientSystemTime</Name><Value>eRFxUGDB+eOSTBZmNxhZo6ebmwit9Zmj+MG3Gp7bmCE=</Value></TokenEntry><TokenEntry><Name>ClientSystemTimeUtc</Name><Value>eRFxUGDB+eOSTBZmNxhZo6ebmwit9Zmj+MG3Gp7bmCE=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.secureStoreId</Name><Value>jsPWdwrwEmDz7dXSmJ0FjzmC+hkvm9KBlgM3r3PzHe3uN11Rzvfz1OwkhjtQm7e6</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.secureStoreId</Name><Value>jsPWdwrwEmDz7dXSmJ0FjzmC+hkvm9KBlgM3r3PzHe3uN11Rzvfz1OwkhjtQm7e6</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EE7, 09:56:55:968 - <NULL>)
00010003(0x80072EE7, 09:56:55:968)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 21%
Total physical RAM: 8081.85 MB
Available physical RAM: 6326.71 MB
Total Pagefile: 9297.85 MB
Available Pagefile: 7640.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (TI30992100A) (Fixed) (Total:585.98 GB) (Free:301.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 11.2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Alt 04.09.2014, 22:43   #5
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Gmer.txt:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-04 10:36:36
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000048 Intel___ rev.1.0. 596.17GB
Running: Gmer-19357.exe; Driver: C:\Users\Markus\AppData\Local\Temp\kwdoypow.sys


---- User code sections - GMER 2.1 ----

.text    C:\windows\system32\WLANExt.exe[1344] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                     000007f9d562177a 4 bytes [62, D5, F9, 07]
.text    C:\windows\system32\WLANExt.exe[1344] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                     000007f9d5621782 4 bytes [62, D5, F9, 07]
.text    C:\windows\system32\WLANExt.exe[1344] C:\windows\system32\MSIMG32.dll!GradientFill + 690                                                                                                                               000007f9cd9e1532 4 bytes [9E, CD, F9, 07]
.text    C:\windows\system32\WLANExt.exe[1344] C:\windows\system32\MSIMG32.dll!GradientFill + 698                                                                                                                               000007f9cd9e153a 4 bytes [9E, CD, F9, 07]
.text    C:\windows\system32\WLANExt.exe[1344] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246                                                                                                                             000007f9cd9e165a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1836] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                    000007f9cd9e1532 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1836] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                    000007f9cd9e153a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1836] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                  000007f9cd9e165a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1836] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                          000007f9d562177a 4 bytes [62, D5, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1836] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                          000007f9d5621782 4 bytes [62, D5, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1836] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742                                                                                                                        000007f9cc281b32 4 bytes [28, CC, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1836] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750                                                                                                                        000007f9cc281b3a 4 bytes [28, CC, F9, 07]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2064] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                      000007f9d562177a 4 bytes [62, D5, F9, 07]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2064] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                      000007f9d5621782 4 bytes [62, D5, F9, 07]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2064] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                000007f9cd9e1532 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2064] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                000007f9cd9e153a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2064] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                              000007f9cd9e165a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2332] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                         000007f9cd9e1532 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2332] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                         000007f9cd9e153a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2332] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                       000007f9cd9e165a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2332] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                               000007f9d562177a 4 bytes [62, D5, F9, 07]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2332] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                               000007f9d5621782 4 bytes [62, D5, F9, 07]
.text    C:\windows\system32\wbem\wmiprvse.exe[2808] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                               000007f9d562177a 4 bytes [62, D5, F9, 07]
.text    C:\windows\system32\wbem\wmiprvse.exe[2808] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                               000007f9d5621782 4 bytes [62, D5, F9, 07]
.text    C:\windows\system32\wbem\wmiprvse.exe[2808] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                         000007f9cd9e1532 4 bytes [9E, CD, F9, 07]
.text    C:\windows\system32\wbem\wmiprvse.exe[2808] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                         000007f9cd9e153a 4 bytes [9E, CD, F9, 07]
.text    C:\windows\system32\wbem\wmiprvse.exe[2808] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                       000007f9cd9e165a 4 bytes [9E, CD, F9, 07]
.text    C:\Windows\System32\igfxpers.exe[4456] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                    000007f9d562177a 4 bytes [62, D5, F9, 07]
.text    C:\Windows\System32\igfxpers.exe[4456] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                    000007f9d5621782 4 bytes [62, D5, F9, 07]
.text    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4484] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                               000007f9cd9e1532 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4484] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                               000007f9cd9e153a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[4484] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                             000007f9cd9e165a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[4664] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                             000007f9cd9e1532 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[4664] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                             000007f9cd9e153a 4 bytes [9E, CD, F9, 07]
.text    C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[4664] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                           000007f9cd9e165a 4 bytes [9E, CD, F9, 07]

---- Threads - GMER 2.1 ----

Thread   C:\windows\system32\csrss.exe [652:676]                                                                                                                                                                                fffff9600091c5e8
Thread   C:\windows\system32\svchost.exe [988:6140]                                                                                                                                                                             000007f9c3e710f0
Thread   C:\windows\system32\svchost.exe [988:3276]                                                                                                                                                                             000007f9c9d116b0
Thread   C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe [2364:5672]                                                                                             000007f9d2cd5990
Thread   C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe [2364:5716]                                                                                             000007f9d35a3af0
---- Processes - GMER 2.1 ----

Library  C:\Users\Markus\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe [4916](2014-07-30 00:20:20)                                                0000000003b40000
Library  c:\users\markus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3hn8uz.dll (*** suspicious ***) @ C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe [4916](2014-09-04 07:55:29)  0000000004650000
Library  C:\Users\Markus\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe [4916](2013-08-23 19:01:44)                                                      000000006d1d0000
Library  C:\Users\Markus\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe [4916] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                        000000006c810000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                  unknown MBR code

---- EOF - GMER 2.1 ----
In Ordnung so?


Alt 05.09.2014, 20:07   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen

Alt 06.09.2014, 05:54   #7
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Code:
ATTFilter
ComboFix 14-09-05.01 - Markus 06.09.2014   6:43.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.41.1031.18.8082.6209 [GMT 2:00]
ausgeführt von:: c:\users\Markus\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Outdated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Disabled/Outdated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-06 bis 2014-09-06  ))))))))))))))))))))))))))))))
.
.
2014-09-05 13:39 . 2014-09-05 13:39	--------	d-----w-	c:\programdata\Gibraltar
2014-09-05 13:35 . 2014-09-05 13:35	--------	d-----w-	c:\users\Markus\AppData\Local\Swiss Academic Software
2014-09-05 13:34 . 2014-09-05 13:39	--------	d-----w-	c:\users\Markus\AppData\Roaming\Swiss Academic Software
2014-09-05 13:32 . 2014-07-23 09:31	706944	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\x64\SwissAcademic.Citavi.IEPicker.dll
2014-09-05 13:32 . 2014-07-23 09:31	103752	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\x64\IEPickerBroker.exe
2014-09-05 13:32 . 2014-01-28 06:47	126976	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\x64\Interop.SHDocVw.dll
2014-09-05 13:32 . 2012-07-26 18:08	8022976	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\x64\Microsoft.mshtml.dll
2014-09-05 13:32 . 2014-07-23 09:31	706944	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\SwissAcademic.Citavi.IEPicker.dll
2014-09-05 13:32 . 2014-07-23 09:31	103752	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\IEPickerBroker.exe
2014-09-05 13:32 . 2014-01-28 06:47	126976	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\Interop.SHDocVw.dll
2014-09-05 13:32 . 2012-07-26 18:08	8022976	----a-w-	c:\program files (x86)\Internet Explorer\Citavi Picker\Microsoft.mshtml.dll
2014-09-05 13:32 . 2014-09-05 13:32	--------	d-----w-	c:\programdata\Swiss Academic Software
2014-09-05 13:31 . 2014-09-05 13:31	--------	d-----w-	c:\program files (x86)\Citavi 4
2014-09-05 13:30 . 2014-09-05 13:30	--------	d-----w-	c:\users\Markus\AppData\Local\Downloaded Installations
2014-09-04 08:26 . 2014-09-04 08:27	--------	d-----w-	C:\FRST
2014-09-03 23:33 . 2014-09-04 07:52	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2014-09-03 23:33 . 2014-09-04 07:53	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2014-08-27 10:13 . 2014-08-27 10:13	--------	d-----w-	c:\users\Markus\.pdfsam
2014-08-25 07:34 . 2014-08-25 11:42	--------	d-----w-	C:\Sync
2014-08-19 16:02 . 2014-08-19 16:02	--------	d-----w-	c:\users\Markus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-08-19 15:02 . 2014-08-19 15:02	--------	d-----w-	c:\users\Markus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-08-18 20:58 . 2014-08-25 20:58	--------	d-----w-	c:\programdata\NCH Software
2014-08-18 20:58 . 2014-08-25 21:53	--------	d-----w-	c:\program files (x86)\NCH Software
2014-08-18 20:58 . 2014-08-25 21:53	--------	d-----w-	c:\users\Markus\AppData\Roaming\NCH Software
2014-08-16 18:04 . 2014-08-16 18:04	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-08-15 10:13 . 2014-09-02 10:43	--------	d-----w-	c:\windows\system32\drivers\NAVx64\1505000.013
2014-08-14 17:57 . 2014-08-14 18:00	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2014-08-14 17:47 . 2014-08-14 17:47	--------	d-----w-	c:\programdata\ALM
2014-08-14 17:33 . 2014-08-14 17:33	--------	d-----w-	c:\program files (x86)\Common Files\Sonic Shared
2014-08-14 17:33 . 2014-08-14 17:33	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2014-08-14 17:33 . 2011-11-03 01:01	56208	------w-	c:\windows\system32\drivers\PxHlpa64.sys
2014-08-14 17:33 . 2011-10-17 01:00	10224	------w-	c:\windows\system32\drivers\cdralw2k.sys
2014-08-14 17:33 . 2011-10-17 01:00	10224	------w-	c:\windows\system32\drivers\cdr4_xp.sys
2014-08-14 17:33 . 2014-08-14 17:33	--------	d-----w-	c:\program files (x86)\My Company Name
2014-08-14 17:29 . 2014-08-14 17:29	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2014-08-14 17:25 . 2014-08-14 17:25	--------	d-----w-	c:\users\Markus\AppData\Roaming\WinBatch
2014-08-14 17:25 . 2014-08-14 17:53	--------	d-----w-	c:\program files\Adobe
2014-08-14 17:24 . 2014-08-14 17:53	--------	d-----w-	c:\program files\Common Files\Adobe
2014-08-14 17:18 . 2014-08-14 17:18	--------	d-----w-	c:\program files\7-Zip
2014-08-14 17:18 . 2014-08-14 17:19	--------	d-----w-	c:\users\Markus\AppData\Roaming\Notepad++
2014-08-14 17:18 . 2014-08-14 17:18	--------	d-----w-	c:\program files (x86)\Notepad++
2014-08-13 20:36 . 2014-08-13 20:36	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-08-13 20:36 . 2014-08-13 20:36	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-13 20:36 . 2014-08-13 20:36	--------	d-----w-	c:\program files (x86)\Java
2014-08-07 17:09 . 2014-08-07 17:09	--------	d-----w-	c:\users\Markus\AppData\Roaming\PearlMountain
2014-08-07 17:09 . 2014-08-07 17:09	--------	d-----w-	c:\programdata\PearlMountain
2014-08-07 16:45 . 2014-08-07 16:46	--------	d-----w-	c:\windows\system32\drivers\NSTx64\7DE07060.00F
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-02 10:42 . 2014-07-05 13:55	40448	----a-w-	c:\windows\system32\wuapp.exe
2014-09-02 10:42 . 2014-07-05 13:55	35328	----a-w-	c:\windows\SysWow64\wuapp.exe
2014-09-02 10:42 . 2014-07-05 13:55	144384	----a-w-	c:\windows\system32\wuwebv.dll
2014-09-02 10:42 . 2014-07-05 13:55	128000	----a-w-	c:\windows\SysWow64\wuwebv.dll
2014-08-24 07:52 . 2014-07-05 13:55	100352	----a-w-	c:\windows\system32\wudriver.dll
2014-08-24 07:52 . 2014-07-05 13:55	773632	----a-w-	c:\windows\system32\wuapi.dll
2014-08-24 07:52 . 2014-07-05 13:55	253440	----a-w-	c:\windows\system32\WUSettingsProvider.dll
2014-08-24 07:52 . 2014-07-05 13:55	1623040	----a-w-	c:\windows\system32\wucltux.dll
2014-08-24 07:52 . 2014-07-05 13:55	59416	----a-w-	c:\windows\system32\wuauclt.exe
2014-08-24 07:52 . 2014-07-05 13:55	3286528	----a-w-	c:\windows\system32\wuaueng.dll
2014-08-24 07:52 . 2014-07-05 13:55	86528	----a-w-	c:\windows\SysWow64\wudriver.dll
2014-08-24 07:52 . 2014-07-05 13:55	629248	----a-w-	c:\windows\SysWow64\wuapi.dll
2014-08-24 07:52 . 2014-07-05 13:55	176640	----a-w-	c:\windows\system32\storewuauth.dll
2014-08-15 10:03 . 2012-07-26 08:13	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-06-28 13:33 . 2013-04-06 12:48	177752	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-03-12 18:13	1728216	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-03-12 18:13	1728216	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-03-12 18:13	1728216	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{0F1773CF-B21E-4173-9F2F-B864A2C6FCE3}"
[HKEY_CLASSES_ROOT\CLSID\{0F1773CF-B21E-4173-9F2F-B864A2C6FCE3}]
2012-04-09 14:27	158224	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 14:27	158224	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-25 1171968]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-08-01 155488]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2012-07-21 34160]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-06-19 703888]
"KMS"="c:\windows\kmsonboot\autoact.exe" [2013-06-30 750051]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2014-05-08 41336]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2014-05-08 840568]
.
c:\users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-30 36414496]
FastStone Capture.lnk - c:\program files (x86)\FastStone Capture\FSCapture.exe -Silent [2007-2-12 1111552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NAVx64\1505000.013\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1505000.013\SymELAM.sys [x]
R2 HEU_KMS_Service;HEU_KMS_Service;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 McOobeSv2;McAfee OOBE Service2;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 LSDRVA;eIT-Xiroku Light Sensor USB Driver (lsdrva.sys);c:\windows\System32\Drivers\lsdrva.sys;c:\windows\SYSNATIVE\Drivers\lsdrva.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TemproMonitoringService;TEMPRO Service;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1505000.013\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1505000.013\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1505000.013\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1505000.013\SYMEFA64.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\System32\drivers\tos_sps64.sys;c:\windows\SYSNATIVE\drivers\tos_sps64.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140821.007\BHDrvx64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [x]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys;c:\windows\SYSNATIVE\drivers\cbfs3.sys [x]
S1 ccSet_NAV;NAV Settings Manager;c:\windows\system32\drivers\NAVx64\1505000.013\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1505000.013\ccSetx64.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140829.001\IDSvia64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140829.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1505000.013\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1505000.013\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1505000.013\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NAVx64\1505000.013\SYMNETS.SYS [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McSchedulerSvc;McAfee PC Task Scheduler Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\21.5.0.19\NAV.exe;c:\program files (x86)\Norton AntiVirus\Engine\21.5.0.19\NAV.exe [x]
S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe;c:\program files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\Teco\TecoService.exe;c:\program files\TOSHIBA\Teco\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys;c:\windows\SYSNATIVE\DRIVERS\CeKbFilter.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\System32\drivers\irstrtdv.sys;c:\windows\SYSNATIVE\drivers\irstrtdv.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 NETwNe64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 8 64-Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04	215416	----a-w-	c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-06 17:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-03-12 18:10	2333400	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-03-12 18:10	2333400	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-03-12 18:10	2333400	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{0F1773CF-B21E-4173-9F2F-B864A2C6FCE3}"
[HKEY_CLASSES_ROOT\CLSID\{0F1773CF-B21E-4173-9F2F-B864A2C6FCE3}]
2012-04-09 14:27	190480	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Markus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 14:27	190480	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-08 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-08 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-08 440640]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-31 12936848]
"SRS Premium Sound 3D"="c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" [2012-08-20 2170784]
"TosPU"="c:\program files\TOSHIBA\PasswordUtility\TosPU.exe" [2012-08-28 2374552]
"TSleepSrv"="c:\program files (x86)\TOSHIBA\System Setting\TSleepSrv.exe" [2012-08-04 1548952]
"TODDMain"="c:\program files (x86)\TOSHIBA\System Setting\TODDMain.exe" [2012-08-04 213136]
"TecoResident"="c:\program files\TOSHIBA\Teco\TecoResident.exe" [2012-08-14 169896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://toshiba13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Citavi Picker... - file://c:\program files (x86)\Internet Explorer\Citavi Picker\ShowContextMenu.html
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-Toshiba TEMPRO - c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe
AddRemove-Banana Buchhaltung 4.0 - c:\progra~2\Banana40\Unwise
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\21.5.0.19\NAV.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\21.5.0.19\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2014.7.0.43\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NAVx64\1505000.013\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton AntiVirus\Engine\21.5.0.19;c:\program files (x86)\Norton AntiVirus\Engine64\21.5.0.19"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-09-06  06:51:29
ComboFix-quarantined-files.txt  2014-09-06 04:51
.
Vor Suchlauf: 14 Verzeichnis(se), 322'891'468'800 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 322'471'452'672 Bytes frei
.
- - End Of File - - FC75E20B70D52FBDA65620645E9B0F87

Alt 06.09.2014, 19:00   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.09.2014, 20:32   #9
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


mbam.txt:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 06.09.2014
Suchlauf-Zeit: 20:29:00
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.06.07
Rootkit Datenbank: v2014.08.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Markus

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 331619
Verstrichene Zeit: 10 Min, 4 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, In Quarantäne, [3e31b337483384b2405d37f229da60a0], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
AdwCleaner[S0].txt:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.010 - Bericht erstellt am 29/10/2013 um 23:31:45
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Markus - MARKUS
# Gestartet von : C:\Users\Markus\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : DefaultTabUpdate

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup 
Ordner Gelöscht : C:\Users\Markus\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\DefaultTab
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\remmm41t.default\Extensions\addon@defaulttab.com.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Markus\AppData\Local\Temp\Uninstall.exe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Default Tab
Schlüssel Gelöscht : HKCU\Software\DefaultTab
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DefaultTab
Schlüssel Gelöscht : HKLM\Software\Default Tab
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\remmm41t.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3074 octets] - [29/10/2013 23:29:01]
AdwCleaner[S0].txt - [2670 octets] - [29/10/2013 23:31:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2730 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.309 - Bericht erstellt am 06/09/2014 um 21:13:11
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Markus - MARKUS
# Gestartet von : C:\Users\Markus\Desktop\adwcleaner_3.309.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\NCH Software

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v32.0 (x86 de)

[ Datei : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4646 octets] - [30/10/2013 00:29:01]
AdwCleaner[R1].txt - [2465 octets] - [31/10/2013 11:40:57]
AdwCleaner[S0].txt - [4081 octets] - [30/10/2013 00:31:45]
AdwCleaner[S1].txt - [952 octets] - [31/10/2013 11:46:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4200 octets] ##########
--- --- ---


JRT.txt:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Markus on 06.09.2014 at 21:22:37.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Markus\appdata\locallow\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\Markus\AppData\Roaming\mozilla\firefox\profiles\1e7o2jqh.default\minidumps [28 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.09.2014 at 21:27:26.75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Markus (administrator) on MARKUS on 06-09-2014 21:29:03
Running from C:\Users\Markus\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\nav.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-28] (Copyright (C) TOSHIBA Corp. 2012)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [KMS] => C:\windows\kmsonboot\autoact.exe [750051 2013-06-30] (HEU)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1939050773-1133648222-3210189974-1001\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-25] (Spotify Ltd)
HKU\S-1-5-21-1939050773-1133648222-3210189974-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {0F1773CF-B21E-4173-9F2F-B864A2C6FCE3} => C:\windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {0F1773CF-B21E-4173-9F2F-B864A2C6FCE3} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM-x32 - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKCU - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default
FF Homepage: hxxp://www.google.ch
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: OkayFreedom - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2014-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn [2014-09-06]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-08-14]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-09-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-07-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 HEU_KMS_Service; C:\windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S2 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\NAV.exe [262968 2014-07-31] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-19] (Symantec Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1505000.013\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-24] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140829.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2008-01-21] (eIT Co., Ltd. and Xiroku Inc.)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140901.001\ENG64.SYS [129752 2014-08-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140901.001\EX64.SYS [2137304 2014-08-25] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-28] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1505000.013\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1505000.013\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1505000.013\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-06 21:27 - 2014-09-06 21:27 - 00000834 _____ () C:\Users\Markus\Desktop\JRT.txt
2014-09-06 21:22 - 2014-09-06 21:22 - 01016261 _____ (Thisisu) C:\Users\Markus\Desktop\JRT.exe
2014-09-06 21:21 - 2014-09-06 21:21 - 00004288 _____ () C:\Users\Markus\Desktop\AdwCleaner[S0].txt
2014-09-06 20:43 - 2014-09-06 20:43 - 01370483 _____ () C:\Users\Markus\Desktop\adwcleaner_3.309.exe
2014-09-06 20:43 - 2014-09-06 20:43 - 00001288 _____ () C:\Users\Markus\Desktop\mbam.txt
2014-09-06 20:27 - 2014-09-06 20:28 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-06 20:27 - 2014-09-06 20:27 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-06 20:27 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-06 06:51 - 2014-09-06 06:51 - 00029657 _____ () C:\ComboFix.txt
2014-09-06 06:41 - 2014-09-06 06:51 - 00000000 ____D () C:\Qoobox
2014-09-06 06:41 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-09-06 06:41 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-09-06 06:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-09-06 06:30 - 2014-09-06 06:31 - 05576440 ____R (Swearware) C:\Users\Markus\Desktop\ComboFix.exe
2014-09-05 15:39 - 2014-09-05 15:39 - 00000000 ____D () C:\ProgramData\Gibraltar
2014-09-05 15:35 - 2014-09-05 15:35 - 00000000 ____D () C:\Users\Markus\AppData\Local\Swiss Academic Software
2014-09-05 15:34 - 2014-09-05 15:39 - 00000000 ____D () C:\Users\Markus\Documents\Citavi 4
2014-09-05 15:34 - 2014-09-05 15:39 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Swiss Academic Software
2014-09-05 15:32 - 2014-09-05 15:32 - 00000000 ____D () C:\ProgramData\Swiss Academic Software
2014-09-05 15:31 - 2014-09-05 15:31 - 00001960 _____ () C:\Users\Public\Desktop\Citavi 4.lnk
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\Program Files (x86)\Citavi 4
2014-09-05 15:30 - 2014-09-05 15:30 - 00000000 ____D () C:\Users\Markus\AppData\Local\Downloaded Installations
2014-09-05 10:46 - 2014-09-05 10:46 - 00001208 _____ () C:\Users\Markus\Desktop\Masterarbeit.lnk
2014-09-04 10:36 - 2014-09-04 10:36 - 00012193 _____ () C:\Users\Markus\Desktop\Gmer.txt
2014-09-04 10:32 - 2014-09-04 10:32 - 00380416 _____ () C:\Users\Markus\Desktop\Gmer-19357.exe
2014-09-04 10:27 - 2014-09-04 10:47 - 00150666 _____ () C:\Users\Markus\Desktop\Addition.txt
2014-09-04 10:26 - 2014-09-06 21:29 - 00024146 _____ () C:\Users\Markus\Desktop\FRST.txt
2014-09-04 10:26 - 2014-09-06 21:29 - 00000000 ____D () C:\FRST
2014-09-04 10:25 - 2014-09-04 10:25 - 02104832 _____ (Farbar) C:\Users\Markus\Desktop\FRST64.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00050477 _____ () C:\Users\Markus\Desktop\Defogger.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00000474 _____ () C:\Users\Markus\Desktop\defogger_disable.log
2014-09-04 10:24 - 2014-09-04 10:24 - 00000000 _____ () C:\Users\Markus\defogger_reenable
2014-09-04 01:33 - 2014-09-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-04 01:33 - 2014-09-04 09:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-04 01:33 - 2014-09-04 01:33 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-09-03 11:28 - 2014-09-03 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 14:12 - 2014-09-01 14:12 - 00000000 ____D () C:\Users\Markus\Documents\Benutzerdefinierte Office-Vorlagen
2014-08-27 12:59 - 2014-08-27 12:59 - 00000218 _____ () C:\Users\Markus\AppData\Local\recently-used.xbel
2014-08-27 12:13 - 2014-08-27 12:13 - 00000000 ____D () C:\Users\Markus\.pdfsam
2014-08-27 12:05 - 2014-08-27 12:05 - 00000000 ____D () C:\Users\Markus\Documents\Symantec
2014-08-25 09:34 - 2014-08-25 13:42 - 00000000 ____D () C:\Sync
2014-08-25 09:32 - 2014-08-25 09:32 - 00013102 ____H () C:\Users\Markus\Desktop\~WRL3477.tmp
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-08-19 17:02 - 2014-08-19 17:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-08-18 22:58 - 2014-08-25 23:19 - 00000000 ____D () C:\windows\System32\Tasks\NCH Software
2014-08-18 10:05 - 2014-08-18 14:15 - 00000000 ____D () C:\Sync1
2014-08-14 20:00 - 2014-08-14 20:00 - 00003500 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-maek.buehrer@gmx.net
2014-08-14 19:57 - 2014-08-14 20:00 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-14 19:47 - 2014-08-14 19:47 - 00000000 ____D () C:\ProgramData\ALM
2014-08-14 19:38 - 2014-08-15 12:08 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-14 19:38 - 2014-08-15 12:08 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-14 19:38 - 2014-08-15 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-14 19:34 - 2014-08-14 19:34 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-14 19:33 - 2014-08-14 19:33 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-14 19:33 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\windows\system32\Drivers\PxHlpa64.sys
2014-08-14 19:33 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdralw2k.sys
2014-08-14 19:33 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdr4_xp.sys
2014-08-14 19:30 - 2014-08-14 19:30 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-14 19:25 - 2014-08-14 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-14 19:25 - 2014-08-14 19:53 - 00000000 ____D () C:\Program Files\Adobe
2014-08-14 19:25 - 2014-08-14 19:25 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\WinBatch
2014-08-14 19:24 - 2014-08-14 19:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-14 19:18 - 2014-08-14 19:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-13 22:36 - 2014-08-13 22:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\PearlMountain
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\ProgramData\PearlMountain

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-06 21:29 - 2014-09-04 10:26 - 00024146 _____ () C:\Users\Markus\Desktop\FRST.txt
2014-09-06 21:29 - 2014-09-04 10:26 - 00000000 ____D () C:\FRST
2014-09-06 21:27 - 2014-09-06 21:27 - 00000834 _____ () C:\Users\Markus\Desktop\JRT.txt
2014-09-06 21:22 - 2014-09-06 21:22 - 01016261 _____ (Thisisu) C:\Users\Markus\Desktop\JRT.exe
2014-09-06 21:21 - 2014-09-06 21:21 - 00004288 _____ () C:\Users\Markus\Desktop\AdwCleaner[S0].txt
2014-09-06 21:21 - 2014-07-25 08:46 - 00005116 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MARKUS-Markus Markus
2014-09-06 21:20 - 2013-04-08 13:01 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashDumps
2014-09-06 21:20 - 2013-04-06 14:59 - 00000000 ___RD () C:\Users\Markus\Dropbox
2014-09-06 21:20 - 2013-04-06 14:56 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Dropbox
2014-09-06 21:15 - 2013-04-06 12:49 - 01718582 _____ () C:\windows\WindowsUpdate.log
2014-09-06 21:14 - 2012-09-11 08:52 - 00118668 _____ () C:\windows\PFRO.log
2014-09-06 21:14 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-06 21:13 - 2013-10-30 00:28 - 00000000 ____D () C:\AdwCleaner
2014-09-06 21:13 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-09-06 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-09-06 20:46 - 2013-12-19 08:41 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-06 20:43 - 2014-09-06 20:43 - 01370483 _____ () C:\Users\Markus\Desktop\adwcleaner_3.309.exe
2014-09-06 20:43 - 2014-09-06 20:43 - 00001288 _____ () C:\Users\Markus\Desktop\mbam.txt
2014-09-06 20:28 - 2014-09-06 20:27 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-06 20:27 - 2014-09-06 20:27 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2013-10-31 10:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-06 20:25 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\92C3BF93-8AF1-4A5D-8A76-D236C40E67CB.aplzod
2014-09-06 20:25 - 2013-05-01 13:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\FreePDF_XP
2014-09-06 13:06 - 2014-06-17 13:16 - 00000000 ____D () C:\Users\Markus\AppData\Local\Adobe
2014-09-06 06:51 - 2014-09-06 06:51 - 00029657 _____ () C:\ComboFix.txt
2014-09-06 06:51 - 2014-09-06 06:41 - 00000000 ____D () C:\Qoobox
2014-09-06 06:49 - 2012-07-26 07:26 - 00000215 _____ () C:\windows\system.ini
2014-09-06 06:40 - 2013-10-30 14:59 - 00000000 ____D () C:\windows\erdnt
2014-09-06 06:31 - 2014-09-06 06:30 - 05576440 ____R (Swearware) C:\Users\Markus\Desktop\ComboFix.exe
2014-09-05 15:39 - 2014-09-05 15:39 - 00000000 ____D () C:\ProgramData\Gibraltar
2014-09-05 15:39 - 2014-09-05 15:34 - 00000000 ____D () C:\Users\Markus\Documents\Citavi 4
2014-09-05 15:39 - 2014-09-05 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Swiss Academic Software
2014-09-05 15:35 - 2014-09-05 15:35 - 00000000 ____D () C:\Users\Markus\AppData\Local\Swiss Academic Software
2014-09-05 15:32 - 2014-09-05 15:32 - 00000000 ____D () C:\ProgramData\Swiss Academic Software
2014-09-05 15:31 - 2014-09-05 15:31 - 00001960 _____ () C:\Users\Public\Desktop\Citavi 4.lnk
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\Program Files (x86)\Citavi 4
2014-09-05 15:30 - 2014-09-05 15:30 - 00000000 ____D () C:\Users\Markus\AppData\Local\Downloaded Installations
2014-09-05 15:30 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-09-05 10:46 - 2014-09-05 10:46 - 00001208 _____ () C:\Users\Markus\Desktop\Masterarbeit.lnk
2014-09-04 18:11 - 2012-08-01 18:38 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-09-04 18:11 - 2012-08-01 18:38 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-09-04 18:11 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-04 14:59 - 2013-04-18 00:08 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Skype
2014-09-04 13:59 - 2013-04-06 12:50 - 00000000 ____D () C:\Users\Markus\AppData\Local\Packages
2014-09-04 10:47 - 2014-09-04 10:27 - 00150666 _____ () C:\Users\Markus\Desktop\Addition.txt
2014-09-04 10:36 - 2014-09-04 10:36 - 00012193 _____ () C:\Users\Markus\Desktop\Gmer.txt
2014-09-04 10:32 - 2014-09-04 10:32 - 00380416 _____ () C:\Users\Markus\Desktop\Gmer-19357.exe
2014-09-04 10:25 - 2014-09-04 10:25 - 02104832 _____ (Farbar) C:\Users\Markus\Desktop\FRST64.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00050477 _____ () C:\Users\Markus\Desktop\Defogger.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00000474 _____ () C:\Users\Markus\Desktop\defogger_disable.log
2014-09-04 10:24 - 2014-09-04 10:24 - 00000000 _____ () C:\Users\Markus\defogger_reenable
2014-09-04 10:24 - 2013-04-06 12:49 - 00000000 ____D () C:\Users\Markus
2014-09-04 09:53 - 2014-09-04 01:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-04 09:52 - 2014-09-04 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-04 08:37 - 2014-08-06 09:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-04 01:33 - 2014-09-04 01:33 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-09-03 14:20 - 2013-04-28 13:43 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-03 11:28 - 2014-09-03 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-02 12:43 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-09-02 12:42 - 2014-07-05 15:55 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-02 12:42 - 2014-07-05 15:55 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-02 12:42 - 2014-07-05 15:55 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-02 12:42 - 2014-07-05 15:55 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-02 12:42 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-09-02 08:05 - 2014-07-24 09:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-09-02 08:05 - 2013-04-06 14:48 - 00003218 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-09-02 08:05 - 2013-04-06 14:48 - 00002408 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-09-02 08:05 - 2013-04-06 14:48 - 00000000 ____D () C:\windows\system32\Drivers\NAVx64
2014-09-01 14:12 - 2014-09-01 14:12 - 00000000 ____D () C:\Users\Markus\Documents\Benutzerdefinierte Office-Vorlagen
2014-09-01 12:17 - 2013-10-24 18:37 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Wuala
2014-08-31 21:42 - 2013-04-06 17:39 - 00000000 ___RD () C:\Users\Markus\Documents\Privat
2014-08-27 17:46 - 2013-04-06 12:58 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1939050773-1133648222-3210189974-1001
2014-08-27 13:00 - 2013-04-29 15:13 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\inkscape
2014-08-27 12:59 - 2014-08-27 12:59 - 00000218 _____ () C:\Users\Markus\AppData\Local\recently-used.xbel
2014-08-27 12:54 - 2014-04-08 11:55 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\DVDVideoSoft
2014-08-27 12:53 - 2014-05-05 01:04 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\uTorrent
2014-08-27 12:31 - 2014-06-25 14:02 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 12:13 - 2014-08-27 12:13 - 00000000 ____D () C:\Users\Markus\.pdfsam
2014-08-27 12:05 - 2014-08-27 12:05 - 00000000 ____D () C:\Users\Markus\Documents\Symantec
2014-08-26 08:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-08-25 23:19 - 2014-08-18 22:58 - 00000000 ____D () C:\windows\System32\Tasks\NCH Software
2014-08-25 13:42 - 2014-08-25 09:34 - 00000000 ____D () C:\Sync
2014-08-25 09:32 - 2014-08-25 09:32 - 00013102 ____H () C:\Users\Markus\Desktop\~WRL3477.tmp
2014-08-24 09:52 - 2014-07-05 15:55 - 03286528 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 01623040 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00773632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-08-19 17:02 - 2014-08-19 17:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-08-19 17:02 - 2013-04-06 17:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-19 17:02 - 2013-04-06 12:50 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Adobe
2014-08-18 14:15 - 2014-08-18 10:05 - 00000000 ____D () C:\Sync1
2014-08-16 20:04 - 2013-04-18 00:08 - 00000000 ____D () C:\ProgramData\Skype
2014-08-16 18:37 - 2014-03-14 19:21 - 05047096 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-15 12:08 - 2014-08-14 19:38 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-15 12:08 - 2014-08-14 19:38 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-15 12:08 - 2014-08-14 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-15 06:58 - 2013-04-06 14:58 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 20:00 - 2014-08-14 20:00 - 00003500 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-maek.buehrer@gmx.net
2014-08-14 20:00 - 2014-08-14 19:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-14 19:54 - 2014-08-14 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-14 19:53 - 2014-08-14 19:25 - 00000000 ____D () C:\Program Files\Adobe
2014-08-14 19:53 - 2014-08-14 19:24 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-14 19:52 - 2013-04-08 00:07 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-14 19:47 - 2014-08-14 19:47 - 00000000 ____D () C:\ProgramData\ALM
2014-08-14 19:34 - 2014-08-14 19:34 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-14 19:33 - 2014-08-14 19:33 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-14 19:30 - 2014-08-14 19:30 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-14 19:25 - 2014-08-14 19:25 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\WinBatch
2014-08-14 19:19 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-13 22:44 - 2013-10-17 20:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-13 22:36 - 2014-08-13 22:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\PearlMountain
2014-08-07 19:09 - 2014-08-07 19:09 - 00000000 ____D () C:\ProgramData\PearlMountain
2014-08-07 18:45 - 2014-07-24 09:55 - 00000000 ____D () C:\windows\system32\Drivers\NSTx64

Files to move or delete:
====================
C:\Users\Markus\fbchathistory.dat


Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rwfso.dll
C:\Users\Markus\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-25 08:10

==================== End Of Log ============================
--- --- ---
Alt 07.09.2014, 13:07   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.09.2014, 19:07   #11
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Hallo schrauber

Eset ist mir leider immer bei 20% stehengeblieben (siehe Screenshot). Das Problem besteht auch weiterhin. Ich poste trotzdem einmal das Logfile:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2f815a4d740e6a43811433834116dfe7
# engine=20040
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-07 05:33:12
# local_time=2014-09-07 07:33:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Norton AntiVirus'
# compatibility_mode=3599 16777213 100 100 778202 229100578 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15401423 69617303 0 0
# scanned=17112
# found=2
# cleaned=0
# scan_time=1873
sh=A66441EA33B541895F23B3A4F8EB408B616A94BA ft=1 fh=02e58446c958c5ff vn="Win32/Toolbar.DefaultTab.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe.vir"
sh=17044BF6155DB1C1B9E69419E3230C8243DAFAE0 ft=1 fh=1a209f8f18633308 vn="Variante von Win32/Toolbar.DefaultTab.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2f815a4d740e6a43811433834116dfe7
# engine=20040
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-07 05:55:26
# local_time=2014-09-07 07:55:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Norton AntiVirus'
# compatibility_mode=3599 16777213 100 100 779536 229101912 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15402757 69618637 0 0
# scanned=16606
# found=2
# cleaned=0
# scan_time=1262
sh=A66441EA33B541895F23B3A4F8EB408B616A94BA ft=1 fh=02e58446c958c5ff vn="Win32/Toolbar.DefaultTab.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe.vir"
sh=17044BF6155DB1C1B9E69419E3230C8243DAFAE0 ft=1 fh=1a209f8f18633308 vn="Variante von Win32/Toolbar.DefaultTab.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe.vir"
checkup.txt:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.87  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
Norton AntiVirus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Adobe Flash Player 	14.0.0.145  
 Adobe Reader XI  
 Mozilla Firefox (32.0) 
````````Process Check: objlist.exe by Laurent````````  
 Norton AntiVirus Engine 21.5.0.19 NAV.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Markus (administrator) on MARKUS on 07-09-2014 20:01:38
Running from C:\Users\Markus\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\nav.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\nav.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Spotify Ltd) C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Dropbox, Inc.) C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
() C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-28] (Copyright (C) TOSHIBA Corp. 2012)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [KMS] => C:\windows\kmsonboot\autoact.exe [750051 2013-06-30] (HEU)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1939050773-1133648222-3210189974-1001\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-25] (Spotify Ltd)
HKU\S-1-5-21-1939050773-1133648222-3210189974-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {0F1773CF-B21E-4173-9F2F-B864A2C6FCE3} => C:\windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {0F1773CF-B21E-4173-9F2F-B864A2C6FCE3} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM-x32 - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKCU - {62D13272-4A99-4AE0-9743-F5C6D849B08B} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default
FF Homepage: hxxp://www.google.ch
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: OkayFreedom - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\1e7o2jqh.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2014-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-08-14]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-09-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-07-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 HEU_KMS_Service; C:\windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S2 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [219832 2012-06-17] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.5.0.19\NAV.exe [262968 2014-07-31] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-19] (Symantec Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1505000.013\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-24] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140829.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 LSDRVA; C:\Windows\System32\Drivers\lsdrva.sys [46360 2008-01-21] (eIT Co., Ltd. and Xiroku Inc.)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140901.001\ENG64.SYS [129752 2014-08-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140901.001\EX64.SYS [2137304 2014-08-25] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-28] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1505000.013\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1505000.013\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1505000.013\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-07 20:01 - 2014-09-07 20:01 - 00000000 ____D () C:\Users\Markus\Desktop\FRST-OlderVersion
2014-09-07 20:00 - 2014-09-07 20:00 - 00000811 _____ () C:\Users\Markus\Desktop\checkup.txt
2014-09-07 19:59 - 2014-09-07 19:59 - 00854417 _____ () C:\Users\Markus\Desktop\SecurityCheck.exe
2014-09-07 18:59 - 2014-09-07 18:59 - 02347384 _____ (ESET) C:\Users\Markus\Desktop\esetsmartinstaller_deu.exe
2014-09-06 21:27 - 2014-09-06 21:27 - 00000834 _____ () C:\Users\Markus\Desktop\JRT.txt
2014-09-06 21:22 - 2014-09-06 21:22 - 01016261 _____ (Thisisu) C:\Users\Markus\Desktop\JRT.exe
2014-09-06 21:21 - 2014-09-06 21:21 - 00004288 _____ () C:\Users\Markus\Desktop\AdwCleaner[S0].txt
2014-09-06 20:43 - 2014-09-06 20:43 - 01370483 _____ () C:\Users\Markus\Desktop\adwcleaner_3.309.exe
2014-09-06 20:43 - 2014-09-06 20:43 - 00001288 _____ () C:\Users\Markus\Desktop\mbam.txt
2014-09-06 20:27 - 2014-09-06 20:28 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-06 20:27 - 2014-09-06 20:27 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-06 20:27 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-06 06:51 - 2014-09-06 06:51 - 00029657 _____ () C:\ComboFix.txt
2014-09-06 06:41 - 2014-09-06 06:51 - 00000000 ____D () C:\Qoobox
2014-09-06 06:41 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-09-06 06:41 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-09-06 06:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-09-06 06:41 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-09-06 06:30 - 2014-09-06 06:31 - 05576440 ____R (Swearware) C:\Users\Markus\Desktop\ComboFix.exe
2014-09-05 15:39 - 2014-09-05 15:39 - 00000000 ____D () C:\ProgramData\Gibraltar
2014-09-05 15:35 - 2014-09-05 15:35 - 00000000 ____D () C:\Users\Markus\AppData\Local\Swiss Academic Software
2014-09-05 15:34 - 2014-09-05 15:39 - 00000000 ____D () C:\Users\Markus\Documents\Citavi 4
2014-09-05 15:34 - 2014-09-05 15:39 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Swiss Academic Software
2014-09-05 15:32 - 2014-09-05 15:32 - 00000000 ____D () C:\ProgramData\Swiss Academic Software
2014-09-05 15:31 - 2014-09-05 15:31 - 00001960 _____ () C:\Users\Public\Desktop\Citavi 4.lnk
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\Program Files (x86)\Citavi 4
2014-09-05 15:30 - 2014-09-05 15:30 - 00000000 ____D () C:\Users\Markus\AppData\Local\Downloaded Installations
2014-09-05 10:46 - 2014-09-05 10:46 - 00001208 _____ () C:\Users\Markus\Desktop\Masterarbeit.lnk
2014-09-04 10:36 - 2014-09-04 10:36 - 00012193 _____ () C:\Users\Markus\Desktop\Gmer.txt
2014-09-04 10:32 - 2014-09-04 10:32 - 00380416 _____ () C:\Users\Markus\Desktop\Gmer-19357.exe
2014-09-04 10:27 - 2014-09-04 10:47 - 00150666 _____ () C:\Users\Markus\Desktop\Addition.txt
2014-09-04 10:26 - 2014-09-07 20:01 - 00025730 _____ () C:\Users\Markus\Desktop\FRST.txt
2014-09-04 10:26 - 2014-09-07 20:01 - 00000000 ____D () C:\FRST
2014-09-04 10:25 - 2014-09-07 20:01 - 02105344 _____ (Farbar) C:\Users\Markus\Desktop\FRST64.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00050477 _____ () C:\Users\Markus\Desktop\Defogger.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00000474 _____ () C:\Users\Markus\Desktop\defogger_disable.log
2014-09-04 10:24 - 2014-09-04 10:24 - 00000000 _____ () C:\Users\Markus\defogger_reenable
2014-09-04 01:33 - 2014-09-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-04 01:33 - 2014-09-04 09:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-04 01:33 - 2014-09-04 01:33 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-09-03 11:28 - 2014-09-03 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 14:12 - 2014-09-01 14:12 - 00000000 ____D () C:\Users\Markus\Documents\Benutzerdefinierte Office-Vorlagen
2014-08-27 12:59 - 2014-08-27 12:59 - 00000218 _____ () C:\Users\Markus\AppData\Local\recently-used.xbel
2014-08-27 12:13 - 2014-08-27 12:13 - 00000000 ____D () C:\Users\Markus\.pdfsam
2014-08-27 12:05 - 2014-08-27 12:05 - 00000000 ____D () C:\Users\Markus\Documents\Symantec
2014-08-25 09:34 - 2014-08-25 13:42 - 00000000 ____D () C:\Sync
2014-08-25 09:32 - 2014-08-25 09:32 - 00013102 ____H () C:\Users\Markus\Desktop\~WRL3477.tmp
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-08-19 17:02 - 2014-08-19 17:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-08-18 22:58 - 2014-08-25 23:19 - 00000000 ____D () C:\windows\System32\Tasks\NCH Software
2014-08-18 10:05 - 2014-08-18 14:15 - 00000000 ____D () C:\Sync1
2014-08-14 20:00 - 2014-08-14 20:00 - 00003500 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-**************
2014-08-14 19:57 - 2014-08-14 20:00 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-14 19:47 - 2014-08-14 19:47 - 00000000 ____D () C:\ProgramData\ALM
2014-08-14 19:38 - 2014-08-15 12:08 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-14 19:38 - 2014-08-15 12:08 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-14 19:38 - 2014-08-15 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-14 19:34 - 2014-08-14 19:34 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-14 19:33 - 2014-08-14 19:33 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-14 19:33 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\windows\system32\Drivers\PxHlpa64.sys
2014-08-14 19:33 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdralw2k.sys
2014-08-14 19:33 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\windows\system32\Drivers\cdr4_xp.sys
2014-08-14 19:30 - 2014-08-14 19:30 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-14 19:25 - 2014-08-14 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-14 19:25 - 2014-08-14 19:53 - 00000000 ____D () C:\Program Files\Adobe
2014-08-14 19:25 - 2014-08-14 19:25 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\WinBatch
2014-08-14 19:24 - 2014-08-14 19:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-14 19:18 - 2014-08-14 19:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-13 22:36 - 2014-08-13 22:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\Program Files (x86)\Java

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-07 20:01 - 2014-09-07 20:01 - 00000000 ____D () C:\Users\Markus\Desktop\FRST-OlderVersion
2014-09-07 20:01 - 2014-09-04 10:26 - 00025730 _____ () C:\Users\Markus\Desktop\FRST.txt
2014-09-07 20:01 - 2014-09-04 10:26 - 00000000 ____D () C:\FRST
2014-09-07 20:01 - 2014-09-04 10:25 - 02105344 _____ (Farbar) C:\Users\Markus\Desktop\FRST64.exe
2014-09-07 20:00 - 2014-09-07 20:00 - 00000811 _____ () C:\Users\Markus\Desktop\checkup.txt
2014-09-07 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-09-07 19:59 - 2014-09-07 19:59 - 00854417 _____ () C:\Users\Markus\Desktop\SecurityCheck.exe
2014-09-07 19:46 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\92C3BF93-8AF1-4A5D-8A76-D236C40E67CB.aplzod
2014-09-07 19:46 - 2013-12-19 08:41 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-07 19:13 - 2014-07-25 08:46 - 00005114 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MARKUS-Markus Markus
2014-09-07 18:59 - 2014-09-07 18:59 - 02347384 _____ (ESET) C:\Users\Markus\Desktop\esetsmartinstaller_deu.exe
2014-09-07 18:59 - 2012-08-01 18:38 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-09-07 18:59 - 2012-08-01 18:38 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-09-07 18:59 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-07 18:53 - 2013-04-06 12:49 - 01765771 _____ () C:\windows\WindowsUpdate.log
2014-09-07 18:52 - 2013-05-01 13:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\FreePDF_XP
2014-09-07 18:52 - 2013-04-06 14:59 - 00000000 ___RD () C:\Users\Markus\Dropbox
2014-09-07 18:52 - 2013-04-06 14:56 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Dropbox
2014-09-07 18:52 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-07 02:00 - 2014-06-17 13:16 - 00000000 ____D () C:\Users\Markus\AppData\Local\Adobe
2014-09-06 22:27 - 2013-04-08 13:01 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashDumps
2014-09-06 21:27 - 2014-09-06 21:27 - 00000834 _____ () C:\Users\Markus\Desktop\JRT.txt
2014-09-06 21:22 - 2014-09-06 21:22 - 01016261 _____ (Thisisu) C:\Users\Markus\Desktop\JRT.exe
2014-09-06 21:21 - 2014-09-06 21:21 - 00004288 _____ () C:\Users\Markus\Desktop\AdwCleaner[S0].txt
2014-09-06 21:14 - 2012-09-11 08:52 - 00118668 _____ () C:\windows\PFRO.log
2014-09-06 21:13 - 2013-10-30 00:28 - 00000000 ____D () C:\AdwCleaner
2014-09-06 21:13 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-09-06 20:43 - 2014-09-06 20:43 - 01370483 _____ () C:\Users\Markus\Desktop\adwcleaner_3.309.exe
2014-09-06 20:43 - 2014-09-06 20:43 - 00001288 _____ () C:\Users\Markus\Desktop\mbam.txt
2014-09-06 20:28 - 2014-09-06 20:27 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-06 20:27 - 2014-09-06 20:27 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2014-09-06 20:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-06 20:27 - 2013-10-31 10:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-06 06:51 - 2014-09-06 06:51 - 00029657 _____ () C:\ComboFix.txt
2014-09-06 06:51 - 2014-09-06 06:41 - 00000000 ____D () C:\Qoobox
2014-09-06 06:49 - 2012-07-26 07:26 - 00000215 _____ () C:\windows\system.ini
2014-09-06 06:40 - 2013-10-30 14:59 - 00000000 ____D () C:\windows\erdnt
2014-09-06 06:31 - 2014-09-06 06:30 - 05576440 ____R (Swearware) C:\Users\Markus\Desktop\ComboFix.exe
2014-09-05 15:39 - 2014-09-05 15:39 - 00000000 ____D () C:\ProgramData\Gibraltar
2014-09-05 15:39 - 2014-09-05 15:34 - 00000000 ____D () C:\Users\Markus\Documents\Citavi 4
2014-09-05 15:39 - 2014-09-05 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Swiss Academic Software
2014-09-05 15:35 - 2014-09-05 15:35 - 00000000 ____D () C:\Users\Markus\AppData\Local\Swiss Academic Software
2014-09-05 15:32 - 2014-09-05 15:32 - 00000000 ____D () C:\ProgramData\Swiss Academic Software
2014-09-05 15:31 - 2014-09-05 15:31 - 00001960 _____ () C:\Users\Public\Desktop\Citavi 4.lnk
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4
2014-09-05 15:31 - 2014-09-05 15:31 - 00000000 ____D () C:\Program Files (x86)\Citavi 4
2014-09-05 15:30 - 2014-09-05 15:30 - 00000000 ____D () C:\Users\Markus\AppData\Local\Downloaded Installations
2014-09-05 15:30 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-09-05 10:46 - 2014-09-05 10:46 - 00001208 _____ () C:\Users\Markus\Desktop\Masterarbeit.lnk
2014-09-04 14:59 - 2013-04-18 00:08 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Skype
2014-09-04 13:59 - 2013-04-06 12:50 - 00000000 ____D () C:\Users\Markus\AppData\Local\Packages
2014-09-04 10:47 - 2014-09-04 10:27 - 00150666 _____ () C:\Users\Markus\Desktop\Addition.txt
2014-09-04 10:36 - 2014-09-04 10:36 - 00012193 _____ () C:\Users\Markus\Desktop\Gmer.txt
2014-09-04 10:32 - 2014-09-04 10:32 - 00380416 _____ () C:\Users\Markus\Desktop\Gmer-19357.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00050477 _____ () C:\Users\Markus\Desktop\Defogger.exe
2014-09-04 10:24 - 2014-09-04 10:24 - 00000474 _____ () C:\Users\Markus\Desktop\defogger_disable.log
2014-09-04 10:24 - 2014-09-04 10:24 - 00000000 _____ () C:\Users\Markus\defogger_reenable
2014-09-04 10:24 - 2013-04-06 12:49 - 00000000 ____D () C:\Users\Markus
2014-09-04 09:53 - 2014-09-04 01:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-04 09:52 - 2014-09-04 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-04 08:37 - 2014-08-06 09:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-04 01:33 - 2014-09-04 01:33 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-09-03 14:20 - 2013-04-28 13:43 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-03 11:28 - 2014-09-03 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-02 12:43 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-09-02 12:42 - 2014-07-05 15:55 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-02 12:42 - 2014-07-05 15:55 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-02 12:42 - 2014-07-05 15:55 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-02 12:42 - 2014-07-05 15:55 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-02 12:42 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-09-02 08:05 - 2014-07-24 09:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-09-02 08:05 - 2013-04-06 14:48 - 00003218 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-09-02 08:05 - 2013-04-06 14:48 - 00002408 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-09-02 08:05 - 2013-04-06 14:48 - 00000000 ____D () C:\windows\system32\Drivers\NAVx64
2014-09-01 14:12 - 2014-09-01 14:12 - 00000000 ____D () C:\Users\Markus\Documents\Benutzerdefinierte Office-Vorlagen
2014-09-01 12:17 - 2013-10-24 18:37 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Wuala
2014-08-31 21:42 - 2013-04-06 17:39 - 00000000 ___RD () C:\Users\Markus\Documents\Privat
2014-08-27 17:46 - 2013-04-06 12:58 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1939050773-1133648222-3210189974-1001
2014-08-27 13:00 - 2013-04-29 15:13 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\inkscape
2014-08-27 12:59 - 2014-08-27 12:59 - 00000218 _____ () C:\Users\Markus\AppData\Local\recently-used.xbel
2014-08-27 12:54 - 2014-04-08 11:55 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\DVDVideoSoft
2014-08-27 12:53 - 2014-05-05 01:04 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\uTorrent
2014-08-27 12:31 - 2014-06-25 14:02 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 12:13 - 2014-08-27 12:13 - 00000000 ____D () C:\Users\Markus\.pdfsam
2014-08-27 12:05 - 2014-08-27 12:05 - 00000000 ____D () C:\Users\Markus\Documents\Symantec
2014-08-26 08:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-08-25 23:19 - 2014-08-18 22:58 - 00000000 ____D () C:\windows\System32\Tasks\NCH Software
2014-08-25 13:42 - 2014-08-25 09:34 - 00000000 ____D () C:\Sync
2014-08-25 09:32 - 2014-08-25 09:32 - 00013102 ____H () C:\Users\Markus\Desktop\~WRL3477.tmp
2014-08-24 09:52 - 2014-07-05 15:55 - 03286528 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 01623040 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00773632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-24 09:52 - 2014-07-05 15:55 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-08-19 17:02 - 2014-08-19 17:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-08-19 17:02 - 2013-04-06 17:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-19 17:02 - 2013-04-06 12:50 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Adobe
2014-08-18 14:15 - 2014-08-18 10:05 - 00000000 ____D () C:\Sync1
2014-08-16 20:04 - 2013-04-18 00:08 - 00000000 ____D () C:\ProgramData\Skype
2014-08-16 18:37 - 2014-03-14 19:21 - 05047096 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-15 12:08 - 2014-08-14 19:38 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-15 12:08 - 2014-08-14 19:38 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-15 12:08 - 2014-08-14 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-15 06:58 - 2013-04-06 14:58 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 20:00 - 2014-08-14 20:00 - 00003500 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-****************33
2014-08-14 20:00 - 2014-08-14 19:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-14 19:54 - 2014-08-14 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-14 19:53 - 2014-08-14 19:25 - 00000000 ____D () C:\Program Files\Adobe
2014-08-14 19:53 - 2014-08-14 19:24 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-14 19:52 - 2013-04-08 00:07 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-14 19:47 - 2014-08-14 19:47 - 00000000 ____D () C:\ProgramData\ALM
2014-08-14 19:34 - 2014-08-14 19:34 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-14 19:33 - 2014-08-14 19:33 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-14 19:30 - 2014-08-14 19:30 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-14 19:30 - 2014-08-14 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-14 19:25 - 2014-08-14 19:25 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\WinBatch
2014-08-14 19:19 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-14 19:18 - 2014-08-14 19:18 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-13 22:44 - 2013-10-17 20:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-13 22:36 - 2014-08-13 22:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-13 22:36 - 2014-08-13 22:36 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-13 22:36 - 2014-08-13 22:36 - 00000000 ____D () C:\Program Files (x86)\Java

Files to move or delete:
====================
C:\Users\Markus\fbchathistory.dat


Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl2mnp9.dll
C:\Users\Markus\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-25 08:10

==================== End Of Log ============================
--- --- ---

--- --- ---
Angehängte Grafiken
Dateityp: png fehler.png (21,8 KB, 249x aufgerufen)
Geändert von candide (07.09.2014 um 19:12 Uhr)

Alt 08.09.2014, 13:38   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.09.2014, 18:16   #13
candide
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Gemacht, leider besteht das Problem immer noch.

Alt 09.09.2014, 16:34   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Standard

Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


Mach bitte mal ein Auffrischen mit Win8.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen
anhang, antivirus, blau, datei, explorer, folge, folgendes, gestartet, klicke, klicken, logfiles, nicht mehr, nicht öffnen, norton, ordner, problem, programme, programmen, rechts, screen, starten, stürzt ab, taskleiste, windows, windows explorer, öffnen


« Windows 7 - Internet leitet zu Viren-Page um | akamaihd Infizierung - blockiert FB »


Ähnliche Themen: Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen


  1. Windows 7: Fehlermeldung bei Systemstart und Avira lässt sich nicht mehr öffnen.
    Log-Analyse und Auswertung - 19.08.2015 (10)
  2. Windows 8.1: Google lässt sich bei einem User nicht mehr öffnen
    Log-Analyse und Auswertung - 14.08.2015 (11)
  3. Windows 7 - Windows Explorer stürzt dauernd ab und Update KB3046482 lässt sich nicht installieren
    Alles rund um Windows - 31.05.2015 (12)
  4. Norton 360 lässt sich nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 25.01.2015 (11)
  5. festplatte lässt sich nicht öffnen, Pc geht einfach aus WINDOWS XP
    Antiviren-, Firewall- und andere Schutzprogramme - 09.01.2015 (6)
  6. Internet Explorer lässt sich nicht mehr öffnen und der Sound ist gleichzeitig weg.
    Alles rund um Windows - 12.11.2014 (4)
  7. Windows 7: PC friert zeitweise ein, stürzt ab und lässt sich nicht herunterfahren
    Plagegeister aller Art und deren Bekämpfung - 07.08.2014 (23)
  8. Windows Vista 32 bit: Avira lässt sich nicht mehr öffnen
    Log-Analyse und Auswertung - 06.06.2014 (7)
  9. Windows Firewall lässt sich nicht starten/öffnen/ausführen
    Log-Analyse und Auswertung - 13.02.2014 (21)
  10. Windows Explorer stürzt ab, Computer lässt sich nicht steuern!
    Alles rund um Windows - 05.07.2012 (9)
  11. Windows Sicherheitscenter deaktiviert sich ständig, Systemwiederherstellung lässt sich nicht öffnen
    Log-Analyse und Auswertung - 29.03.2012 (13)
  12. Programme lassen sich nicht öffnen!inkl. Systemsteuerung Norton antivirus ist komplett blockiert
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (5)
  13. explorer.exe startet nicht mehr, Windows-Firewall lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 12.02.2010 (7)
  14. Internet Explorer lässt sich nicht mehr öffnen
    Antiviren-, Firewall- und andere Schutzprogramme - 21.01.2010 (26)
  15. Windows Firewall lässt sich nicht aktivieren+ Explorer.exe stürzt ab.
    Log-Analyse und Auswertung - 10.12.2009 (11)
  16. Internet Explorer Hackes by und C lässt sich nicht öffnen
    Log-Analyse und Auswertung - 13.03.2009 (4)
  17. Dialer von Norton gefunden / Task-Manager lässt sich nicht öffnen
    Log-Analyse und Auswertung - 22.12.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen - Hallo zusammen Ich habe folgendes Problem: Seit gestern kann ich meinen Windows Explorer nicht mehr öffnen, d.h. wenn ich ihn auf der Taskleiste anklicke, wird der Screen für ca. eine - Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen...
Archiv
Du betrachtest: Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131