| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Live Mail startet nicht mehr nach Exe PasswortWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.05.2015, 22:40
| #1 |
 |  Windows Live Mail startet nicht mehr nach Exe Passwort Hallo, ich hatte mein Windows Live Mail mit der kostenlosen Freeware Exe Passwort 2004 geschützt. Anfangs funktionierte es prima. Doch nach ein paar Tagen konnte ich das Mail Programm nicht mehr starten und bekam immer Fehlermeldung. In einem anderem Forum hatte ich gelesen dass wohl eine Säuberung etwas bringen würde. Kann mir da jemand weiterhelfen? Viele Grüße Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Bohlsen (administrator) on BOHLSEN-TOSH on 29-05-2015 23:21:55
Running from C:\Users\Bohlsen\Desktop
Loaded Profiles: Bohlsen (Available Profiles: UpdatusUser & Bohlsen)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Dropbox, Inc.) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\System32\rpcnetp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\klwtblfs.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Run: [ZedgeToneSync] => C:\Users\Bohlsen\AppData\Local\Apps\2.0\Data\Q9E8B8KT.2PV\QNR6453Y.W26\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\MountPoints2: {eea079e5-9852-11e1-82bb-705ab6c5b054} - E:\CDStart.exe
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-04-22]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-06-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-06-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {A42BE6C4-34A3-4325-A76A-BBFB9AD7E531} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {02294691-9B82-4BD7-B3F2-0DCDC640F101} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2849900719-3015229166-850732124-1002 -> {02294691-9B82-4BD7-B3F2-0DCDC640F101} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKU\S-1-5-21-2849900719-3015229166-850732124-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2849900719-3015229166-850732124-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF user.js: detected! => C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\user.js [2014-09-12]
FF Extension: Viewtubes - C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-03-27]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-12-04]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-02]
Chrome:
=======
CHR Profile: C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-23]
CHR Extension: (Google Docs) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-23]
CHR Extension: (Google Drive) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-23]
CHR Extension: (YouTube) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-23]
CHR Extension: (Google Search) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-23]
CHR Extension: (Kaspersky Protection) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-23]
CHR Extension: (Google Sheets) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-23]
CHR Extension: (Gmail) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-23]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-04-22] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2010-07-05] () [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Dokan; C:\windows\system32\drivers\dokan.sys [106888 2010-07-06] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-05] (DT Soft Ltd)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
U5 regi; C:\Windows\System32\Drivers\regi.sys [14112 2007-04-17] (InterVideo)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S4 Usnhiflec; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 23:21 - 2015-05-29 23:23 - 00023981 _____ () C:\Users\Bohlsen\Desktop\FRST.txt
2015-05-29 23:21 - 2015-05-29 23:21 - 02108928 _____ (Farbar) C:\Users\Bohlsen\Desktop\FRST64.exe
2015-05-28 19:52 - 2015-05-28 19:52 - 00001764 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-28 19:52 - 2015-05-28 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-28 19:51 - 2015-05-28 19:52 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-28 19:51 - 2015-05-28 19:52 - 00000000 ____D () C:\Program Files\iTunes
2015-05-28 19:51 - 2015-05-28 19:51 - 00000000 ____D () C:\Program Files\iPod
2015-05-28 19:46 - 2015-05-28 19:46 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-28 19:46 - 2015-05-28 19:46 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-21 20:22 - 2015-05-28 19:33 - 00017920 _____ () C:\windows\SysWOW64\rpcnetp.dll
2015-05-21 20:20 - 2015-05-28 19:32 - 00017920 _____ () C:\windows\SysWOW64\rpcnetp.exe
2015-05-21 20:20 - 2015-05-28 19:32 - 00017920 _____ () C:\windows\system32\rpcnetp.exe
2015-05-19 17:59 - 2015-05-28 19:34 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Deployment
2015-05-19 17:59 - 2015-05-19 17:59 - 00000336 _____ () C:\Users\Bohlsen\Desktop\ToneSync for Windows.appref-ms
2015-05-19 17:59 - 2015-05-19 17:59 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS
2015-05-19 17:59 - 2015-05-19 17:59 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Apps\2.0
2015-05-19 17:47 - 2015-03-05 16:23 - 10849560 _____ (WindSolutions) C:\Users\Bohlsen\Desktop\CopyTransManager.exe
2015-05-19 17:32 - 2015-05-19 17:32 - 00000000 ____D () C:\Users\Bohlsen\Documents\iRinger Tones
2015-05-19 17:29 - 2015-05-19 18:04 - 00000000 ____D () C:\ProgramData\iRinger
2015-05-19 17:27 - 2015-05-19 17:27 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Bohlsen\Desktop\iRinger42.exe
2015-05-13 03:05 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:05 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:27 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-12 21:27 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-12 21:27 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-12 21:27 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-12 21:27 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-12 21:27 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-12 21:27 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-12 21:27 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-12 21:27 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-12 21:27 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-12 21:27 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-12 21:27 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-12 21:27 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-12 21:27 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-12 21:27 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-12 21:27 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-12 21:27 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-12 21:27 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-12 21:27 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-12 21:27 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-12 21:27 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-12 21:27 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-12 21:27 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-12 21:27 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 21:27 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-12 21:27 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-12 21:27 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-12 21:27 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-12 21:27 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-12 21:27 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-12 21:27 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-12 21:27 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-12 21:27 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-12 21:27 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-12 21:27 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-12 21:27 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-12 21:27 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-12 21:27 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-12 21:27 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-12 21:27 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-12 21:27 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-12 21:27 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-12 21:27 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-12 21:27 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-12 21:27 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 21:27 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-12 21:27 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-12 21:27 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-12 21:27 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-12 21:27 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-12 21:27 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-12 21:27 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-12 21:27 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-12 21:27 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-12 21:27 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-12 21:27 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-12 21:27 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-12 21:27 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-12 21:27 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-12 21:27 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-12 21:23 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-12 21:23 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-12 21:23 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-12 21:23 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-12 21:19 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-12 21:18 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-12 21:18 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-12 21:18 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-12 21:18 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-12 21:18 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-12 21:18 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-12 21:18 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-12 21:18 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-12 21:18 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-12 21:18 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-12 21:18 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-12 21:18 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-12 21:18 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-12 21:18 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-12 21:18 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-12 21:18 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-12 21:18 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-12 21:18 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-12 21:18 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-12 21:18 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 21:17 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-12 21:17 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-12 21:17 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-12 21:17 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-12 21:17 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-12 21:17 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-12 21:17 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-12 21:17 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-12 21:17 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-12 21:17 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-12 21:17 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-12 21:17 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-12 21:17 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-12 21:17 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-12 21:17 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-12 21:17 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-12 21:17 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-12 21:17 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-09 01:21 - 2015-05-29 14:57 - 00000000 ___RD () C:\Users\Bohlsen\Dropbox
2015-05-09 01:21 - 2015-05-09 01:21 - 00001147 _____ () C:\Users\Bohlsen\Desktop\Dropbox.lnk
2015-05-09 01:16 - 2015-05-09 01:16 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-09 01:14 - 2015-05-28 19:36 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Dropbox
2015-05-02 20:11 - 2015-05-29 18:07 - 00000000 ____D () C:\Users\Bohlsen\Desktop\Neuer Ordner
2015-05-02 19:56 - 2015-05-02 20:08 - 00000000 ____D () C:\Users\Bohlsen\Desktop\Filme
2015-05-02 19:53 - 2015-05-02 19:55 - 00000000 ____D () C:\Users\Bohlsen\Desktop\Musik
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 23:22 - 2015-04-09 18:13 - 00000000 ____D () C:\FRST
2015-05-29 22:58 - 2012-07-15 22:38 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 22:52 - 2011-06-19 13:26 - 01417629 _____ () C:\windows\WindowsUpdate.log
2015-05-29 21:56 - 2011-09-11 21:19 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-28 19:51 - 2015-02-12 17:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-28 19:51 - 2012-05-08 16:22 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-28 19:42 - 2009-07-14 06:45 - 00016080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-28 19:42 - 2009-07-14 06:45 - 00016080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-28 19:32 - 2015-04-03 13:07 - 00003832 _____ () C:\windows\setupact.log
2015-05-28 19:32 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-21 20:28 - 2015-04-05 03:00 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-05-21 20:28 - 2015-04-05 03:00 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-20 22:01 - 2014-06-18 23:16 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Adobe
2015-05-20 22:01 - 2012-07-15 22:38 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-05-20 22:01 - 2012-04-08 20:57 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-20 22:01 - 2011-12-19 22:18 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-19 17:59 - 2011-07-04 21:13 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\WindSolutions
2015-05-19 17:50 - 2011-07-04 21:10 - 00000000 ____D () C:\ProgramData\WindSolutions
2015-05-18 22:06 - 2009-07-14 19:58 - 00699682 _____ () C:\windows\system32\perfh007.dat
2015-05-18 22:06 - 2009-07-14 19:58 - 00149790 _____ () C:\windows\system32\perfc007.dat
2015-05-18 22:06 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-18 08:26 - 2015-04-03 05:26 - 00000000 ____D () C:\windows\uninstall
2015-05-18 08:26 - 2015-04-03 05:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exe Passwort
2015-05-15 17:48 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-05-13 19:35 - 2009-07-14 06:45 - 00405440 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-13 19:33 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 19:32 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-13 03:19 - 2013-07-30 02:16 - 00000000 ____D () C:\windows\system32\MRT
2015-05-13 03:09 - 2011-06-19 17:00 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 03:04 - 2013-03-14 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 03:03 - 2013-03-14 02:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 03:03 - 2013-03-14 02:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-10 03:08 - 2013-02-27 02:33 - 00000000 ____D () C:\Users\Bohlsen\BWINCOMPokerDir
2015-05-10 03:04 - 2011-07-09 22:56 - 00000000 ____D () C:\windows\System32\Tasks\Games
2015-05-09 01:21 - 2011-06-19 14:25 - 00000000 ____D () C:\Users\Bohlsen
2015-04-29 16:31 - 2014-07-15 22:59 - 00001150 _____ () C:\Users\Bohlsen\Desktop\Amazon Music.lnk
==================== Files in the root of some directories =======
2013-06-06 19:24 - 2013-06-06 19:24 - 0000055 _____ () C:\Users\Bohlsen\AppData\Roaming\mbam.context.scan
2011-09-11 21:22 - 2011-09-11 21:22 - 0017408 _____ () C:\Users\Bohlsen\AppData\Local\WebpageIcons.db
2015-05-28 19:36 - 2015-05-28 19:42 - 0055579 _____ () C:\Users\Bohlsen\AppData\Local\ZedgeLog.txt
2012-05-08 17:20 - 2012-05-08 17:20 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\Bohlsen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpejuv7d.dll
C:\Users\Bohlsen\AppData\Local\Temp\SpotifyUninstall.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 19:47
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Bohlsen at 2015-05-29 23:24:11
Running from C:\Users\Bohlsen\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2849900719-3015229166-850732124-500 - Administrator - Disabled)
Bohlsen (S-1-5-21-2849900719-3015229166-850732124-1002 - Administrator - Enabled) => C:\Users\Bohlsen
Gast (S-1-5-21-2849900719-3015229166-850732124-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2849900719-3015229166-850732124-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-2849900719-3015229166-850732124-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.5 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Amazon Amazon Music) (Version: 3.9.3.797 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.10(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.42 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Dokan Library 0.5.3 (HKLM-x32\...\DokanLibrary) (Version: - )
Dropbox (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{A20A58C4-6784-4B4B-86CC-94E2E3671031}) (Version: 7.02.8637 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
PhoenixRC (HKLM-x32\...\{7DF88245-6DD0-4186-9203-93236C2FED09}) (Version: 3.00.18 - Ihr Firmenname)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.19.409.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10722 - TeamViewer GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14563 - TeamViewer)
ToneSync for Windows (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\c2c9648a374f64d1) (Version: 1.2.3.309 - Zedge Europe AS)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{1777CCDA-F2F2-4A77-ACF4-0B7341229BBB}) (Version: 8.0.29 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - Ihr Firmenname)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1.0 - TOSHIBA CORPORATION)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.3 - TOSHIBA Corporation)
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.4.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Transport Gigant GOLD DELUXE (HKLM-x32\...\{6DCDCE92-E862-4EF2-AA81-88B581B72AD7}_is1) (Version: - UIG GmbH)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WBFS Manager 4.0 (HKLM\...\{D34C07CA-DCF0-4A5C-A4DD-55522B17F4F2}) (Version: 4.0 - WBFS)
Winamp (HKLM-x32\...\Winamp) (Version: 5.621 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
19-05-2015 17:35:36 Windows Update
21-05-2015 20:26:04 Windows Update
26-05-2015 17:47:13 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {162809AF-185D-41B1-A4CB-532D8BAA4BD7} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe
Task: {41DAEF34-6E3D-4C34-AAF3-D76E3F3D11BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4D581EBD-0398-41C1-A148-49B1E1547AFE} - System32\Tasks\{6231D0D6-7BE6-4069-AC5C-D7ED6361C52E} => pcalua.exe -a "C:\Program Files (x86)\Security Task Manager\Uninstal.exe"
Task: {5A1600A1-A0DA-47F8-8228-50FEF6C67E33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {796E9547-CE88-4C0B-AE22-BE48040E07E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2849900719-3015229166-850732124-1002
Task: {79E886A2-861A-4829-A2EC-146B03E2F07D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D43FC374-0196-4CF3-9F54-6DDC131990F3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {FCED906E-175A-4A5A-9BC7-A38120E7DF5C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-13 12:33 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-19 18:13 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-05 14:37 - 2010-07-05 14:37 - 00011776 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2015-05-21 20:20 - 2015-05-28 19:32 - 00017920 _____ () C:\windows\System32\rpcnetp.exe
2010-04-06 14:53 - 2010-04-06 14:53 - 00578936 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-05-28 19:34 - 2015-05-28 19:34 - 00043008 _____ () c:\users\bohlsen\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpejuv7d.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Bohlsen\Desktop\IMG_20150525_0001_NEW.pdf:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\myhermes.de -> hxxps://www.myhermes.de
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\windows\pss\Bluetooth Manager.lnk.CommonStartup
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Bohlsen\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KeNotify => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Bohlsen\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Bohlsen\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SVPWUTIL => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ThpSrv => C:\windows\system32\thpsrv /logon
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TRCMan => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B79BB21D-B788-412F-9E51-AE7FBA5FE54D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C31C0294-26DE-4F9E-A867-21BA56446B19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{36DACD2B-2C65-448E-B7EE-2D4BF627F9F1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1482256B-40C3-4461-ABC2-54CE3042D362}] => (Allow) svchost.exe
FirewallRules: [{58B8CF03-A57E-44E7-9E81-B1B98DC41827}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{4BDB0D97-08B9-47B7-B0F3-07EE6E6616AD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{00FF6359-BFDD-4F43-AEF5-962E77C029FB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{7A1D8FAB-580F-4B7F-A97C-2B7308E78E93}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{219FD303-A217-4420-ACD8-B026B2F06F0E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{FD577C4A-2A09-42BC-A89F-1D68C3857CA2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{FD032944-8EFE-42D0-9840-D0DCCAAE7E9C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{4AC8266A-4574-4B92-85E0-DB1065AD6B0F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{69516492-D333-4223-A75F-F154FB1D4AF9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [TCP Query User{4F503FBA-2083-46BA-A15A-13DCD2D4EE8D}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{DC2B2C7F-786A-4DF4-9768-BC9C6C173679}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{C0A85645-470C-4C44-972C-1A299BCDE4B7}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E18B42BC-998F-4035-80CA-30CDBB903CE8}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{4AE1C7C6-6F33-44F9-9767-E84B6CF57D6F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CC2F71D7-5A87-4530-B2CD-D70678AF070E}] => (Allow) LPort=2869
FirewallRules: [{4FF31DA0-77ED-41D6-A192-76366F4A997B}] => (Allow) LPort=1900
FirewallRules: [{11AF62D8-939F-45B0-92D4-F122F59921F3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{40C9CFCF-ACE4-4F54-9E13-5C2A7F29A7CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{92517F8E-91A0-4AC3-BA70-0B92D7B34E43}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{F9C28B27-450C-47FA-937D-72DE72F3BEEA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{2C795254-3AD3-4012-9EA3-09003E418D5B}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{F6270AB7-A171-47F4-9810-5724A786FF10}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{8CB5AA75-0F12-410B-B0AB-15401069AB2A}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92A6A158-67A5-4B94-A6E0-AE831C58E3F5}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6FA2BC4A-7AF1-4842-BAD1-E04950E8288A}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B395B184-ACFE-42D6-90D6-75139CEEAD07}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3878DA48-E83B-4B00-9331-E6D1627483C2}] => (Allow) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0B706FB4-F8AA-425F-BF70-788E4E9DDAE7}] => (Allow) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1C4B0562-CE15-4DEE-B36D-EFC0100C8ADD}C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A33371F7-5F70-43D6-BD75-953B58BAFB14}C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{A89C7E22-D1C5-4A88-BD56-CA337E4F4D07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C6529D5-51DB-4F39-BA51-8F42A848C2A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E6158D3-C791-446D-952A-9C686DD8E355}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{207EFC9A-B14C-43A1-9FED-8CDDE7017A1F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{841E245E-8145-45EB-AF03-5FFD3898CE17}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9859
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9859
Error: (05/29/2015 03:54:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/21/2015 08:27:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (05/29/2015 10:36:07 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (05/29/2015 03:08:01 PM) (Source: DCOM) (EventID: 10016) (User: Bohlsen-TOSH)
Description: AnwendungsspezifischLokalAktivierung{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}Bohlsen-TOSHBohlsenS-1-5-21-2849900719-3015229166-850732124-1002LocalHost (unter Verwendung von LRPC)
Error: (05/29/2015 03:08:00 PM) (Source: DCOM) (EventID: 10016) (User: Bohlsen-TOSH)
Description: AnwendungsspezifischLokalAktivierung{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}Bohlsen-TOSHBohlsenS-1-5-21-2849900719-3015229166-850732124-1002LocalHost (unter Verwendung von LRPC)
Error: (05/28/2015 07:32:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.05.2015 um 00:46:32 unerwartet heruntergefahren.
Error: (05/26/2015 05:38:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DC0C2640-1415-4644-875C-6F4D769839BA}
Error: (05/26/2015 05:34:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 26.05.2015 um 03:50:27 unerwartet heruntergefahren.
Error: (05/24/2015 06:22:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (05/24/2015 06:22:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (05/24/2015 06:19:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (05/24/2015 06:19:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Microsoft Office:
=========================
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9859
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9859
Error: (05/29/2015 03:54:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/21/2015 08:27:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity Errors:
===================================
Date: 2014-09-02 22:45:00.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:45:00.373
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:31.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:31.250
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.599
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.584
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:26:50.692
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:26:50.692
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 44%
Total physical RAM: 3954.67 MB
Available physical RAM: 2210.27 MB
Total Pagefile: 7907.55 MB
Available Pagefile: 5387.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (TI30610400A) (Fixed) (Total:455.1 GB) (Free:308.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D5D703FB)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=455.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.2 GB) - (Type=17)
==================== End of log ============================
|
|
29.05.2015, 22:58
| #2 |
| | Windows Live Mail startet nicht mehr nach Exe Passwort Fehlermeldung bei normalen Zugriff Fehlermeldung bei Zugriff "als Administrator ausführen" |
|
30.05.2015, 08:19
| #3 |
| /// the machine /// TB-Ausbilder    | Windows Live Mail startet nicht mehr nach Exe Passwort hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.05.2015, 14:59
| #4 |
| | Windows Live Mail startet nicht mehr nach Exe PasswortCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.30.01
rootkit: v2015.05.24.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Bohlsen :: BOHLSEN-TOSH [administrator]
30.05.2015 12:15:19
mbar-log-2015-05-30 (12-15-19).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 494885
Time elapsed: 1 hour(s), 33 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 15:48:19.0403 0x0504 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:48:49.0979 0x0504 ============================================================
15:48:49.0979 0x0504 Current date / time: 2015/05/30 15:48:49.0979
15:48:49.0979 0x0504 SystemInfo:
15:48:49.0979 0x0504
15:48:49.0979 0x0504 OS Version: 6.1.7601 ServicePack: 1.0
15:48:49.0979 0x0504 Product type: Workstation
15:48:49.0979 0x0504 ComputerName: BOHLSEN-TOSH
15:48:49.0994 0x0504 UserName: Bohlsen
15:48:49.0994 0x0504 Windows directory: C:\windows
15:48:49.0994 0x0504 System windows directory: C:\windows
15:48:49.0994 0x0504 Running under WOW64
15:48:49.0994 0x0504 Processor architecture: Intel x64
15:48:49.0994 0x0504 Number of processors: 4
15:48:49.0994 0x0504 Page size: 0x1000
15:48:49.0994 0x0504 Boot type: Normal boot
15:48:49.0994 0x0504 ============================================================
15:48:50.0181 0x0504 KLMD registered as C:\windows\system32\drivers\00755626.sys
15:48:50.0837 0x0504 System UUID: {6EA28D1B-0060-9DF1-250A-084918631BC0}
15:48:51.0554 0x0504 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:48:51.0570 0x0504 ============================================================
15:48:51.0570 0x0504 \Device\Harddisk0\DR0:
15:48:51.0570 0x0504 MBR partitions:
15:48:51.0570 0x0504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38E32800
15:48:51.0570 0x0504 ============================================================
15:48:51.0601 0x0504 C: <-> \Device\Harddisk0\DR0\Partition1
15:48:51.0601 0x0504 ============================================================
15:48:51.0601 0x0504 Initialize success
15:48:51.0601 0x0504 ============================================================
15:50:26.0621 0x10f8 ============================================================
15:50:26.0621 0x10f8 Scan started
15:50:26.0621 0x10f8 Mode: Manual; SigCheck; TDLFS;
15:50:26.0621 0x10f8 ============================================================
15:50:26.0621 0x10f8 KSN ping started
15:50:29.0101 0x10f8 KSN ping finished: true
15:50:30.0380 0x10f8 ================ Scan system memory ========================
15:50:30.0380 0x10f8 System memory - ok
15:50:30.0380 0x10f8 ================ Scan services =============================
15:50:30.0630 0x10f8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:50:30.0739 0x10f8 1394ohci - ok
15:50:30.0786 0x10f8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:50:30.0802 0x10f8 ACPI - ok
15:50:30.0848 0x10f8 [ 12C5274CD87449A2A37A607CDB321922, 50FA524E66A8FA04037DC954D3AB5383C633898F111A3B7488630B649B897370 ] acpials C:\windows\system32\DRIVERS\acpials.sys
15:50:30.0926 0x10f8 acpials - ok
15:50:30.0942 0x10f8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:50:31.0067 0x10f8 AcpiPmi - ok
15:50:31.0160 0x10f8 [ F84C9DEE4698DF3C1D76801B7B1B55D7, 071A3938ED7B9E20E30E873011C8039382C7EFE90D39EC8C0F3E457B2873406E ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:50:31.0192 0x10f8 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
15:50:33.0578 0x10f8 Detect skipped due to KSN trusted
15:50:33.0578 0x10f8 Adobe LM Service - ok
15:50:33.0688 0x10f8 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:50:33.0719 0x10f8 AdobeARMservice - ok
15:50:33.0844 0x10f8 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:50:33.0859 0x10f8 AdobeFlashPlayerUpdateSvc - ok
15:50:33.0953 0x10f8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
15:50:33.0984 0x10f8 adp94xx - ok
15:50:34.0046 0x10f8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
15:50:34.0078 0x10f8 adpahci - ok
15:50:34.0109 0x10f8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
15:50:34.0124 0x10f8 adpu320 - ok
15:50:34.0171 0x10f8 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:50:34.0234 0x10f8 AeLookupSvc - ok
15:50:34.0312 0x10f8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
15:50:34.0405 0x10f8 AFD - ok
15:50:34.0436 0x10f8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
15:50:34.0468 0x10f8 agp440 - ok
15:50:34.0483 0x10f8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
15:50:34.0577 0x10f8 ALG - ok
15:50:34.0608 0x10f8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
15:50:34.0624 0x10f8 aliide - ok
15:50:34.0670 0x10f8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
15:50:34.0686 0x10f8 amdide - ok
15:50:34.0717 0x10f8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
15:50:34.0826 0x10f8 AmdK8 - ok
15:50:34.0842 0x10f8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
15:50:34.0873 0x10f8 AmdPPM - ok
15:50:34.0920 0x10f8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
15:50:34.0936 0x10f8 amdsata - ok
15:50:34.0982 0x10f8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
15:50:34.0998 0x10f8 amdsbs - ok
15:50:35.0014 0x10f8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
15:50:35.0029 0x10f8 amdxata - ok
15:50:35.0092 0x10f8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
15:50:35.0170 0x10f8 AppID - ok
15:50:35.0185 0x10f8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:50:35.0232 0x10f8 AppIDSvc - ok
15:50:35.0263 0x10f8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
15:50:35.0341 0x10f8 Appinfo - ok
15:50:35.0466 0x10f8 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:50:35.0482 0x10f8 Apple Mobile Device Service - ok
15:50:35.0528 0x10f8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
15:50:35.0544 0x10f8 arc - ok
15:50:35.0575 0x10f8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
15:50:35.0606 0x10f8 arcsas - ok
15:50:35.0700 0x10f8 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:50:35.0778 0x10f8 aspnet_state - ok
15:50:35.0809 0x10f8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:50:35.0950 0x10f8 AsyncMac - ok
15:50:35.0981 0x10f8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
15:50:36.0012 0x10f8 atapi - ok
15:50:36.0121 0x10f8 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\windows\system32\DRIVERS\athrx.sys
15:50:36.0262 0x10f8 athr - ok
15:50:36.0371 0x10f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:50:36.0418 0x10f8 AudioEndpointBuilder - ok
15:50:36.0433 0x10f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
15:50:36.0480 0x10f8 AudioSrv - ok
15:50:36.0620 0x10f8 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
15:50:36.0683 0x10f8 AVP15.0.0 - ok
15:50:36.0714 0x10f8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
15:50:36.0823 0x10f8 AxInstSV - ok
15:50:36.0886 0x10f8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
15:50:36.0964 0x10f8 b06bdrv - ok
15:50:36.0995 0x10f8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
15:50:37.0026 0x10f8 b57nd60a - ok
15:50:37.0182 0x10f8 [ 5B5C36B2EC500462A715DB6BCBAF5DA7, E90EB94C89CDA0D7D6569316BFB4015CC42961076BF837ED0C931E7CBAA2BFE5 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
15:50:37.0369 0x10f8 BCM43XX - ok
15:50:37.0400 0x10f8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
15:50:37.0432 0x10f8 BDESVC - ok
15:50:37.0463 0x10f8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
15:50:37.0541 0x10f8 Beep - ok
15:50:37.0634 0x10f8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
15:50:37.0728 0x10f8 BFE - ok
15:50:37.0806 0x10f8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
15:50:38.0056 0x10f8 BITS - ok
15:50:38.0087 0x10f8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:50:38.0102 0x10f8 blbdrive - ok
15:50:38.0212 0x10f8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:50:38.0243 0x10f8 Bonjour Service - ok
15:50:38.0274 0x10f8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:50:38.0336 0x10f8 bowser - ok
15:50:38.0383 0x10f8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
15:50:38.0446 0x10f8 BrFiltLo - ok
15:50:38.0461 0x10f8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
15:50:38.0508 0x10f8 BrFiltUp - ok
15:50:38.0524 0x10f8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
15:50:38.0570 0x10f8 Browser - ok
15:50:38.0617 0x10f8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:50:38.0695 0x10f8 Brserid - ok
15:50:38.0711 0x10f8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:50:38.0758 0x10f8 BrSerWdm - ok
15:50:38.0789 0x10f8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:50:38.0820 0x10f8 BrUsbMdm - ok
15:50:38.0851 0x10f8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:50:38.0882 0x10f8 BrUsbSer - ok
15:50:38.0929 0x10f8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
15:50:38.0976 0x10f8 BTHMODEM - ok
15:50:39.0007 0x10f8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
15:50:39.0054 0x10f8 bthserv - ok
15:50:39.0101 0x10f8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:50:39.0179 0x10f8 cdfs - ok
15:50:39.0241 0x10f8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
15:50:39.0257 0x10f8 cdrom - ok
15:50:39.0304 0x10f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
15:50:39.0366 0x10f8 CertPropSvc - ok
15:50:39.0444 0x10f8 [ 41E7C4FA6491747402CFCA77CC1C7AAB, 676CD982A0D33B60A646AC7C0158F7421E395C8B4B12E544C55AF5C09E470CC5 ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
15:50:39.0475 0x10f8 cfWiMAXService - ok
15:50:39.0506 0x10f8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
15:50:39.0553 0x10f8 circlass - ok
15:50:39.0631 0x10f8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
15:50:39.0662 0x10f8 CLFS - ok
15:50:39.0740 0x10f8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:50:39.0772 0x10f8 clr_optimization_v2.0.50727_32 - ok
15:50:39.0818 0x10f8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:50:39.0834 0x10f8 clr_optimization_v2.0.50727_64 - ok
15:50:39.0928 0x10f8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:50:39.0974 0x10f8 clr_optimization_v4.0.30319_32 - ok
15:50:39.0974 0x10f8 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:50:40.0099 0x10f8 clr_optimization_v4.0.30319_64 - ok
15:50:40.0115 0x10f8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:50:40.0177 0x10f8 CmBatt - ok
15:50:40.0224 0x10f8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
15:50:40.0240 0x10f8 cmdide - ok
15:50:40.0318 0x10f8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
15:50:40.0364 0x10f8 CNG - ok
15:50:40.0396 0x10f8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
15:50:40.0396 0x10f8 Compbatt - ok
15:50:40.0427 0x10f8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
15:50:40.0474 0x10f8 CompositeBus - ok
15:50:40.0489 0x10f8 COMSysApp - ok
15:50:40.0520 0x10f8 [ CAB0EEAF5295FC96DDD3E19DCE27E131, 87BCAC18D920153322D325AA5B93BB0B447577D67261FDCC01C5B60643CEA792 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
15:50:40.0520 0x10f8 ConfigFree Service - ok
15:50:40.0552 0x10f8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
15:50:40.0567 0x10f8 crcdisk - ok
15:50:40.0630 0x10f8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\windows\system32\cryptsvc.dll
15:50:40.0739 0x10f8 CryptSvc - ok
15:50:40.0817 0x10f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
15:50:40.0910 0x10f8 DcomLaunch - ok
15:50:40.0957 0x10f8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
15:50:41.0004 0x10f8 defragsvc - ok
15:50:41.0035 0x10f8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:50:41.0082 0x10f8 DfsC - ok
15:50:41.0113 0x10f8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
15:50:41.0176 0x10f8 Dhcp - ok
15:50:41.0300 0x10f8 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\windows\system32\diagtrack.dll
15:50:41.0410 0x10f8 DiagTrack - ok
15:50:41.0441 0x10f8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
15:50:41.0503 0x10f8 discache - ok
15:50:41.0550 0x10f8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys
15:50:41.0566 0x10f8 Disk - ok
15:50:41.0612 0x10f8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:50:41.0644 0x10f8 Dnscache - ok
15:50:41.0675 0x10f8 [ 1C92CE85ED00554BDD118923E751A162, 8F91BF8ED73585FCA74320D783180C80FF4F420E5B30FCC085D5929FC1AD4373 ] Dokan C:\windows\system32\drivers\dokan.sys
15:50:41.0690 0x10f8 Dokan - ok
15:50:41.0753 0x10f8 [ CA41DFFFB8BA956FFE9729D0B3853A58, EDD138DAD37F03559D590FDF3D0DACD1BDC592054FBB2F8E4E811BB9C683D027 ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
15:50:41.0768 0x10f8 DokanMounter - detected UnsignedFile.Multi.Generic ( 1 )
15:50:44.0186 0x10f8 Detect skipped due to KSN trusted
15:50:44.0186 0x10f8 DokanMounter - ok
15:50:44.0249 0x10f8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
15:50:44.0327 0x10f8 dot3svc - ok
15:50:44.0374 0x10f8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
15:50:44.0420 0x10f8 DPS - ok
15:50:44.0467 0x10f8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:50:44.0498 0x10f8 drmkaud - ok
15:50:44.0530 0x10f8 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
15:50:44.0545 0x10f8 dtsoftbus01 - ok
15:50:44.0654 0x10f8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:50:44.0701 0x10f8 DXGKrnl - ok
15:50:44.0748 0x10f8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
15:50:44.0842 0x10f8 EapHost - ok
15:50:44.0998 0x10f8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
15:50:45.0263 0x10f8 ebdrv - ok
15:50:45.0325 0x10f8 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\windows\System32\lsass.exe
15:50:45.0388 0x10f8 EFS - ok
15:50:45.0497 0x10f8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
15:50:45.0590 0x10f8 ehRecvr - ok
15:50:45.0622 0x10f8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
15:50:45.0700 0x10f8 ehSched - ok
15:50:45.0762 0x10f8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
15:50:45.0793 0x10f8 elxstor - ok
15:50:45.0824 0x10f8 [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir C:\windows\system32\DRIVERS\enecir.sys
15:50:45.0856 0x10f8 enecir - ok
15:50:45.0887 0x10f8 [ E17EB95358F396E27D573A1B20F891F8, 23D12C2AC2CF7D3441632F1BAF43E9C7554DD9A85F2B08253710DE3C7555B540 ] enecirhid C:\windows\system32\DRIVERS\enecirhid.sys
15:50:45.0918 0x10f8 enecirhid - ok
15:50:45.0949 0x10f8 [ 8492D808C79BD6FE439F77BE84956CDF, 8B2D14C5A7FFA72144E1113B4DDAD7F1258F707442EDE0E4EF3CBB72886EFE8E ] enecirhidma C:\windows\system32\DRIVERS\enecirhidma.sys
15:50:45.0980 0x10f8 enecirhidma - ok
15:50:46.0012 0x10f8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
15:50:46.0043 0x10f8 ErrDev - ok
15:50:46.0105 0x10f8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
15:50:46.0183 0x10f8 EventSystem - ok
15:50:46.0214 0x10f8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
15:50:46.0292 0x10f8 exfat - ok
15:50:46.0339 0x10f8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:50:46.0433 0x10f8 fastfat - ok
15:50:46.0495 0x10f8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
15:50:46.0589 0x10f8 Fax - ok
15:50:46.0604 0x10f8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
15:50:46.0636 0x10f8 fdc - ok
15:50:46.0667 0x10f8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
15:50:46.0745 0x10f8 fdPHost - ok
15:50:46.0776 0x10f8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
15:50:46.0870 0x10f8 FDResPub - ok
15:50:46.0916 0x10f8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:50:46.0948 0x10f8 FileInfo - ok
15:50:46.0963 0x10f8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:50:47.0026 0x10f8 Filetrace - ok
15:50:47.0057 0x10f8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
15:50:47.0119 0x10f8 flpydisk - ok
15:50:47.0166 0x10f8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:50:47.0213 0x10f8 FltMgr - ok
15:50:47.0306 0x10f8 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\windows\system32\FntCache.dll
15:50:47.0400 0x10f8 FontCache - ok
15:50:47.0462 0x10f8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:50:47.0478 0x10f8 FontCache3.0.0.0 - ok
15:50:47.0525 0x10f8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:50:47.0540 0x10f8 FsDepends - ok
15:50:47.0556 0x10f8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:50:47.0572 0x10f8 Fs_Rec - ok
15:50:47.0618 0x10f8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:50:47.0650 0x10f8 fvevol - ok
15:50:47.0665 0x10f8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
15:50:47.0681 0x10f8 gagp30kx - ok
15:50:47.0728 0x10f8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:50:47.0743 0x10f8 GEARAspiWDM - ok
15:50:47.0806 0x10f8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
15:50:47.0915 0x10f8 gpsvc - ok
15:50:47.0946 0x10f8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:50:48.0008 0x10f8 hcw85cir - ok
15:50:48.0055 0x10f8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:50:48.0118 0x10f8 HdAudAddService - ok
15:50:48.0149 0x10f8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
15:50:48.0180 0x10f8 HDAudBus - ok
15:50:48.0211 0x10f8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
15:50:48.0227 0x10f8 HECIx64 - ok
15:50:48.0258 0x10f8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
15:50:48.0305 0x10f8 HidBatt - ok
15:50:48.0336 0x10f8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
15:50:48.0383 0x10f8 HidBth - ok
15:50:48.0414 0x10f8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
15:50:48.0445 0x10f8 HidIr - ok
15:50:48.0461 0x10f8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
15:50:48.0539 0x10f8 hidserv - ok
15:50:48.0586 0x10f8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
15:50:48.0632 0x10f8 HidUsb - ok
15:50:48.0664 0x10f8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
15:50:48.0742 0x10f8 hkmsvc - ok
15:50:48.0773 0x10f8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:50:48.0866 0x10f8 HomeGroupListener - ok
15:50:48.0882 0x10f8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:50:48.0929 0x10f8 HomeGroupProvider - ok
15:50:48.0976 0x10f8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:50:49.0007 0x10f8 HpSAMD - ok
15:50:49.0085 0x10f8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:50:49.0163 0x10f8 HTTP - ok
15:50:49.0194 0x10f8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:50:49.0210 0x10f8 hwpolicy - ok
15:50:49.0225 0x10f8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
15:50:49.0256 0x10f8 i8042prt - ok
15:50:49.0303 0x10f8 [ 85977CD13FC16069CE0AF7943A811775, 421AFFF08D14C2F55CFEF05E4A5A8B086F80BE69A927F84052A502EC5B222990 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
15:50:49.0319 0x10f8 iaStor - ok
15:50:49.0381 0x10f8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:50:49.0412 0x10f8 iaStorV - ok
15:50:49.0506 0x10f8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:50:49.0553 0x10f8 idsvc - ok
15:50:49.0600 0x10f8 IEEtwCollectorService - ok
15:50:49.0615 0x10f8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
15:50:49.0631 0x10f8 iirsp - ok
15:50:49.0678 0x10f8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
15:50:49.0724 0x10f8 IKEEXT - ok
15:50:49.0880 0x10f8 [ 490947A9AFF7CA31EF2E08F5776105EB, C817D60DBA6B276AD4EF2E0FDF5547F152294AFEF6264C28B8F4DC20B3A85515 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:50:49.0958 0x10f8 IntcAzAudAddService - ok
15:50:50.0005 0x10f8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
15:50:50.0005 0x10f8 intelide - ok
15:50:50.0052 0x10f8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
15:50:50.0083 0x10f8 intelppm - ok
15:50:50.0114 0x10f8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:50:50.0192 0x10f8 IPBusEnum - ok
15:50:50.0224 0x10f8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:50:50.0286 0x10f8 IpFilterDriver - ok
15:50:50.0348 0x10f8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:50:50.0442 0x10f8 iphlpsvc - ok
15:50:50.0473 0x10f8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:50:50.0520 0x10f8 IPMIDRV - ok
15:50:50.0567 0x10f8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:50:50.0629 0x10f8 IPNAT - ok
15:50:50.0754 0x10f8 [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:50:50.0801 0x10f8 iPod Service - ok
15:50:50.0832 0x10f8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
15:50:50.0910 0x10f8 IRENUM - ok
15:50:50.0941 0x10f8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:50:50.0972 0x10f8 isapnp - ok
15:50:51.0019 0x10f8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:50:51.0035 0x10f8 iScsiPrt - ok
15:50:51.0066 0x10f8 [ 25D602AE635A0443458FBED1A8B6E4E9, 4EAA8D88692B32EB3F699637141ADECC5A8CF4DC17EC1BBFCFB2FF5B28BBAD0E ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
15:50:51.0082 0x10f8 JMCR - ok
15:50:51.0113 0x10f8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
15:50:51.0128 0x10f8 kbdclass - ok
15:50:51.0160 0x10f8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
15:50:51.0206 0x10f8 kbdhid - ok
15:50:51.0222 0x10f8 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\windows\system32\lsass.exe
15:50:51.0253 0x10f8 KeyIso - ok
15:50:51.0347 0x10f8 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] KL1 C:\windows\system32\DRIVERS\kl1.sys
15:50:51.0394 0x10f8 KL1 - ok
15:50:51.0472 0x10f8 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\windows\system32\DRIVERS\klflt.sys
15:50:51.0503 0x10f8 klflt - ok
15:50:51.0550 0x10f8 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\windows\system32\DRIVERS\klhk.sys
15:50:51.0565 0x10f8 klhk - ok
15:50:51.0643 0x10f8 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\windows\system32\DRIVERS\klif.sys
15:50:51.0690 0x10f8 KLIF - ok
15:50:51.0737 0x10f8 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
15:50:51.0768 0x10f8 KLIM6 - ok
15:50:51.0784 0x10f8 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys
15:50:51.0799 0x10f8 klkbdflt - ok
15:50:51.0846 0x10f8 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
15:50:51.0877 0x10f8 klmouflt - ok
15:50:51.0940 0x10f8 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\windows\system32\DRIVERS\klpd.sys
15:50:51.0971 0x10f8 klpd - ok
15:50:52.0002 0x10f8 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\windows\system32\DRIVERS\kltdi.sys
15:50:52.0018 0x10f8 kltdi - ok
15:50:52.0049 0x10f8 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\windows\system32\DRIVERS\kneps.sys
15:50:52.0064 0x10f8 kneps - ok
15:50:52.0111 0x10f8 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:50:52.0127 0x10f8 KSecDD - ok
15:50:52.0142 0x10f8 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:50:52.0158 0x10f8 KSecPkg - ok
15:50:52.0189 0x10f8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
15:50:52.0252 0x10f8 ksthunk - ok
15:50:52.0283 0x10f8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
15:50:52.0361 0x10f8 KtmRm - ok
15:50:52.0392 0x10f8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
15:50:52.0470 0x10f8 LanmanServer - ok
15:50:52.0501 0x10f8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:50:52.0579 0x10f8 LanmanWorkstation - ok
15:50:52.0626 0x10f8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:50:52.0673 0x10f8 lltdio - ok
15:50:52.0704 0x10f8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
15:50:52.0798 0x10f8 lltdsvc - ok
15:50:52.0813 0x10f8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
15:50:52.0860 0x10f8 lmhosts - ok
15:50:52.0938 0x10f8 [ 23DE5B62B0445A6F874BE633C95B483E, 39A8E5BD057F5EE049FA48848C5881DCD2CFB16CD9E2A03CC9DDF35F116FEE0B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:50:52.0969 0x10f8 LMS - ok
15:50:53.0016 0x10f8 [ 41E122F6D1448C94CC05196BC41D6BFB, DC027B897A14359669C6C93CCC7FCEEA2FDCEE281489589DDAEE008FAD0B15E2 ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
15:50:53.0032 0x10f8 LPCFilter - ok
15:50:53.0063 0x10f8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
15:50:53.0078 0x10f8 LSI_FC - ok
15:50:53.0094 0x10f8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
15:50:53.0110 0x10f8 LSI_SAS - ok
15:50:53.0125 0x10f8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
15:50:53.0141 0x10f8 LSI_SAS2 - ok
15:50:53.0156 0x10f8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
15:50:53.0172 0x10f8 LSI_SCSI - ok
15:50:53.0203 0x10f8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
15:50:53.0250 0x10f8 luafv - ok
15:50:53.0281 0x10f8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
15:50:53.0297 0x10f8 Mcx2Svc - ok
15:50:53.0312 0x10f8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
15:50:53.0328 0x10f8 megasas - ok
15:50:53.0344 0x10f8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
15:50:53.0375 0x10f8 MegaSR - ok
15:50:53.0406 0x10f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
15:50:53.0468 0x10f8 MMCSS - ok
15:50:53.0515 0x10f8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
15:50:53.0578 0x10f8 Modem - ok
15:50:53.0609 0x10f8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:50:53.0640 0x10f8 monitor - ok
15:50:53.0671 0x10f8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
15:50:53.0687 0x10f8 mouclass - ok
15:50:53.0718 0x10f8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
15:50:53.0749 0x10f8 mouhid - ok
15:50:53.0812 0x10f8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:50:53.0843 0x10f8 mountmgr - ok
15:50:53.0874 0x10f8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
15:50:53.0890 0x10f8 mpio - ok
15:50:53.0921 0x10f8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:50:53.0968 0x10f8 mpsdrv - ok
15:50:54.0046 0x10f8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
15:50:54.0139 0x10f8 MpsSvc - ok
15:50:54.0186 0x10f8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:50:54.0217 0x10f8 MRxDAV - ok
15:50:54.0264 0x10f8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:50:54.0342 0x10f8 mrxsmb - ok
15:50:54.0373 0x10f8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:50:54.0436 0x10f8 mrxsmb10 - ok
15:50:54.0467 0x10f8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:50:54.0514 0x10f8 mrxsmb20 - ok
15:50:54.0545 0x10f8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
15:50:54.0560 0x10f8 msahci - ok
15:50:54.0592 0x10f8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:50:54.0607 0x10f8 msdsm - ok
15:50:54.0638 0x10f8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
15:50:54.0670 0x10f8 MSDTC - ok
15:50:54.0732 0x10f8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
15:50:54.0810 0x10f8 Msfs - ok
15:50:54.0826 0x10f8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:50:54.0888 0x10f8 mshidkmdf - ok
15:50:54.0904 0x10f8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:50:54.0919 0x10f8 msisadrv - ok
15:50:54.0950 0x10f8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:50:55.0013 0x10f8 MSiSCSI - ok
15:50:55.0013 0x10f8 msiserver - ok
15:50:55.0044 0x10f8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:50:55.0122 0x10f8 MSKSSRV - ok
15:50:55.0153 0x10f8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:50:55.0216 0x10f8 MSPCLOCK - ok
15:50:55.0231 0x10f8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:50:55.0278 0x10f8 MSPQM - ok
15:50:55.0309 0x10f8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:50:55.0340 0x10f8 MsRPC - ok
15:50:55.0356 0x10f8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
15:50:55.0372 0x10f8 mssmbios - ok
15:50:55.0403 0x10f8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:50:55.0465 0x10f8 MSTEE - ok
15:50:55.0481 0x10f8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
15:50:55.0496 0x10f8 MTConfig - ok
15:50:55.0528 0x10f8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
15:50:55.0528 0x10f8 Mup - ok
15:50:55.0590 0x10f8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
15:50:55.0684 0x10f8 napagent - ok
15:50:55.0762 0x10f8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:50:55.0824 0x10f8 NativeWifiP - ok
15:50:55.0964 0x10f8 [ 6D8FCDD5BB3B676EF58FA234073492C6, 07A69DD00E45C59CBB6FABFBD62FE897655970BE2D09997CF29D20241ED9AF13 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
15:50:56.0011 0x10f8 NBService - ok
15:50:56.0074 0x10f8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
15:50:56.0136 0x10f8 NDIS - ok
15:50:56.0167 0x10f8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:50:56.0230 0x10f8 NdisCap - ok
15:50:56.0261 0x10f8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:50:56.0323 0x10f8 NdisTapi - ok
15:50:56.0354 0x10f8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:50:56.0401 0x10f8 Ndisuio - ok
15:50:56.0432 0x10f8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:50:56.0510 0x10f8 NdisWan - ok
15:50:56.0557 0x10f8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:50:56.0604 0x10f8 NDProxy - ok
15:50:56.0635 0x10f8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:50:56.0698 0x10f8 NetBIOS - ok
15:50:56.0760 0x10f8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:50:56.0822 0x10f8 NetBT - ok
15:50:56.0838 0x10f8 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\windows\system32\lsass.exe
15:50:56.0854 0x10f8 Netlogon - ok
15:50:56.0900 0x10f8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
15:50:56.0978 0x10f8 Netman - ok
15:50:57.0056 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:57.0088 0x10f8 NetMsmqActivator - ok
15:50:57.0119 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:57.0134 0x10f8 NetPipeActivator - ok
15:50:57.0181 0x10f8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
15:50:57.0228 0x10f8 netprofm - ok
15:50:57.0290 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:57.0337 0x10f8 NetTcpActivator - ok
15:50:57.0353 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:57.0368 0x10f8 NetTcpPortSharing - ok
15:50:57.0556 0x10f8 [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
15:50:57.0680 0x10f8 Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
15:51:00.0098 0x10f8 Detect skipped due to KSN trusted
15:51:00.0098 0x10f8 Netzmanager Service - ok
15:51:00.0145 0x10f8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
15:51:00.0176 0x10f8 nfrd960 - ok
15:51:00.0223 0x10f8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
15:51:00.0317 0x10f8 NlaSvc - ok
15:51:00.0395 0x10f8 [ E32686B4E27D11F83E3F2844E104C66C, 9EE5A95EA4779387ECD6DCAB7A72D22E1E6D98501DCAED8884CCC97B0FF618A0 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
15:51:00.0410 0x10f8 NMIndexingService - ok
15:51:00.0442 0x10f8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
15:51:00.0488 0x10f8 Npfs - ok
15:51:00.0520 0x10f8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
15:51:00.0598 0x10f8 nsi - ok
15:51:00.0629 0x10f8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:51:00.0722 0x10f8 nsiproxy - ok
15:51:00.0847 0x10f8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:51:00.0910 0x10f8 Ntfs - ok
15:51:00.0941 0x10f8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
15:51:00.0988 0x10f8 Null - ok
15:51:01.0034 0x10f8 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
15:51:01.0066 0x10f8 NVHDA - ok
15:51:01.0518 0x10f8 [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
15:51:02.0033 0x10f8 nvlddmkm - ok
15:51:02.0080 0x10f8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:51:02.0095 0x10f8 nvraid - ok
15:51:02.0142 0x10f8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:51:02.0173 0x10f8 nvstor - ok
15:51:02.0236 0x10f8 [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc C:\windows\system32\nvvsvc.exe
15:51:02.0282 0x10f8 nvsvc - ok
15:51:02.0392 0x10f8 [ 5958FD5BB5ACEFE370E064B5B737C6AF, D3859451870CA39E373BEB79A944D877ED66850A6AAC55396E7ED8963B24F923 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:51:02.0470 0x10f8 nvUpdatusService - ok
15:51:02.0501 0x10f8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:51:02.0516 0x10f8 nv_agp - ok
15:51:02.0532 0x10f8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:51:02.0579 0x10f8 ohci1394 - ok
15:51:02.0657 0x10f8 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:51:02.0672 0x10f8 ose - ok
15:51:02.0735 0x10f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:51:02.0813 0x10f8 p2pimsvc - ok
15:51:02.0860 0x10f8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
15:51:02.0891 0x10f8 p2psvc - ok
15:51:02.0922 0x10f8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
15:51:02.0969 0x10f8 Parport - ok
15:51:03.0000 0x10f8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
15:51:03.0016 0x10f8 partmgr - ok
15:51:03.0062 0x10f8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
15:51:03.0094 0x10f8 PcaSvc - ok
15:51:03.0125 0x10f8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
15:51:03.0140 0x10f8 pci - ok
15:51:03.0172 0x10f8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
15:51:03.0187 0x10f8 pciide - ok
15:51:03.0218 0x10f8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
15:51:03.0250 0x10f8 pcmcia - ok
15:51:03.0265 0x10f8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
15:51:03.0281 0x10f8 pcw - ok
15:51:03.0343 0x10f8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:51:03.0421 0x10f8 PEAUTH - ok
15:51:03.0515 0x10f8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
15:51:03.0562 0x10f8 PerfHost - ok
15:51:03.0608 0x10f8 [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
15:51:03.0640 0x10f8 PGEffect - ok
15:51:03.0733 0x10f8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
15:51:03.0842 0x10f8 pla - ok
15:51:03.0889 0x10f8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:51:03.0936 0x10f8 PlugPlay - ok
15:51:03.0967 0x10f8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:51:04.0014 0x10f8 PNRPAutoReg - ok
15:51:04.0045 0x10f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:51:04.0061 0x10f8 PNRPsvc - ok
15:51:04.0123 0x10f8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:51:04.0201 0x10f8 PolicyAgent - ok
15:51:04.0248 0x10f8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
15:51:04.0342 0x10f8 Power - ok
15:51:04.0404 0x10f8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:51:04.0466 0x10f8 PptpMiniport - ok
15:51:04.0498 0x10f8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
15:51:04.0529 0x10f8 Processor - ok
15:51:04.0591 0x10f8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
15:51:04.0654 0x10f8 ProfSvc - ok
15:51:04.0669 0x10f8 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\windows\system32\lsass.exe
15:51:04.0685 0x10f8 ProtectedStorage - ok
15:51:04.0700 0x10f8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:51:04.0778 0x10f8 Psched - ok
15:51:04.0888 0x10f8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
15:51:04.0966 0x10f8 ql2300 - ok
15:51:04.0981 0x10f8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
15:51:04.0997 0x10f8 ql40xx - ok
15:51:05.0028 0x10f8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
15:51:05.0059 0x10f8 QWAVE - ok
15:51:05.0075 0x10f8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:51:05.0106 0x10f8 QWAVEdrv - ok
15:51:05.0122 0x10f8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:51:05.0184 0x10f8 RasAcd - ok
15:51:05.0231 0x10f8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:51:05.0293 0x10f8 RasAgileVpn - ok
15:51:05.0324 0x10f8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
15:51:05.0387 0x10f8 RasAuto - ok
15:51:05.0434 0x10f8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:51:05.0496 0x10f8 Rasl2tp - ok
15:51:05.0527 0x10f8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
15:51:05.0605 0x10f8 RasMan - ok
15:51:05.0636 0x10f8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:51:05.0730 0x10f8 RasPppoe - ok
15:51:05.0746 0x10f8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:51:05.0808 0x10f8 RasSstp - ok
15:51:05.0855 0x10f8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:51:05.0917 0x10f8 rdbss - ok
15:51:05.0948 0x10f8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
15:51:05.0980 0x10f8 rdpbus - ok
15:51:05.0995 0x10f8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:51:06.0089 0x10f8 RDPCDD - ok
15:51:06.0104 0x10f8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:51:06.0167 0x10f8 RDPENCDD - ok
15:51:06.0167 0x10f8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:51:06.0229 0x10f8 RDPREFMP - ok
15:51:06.0307 0x10f8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
15:51:06.0354 0x10f8 RdpVideoMiniport - ok
15:51:06.0401 0x10f8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:51:06.0448 0x10f8 RDPWD - ok
15:51:06.0479 0x10f8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:51:06.0510 0x10f8 rdyboost - ok
15:51:06.0541 0x10f8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
15:51:06.0635 0x10f8 RemoteAccess - ok
15:51:06.0666 0x10f8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:51:06.0744 0x10f8 RemoteRegistry - ok
15:51:06.0791 0x10f8 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
15:51:06.0838 0x10f8 ROOTMODEM - ok
15:51:06.0853 0x10f8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:51:06.0916 0x10f8 RpcEptMapper - ok
15:51:06.0947 0x10f8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
15:51:06.0994 0x10f8 RpcLocator - ok
15:51:07.0087 0x10f8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
15:51:07.0150 0x10f8 RpcSs - ok
15:51:07.0181 0x10f8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:51:07.0243 0x10f8 rspndr - ok
15:51:07.0306 0x10f8 [ 134DFDB9778A6BD1BBE7E8FE50D324C6, 35E76F09788011757F63865E08FDD6E4B26CDAC951B4FB0B75B4CCEEC4E07A8F ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
15:51:07.0352 0x10f8 RTL8167 - ok
15:51:07.0368 0x10f8 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\windows\system32\lsass.exe
15:51:07.0384 0x10f8 SamSs - ok
15:51:07.0415 0x10f8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:51:07.0430 0x10f8 sbp2port - ok
15:51:07.0462 0x10f8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
15:51:07.0524 0x10f8 SCardSvr - ok
15:51:07.0540 0x10f8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:51:07.0618 0x10f8 scfilter - ok
15:51:07.0711 0x10f8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
15:51:07.0836 0x10f8 Schedule - ok
15:51:07.0883 0x10f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
15:51:07.0930 0x10f8 SCPolicySvc - ok
15:51:07.0976 0x10f8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\drivers\sdbus.sys
15:51:08.0023 0x10f8 sdbus - ok
15:51:08.0070 0x10f8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:51:08.0117 0x10f8 SDRSVC - ok
15:51:08.0148 0x10f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
15:51:08.0195 0x10f8 secdrv - ok
15:51:08.0226 0x10f8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
15:51:08.0288 0x10f8 seclogon - ok
15:51:08.0304 0x10f8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
15:51:08.0366 0x10f8 SENS - ok
15:51:08.0398 0x10f8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
15:51:08.0429 0x10f8 SensrSvc - ok
15:51:08.0460 0x10f8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
15:51:08.0491 0x10f8 Serenum - ok
15:51:08.0538 0x10f8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
15:51:08.0569 0x10f8 Serial - ok
15:51:08.0616 0x10f8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
15:51:08.0632 0x10f8 sermouse - ok
15:51:08.0663 0x10f8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
15:51:08.0710 0x10f8 SessionEnv - ok
15:51:08.0741 0x10f8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:51:08.0819 0x10f8 sffdisk - ok
15:51:08.0850 0x10f8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:51:08.0866 0x10f8 sffp_mmc - ok
15:51:08.0881 0x10f8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:51:08.0912 0x10f8 sffp_sd - ok
15:51:08.0944 0x10f8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
15:51:08.0975 0x10f8 sfloppy - ok
15:51:09.0037 0x10f8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:51:09.0084 0x10f8 SharedAccess - ok
15:51:09.0115 0x10f8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:51:09.0178 0x10f8 ShellHWDetection - ok
15:51:09.0209 0x10f8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
15:51:09.0224 0x10f8 SiSRaid2 - ok
15:51:09.0240 0x10f8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
15:51:09.0256 0x10f8 SiSRaid4 - ok
15:51:09.0287 0x10f8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
15:51:09.0334 0x10f8 Smb - ok
15:51:09.0365 0x10f8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:51:09.0396 0x10f8 SNMPTRAP - ok
15:51:09.0427 0x10f8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
15:51:09.0443 0x10f8 spldr - ok
15:51:09.0490 0x10f8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
15:51:09.0536 0x10f8 Spooler - ok
15:51:09.0739 0x10f8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
15:51:09.0958 0x10f8 sppsvc - ok
15:51:09.0989 0x10f8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:51:10.0082 0x10f8 sppuinotify - ok
15:51:10.0160 0x10f8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
15:51:10.0238 0x10f8 srv - ok
15:51:10.0270 0x10f8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:51:10.0316 0x10f8 srv2 - ok
15:51:10.0348 0x10f8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:51:10.0363 0x10f8 srvnet - ok
15:51:10.0379 0x10f8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:51:10.0441 0x10f8 SSDPSRV - ok
15:51:10.0441 0x10f8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
15:51:10.0504 0x10f8 SstpSvc - ok
15:51:10.0535 0x10f8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
15:51:10.0550 0x10f8 stexstor - ok
15:51:10.0613 0x10f8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
15:51:10.0660 0x10f8 stisvc - ok
15:51:10.0691 0x10f8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
15:51:10.0691 0x10f8 swenum - ok
15:51:10.0753 0x10f8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
15:51:10.0816 0x10f8 swprv - ok
15:51:10.0862 0x10f8 [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
15:51:10.0878 0x10f8 SynTP - ok
15:51:10.0987 0x10f8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
15:51:11.0112 0x10f8 SysMain - ok
15:51:11.0159 0x10f8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
15:51:11.0206 0x10f8 TabletInputService - ok
15:51:11.0237 0x10f8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
15:51:11.0284 0x10f8 TapiSrv - ok
15:51:11.0315 0x10f8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
15:51:11.0362 0x10f8 TBS - ok
15:51:11.0486 0x10f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:51:11.0564 0x10f8 Tcpip - ok
15:51:11.0674 0x10f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:51:11.0752 0x10f8 TCPIP6 - ok
15:51:11.0783 0x10f8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:51:11.0798 0x10f8 tcpipreg - ok
15:51:11.0845 0x10f8 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
15:51:11.0861 0x10f8 tdcmdpst - ok
15:51:11.0892 0x10f8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:51:11.0970 0x10f8 TDPIPE - ok
15:51:11.0986 0x10f8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:51:12.0048 0x10f8 TDTCP - ok
15:51:12.0110 0x10f8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:51:12.0157 0x10f8 tdx - ok
15:51:12.0344 0x10f8 [ 8A9828975A857E477EFEF5A61BA45AC0, 90020839E900EC80D7439F3F925E39BDFD389C77C1B99B70D890552DA6E985BE ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
15:51:12.0422 0x10f8 TeamViewer6 - ok
15:51:12.0594 0x10f8 [ 5E53CF8AD0FD33B35000C113656AB37B, D274DABC4DB03AC5B915F5111FF1218F4F2F9EC93B4A64E426BB7AD27A16C7A1 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
15:51:12.0688 0x10f8 TeamViewer7 - ok
15:51:12.0812 0x10f8 [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
15:51:12.0828 0x10f8 TelekomNM6 - ok
15:51:12.0859 0x10f8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
15:51:12.0890 0x10f8 TermDD - ok
15:51:12.0953 0x10f8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
15:51:13.0000 0x10f8 TermService - ok
15:51:13.0031 0x10f8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
15:51:13.0062 0x10f8 Themes - ok
15:51:13.0124 0x10f8 [ C013F6ACAA9761F571BD28DADA7C157D, E57246132B36FE38D4B177AAE3367D25AF28449201CD4D02CB7957C32AF02AC6 ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
15:51:13.0140 0x10f8 Thpdrv - ok
15:51:13.0156 0x10f8 [ B4E609047434ED948AF7BDEF2FA66E38, 353B7A120E532E9CDF0DE91EC39DF5B9B92A1A99B537FF4FB0D1EA13DBE30D17 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
15:51:13.0171 0x10f8 Thpevm - ok
15:51:13.0218 0x10f8 [ F6927BBA3B09AFF26A53A9191F7378F9, ECB6FD262882E9E2714DC61A634045B4C4906BF159A42ECB5D3166BD42EC65D1 ] Thpsrv C:\windows\system32\ThpSrv.exe
15:51:13.0249 0x10f8 Thpsrv - ok
15:51:13.0280 0x10f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
15:51:13.0327 0x10f8 THREADORDER - ok
15:51:13.0358 0x10f8 [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv C:\windows\system32\TODDSrv.exe
15:51:13.0374 0x10f8 TODDSrv - ok
15:51:13.0452 0x10f8 [ 98C864481D62F86EC8AF65BE3419A95B, 61F0C7CBFAB151FBB62081A37C655D4E818A558E140F3F3BA5C26B024AE24EBB ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:51:13.0499 0x10f8 TosCoSrv - ok
15:51:13.0546 0x10f8 [ 895F6972480306CB2A2A246991E34C68, DB627A5FE8C7344D0F04B31F6A040586B7D563BF70EC5EA021D732189612A645 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:51:13.0577 0x10f8 TOSHIBA Bluetooth Service - ok
15:51:13.0624 0x10f8 [ 2AB7A4697462EDB0C9DFAFC529746BA9, 4EAF4839CA35C8FCE9C086D43E7417E52F0714A2227AE983C0B5C88A66A1B554 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
15:51:13.0639 0x10f8 TOSHIBA eco Utility Service - ok
15:51:13.0686 0x10f8 [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
15:51:13.0702 0x10f8 TOSHIBA HDD SSD Alert Service - ok
15:51:13.0733 0x10f8 [ 8021F63311797085949FA387F7C83583, 7781994B9F06784807D32FD5A93C5406A441908870B1328BBDA9D15C5DD98C1B ] tosporte C:\windows\system32\DRIVERS\tosporte.sys
15:51:13.0748 0x10f8 tosporte - ok
15:51:13.0780 0x10f8 [ 1B09357180034639E62CF745E77AC66E, CF8B6FFFB97EE06B3415F0D542C7362CD2B4D9FA8287EC4CE962CC5C4C666B7F ] tosrfbd C:\windows\system32\DRIVERS\tosrfbd.sys
15:51:13.0795 0x10f8 tosrfbd - ok
15:51:13.0811 0x10f8 [ 62512B5277D88600F8BD4B7AEC43569D, 94724FEF7CD61E8E614921C94B24237E7E7E51DA6B9530E953F37E010F94F504 ] tosrfbnp C:\windows\system32\Drivers\tosrfbnp.sys
15:51:13.0811 0x10f8 tosrfbnp - ok
15:51:13.0842 0x10f8 [ C523A9186C39D65CC9ADEBB2E1B93CCD, B04E73CAFFD8100512686F3487D28FE62AC3538F6A71DBC94AA724824256E2E4 ] Tosrfcom C:\windows\system32\Drivers\tosrfcom.sys
15:51:13.0842 0x10f8 Tosrfcom - ok
15:51:13.0873 0x10f8 [ 11699D47B3491D86249C168496D55C92, BAE7DC248F44BB036641C1E60103F368B7BFE1AAFDCB4BD25FE9A3A970B3A572 ] tosrfec C:\windows\system32\DRIVERS\tosrfec.sys
15:51:13.0889 0x10f8 tosrfec - ok
15:51:13.0904 0x10f8 [ 451B8C1815C6CC39650AF916C2A382CD, 562B90A9D15F728D76E274FD165D82AACED54B29910001C8C7DB1E3DE9386E16 ] Tosrfhid C:\windows\system32\DRIVERS\Tosrfhid.sys
15:51:13.0904 0x10f8 Tosrfhid - ok
15:51:13.0951 0x10f8 [ B6FDC3C76FFE9C5171EEA9C37EA367C2, 4F8D4E2E37164DB91F396B836BD888CF221010103CF3FBECE00B747155819374 ] tosrfnds C:\windows\system32\DRIVERS\tosrfnds.sys
15:51:13.0951 0x10f8 tosrfnds - ok
15:51:13.0998 0x10f8 [ E1E045240C1184FA6628F3C7E7FF85D8, ECCC7C3D015D46D36A8BDF463BF274F5FD0A04F391B6576998035FE188CF8853 ] TosRfSnd C:\windows\system32\drivers\tosrfsnd.sys
15:51:14.0014 0x10f8 TosRfSnd - ok
15:51:14.0045 0x10f8 [ DE44A2A2459D0504F146E599F4BD2074, E400F8E0C9D9CC8A523765754634073F531E7B76E8135A734DA976EA86AC5282 ] Tosrfusb C:\windows\system32\DRIVERS\tosrfusb.sys
15:51:14.0060 0x10f8 Tosrfusb - ok
15:51:14.0123 0x10f8 [ 97687D094AA597DA366E1194B218CC6C, 8A617E1901235518FDB7504FCDCE641D9F7C5D256A11D5FEFD35E7696972E2B8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
15:51:14.0170 0x10f8 TPCHSrv - ok
15:51:14.0216 0x10f8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
15:51:14.0294 0x10f8 TrkWks - ok
15:51:14.0357 0x10f8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:51:14.0450 0x10f8 TrustedInstaller - ok
15:51:14.0497 0x10f8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:51:14.0528 0x10f8 tssecsrv - ok
15:51:14.0560 0x10f8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:51:14.0591 0x10f8 TsUsbFlt - ok
15:51:14.0638 0x10f8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:51:14.0684 0x10f8 tunnel - ok
15:51:14.0716 0x10f8 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
15:51:14.0716 0x10f8 TVALZ - ok
15:51:14.0747 0x10f8 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
15:51:14.0762 0x10f8 TVALZFL - ok
15:51:14.0778 0x10f8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
15:51:14.0794 0x10f8 uagp35 - ok
15:51:14.0825 0x10f8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:51:14.0903 0x10f8 udfs - ok
15:51:14.0934 0x10f8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
15:51:14.0965 0x10f8 UI0Detect - ok
15:51:14.0981 0x10f8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:51:14.0996 0x10f8 uliagpkx - ok
15:51:15.0043 0x10f8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
15:51:15.0090 0x10f8 umbus - ok
15:51:15.0137 0x10f8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
15:51:15.0168 0x10f8 UmPass - ok
15:51:15.0308 0x10f8 [ CC3775100ABA633984F73DFAE1F55CAE, 845F129289BB73FD78A6C3B497F17BA973FD691BC9242200F81993417C803FE9 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:51:15.0386 0x10f8 UNS - ok
15:51:15.0480 0x10f8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
15:51:15.0542 0x10f8 upnphost - ok
15:51:15.0589 0x10f8 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
15:51:15.0652 0x10f8 USBAAPL64 - ok
15:51:15.0683 0x10f8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:51:15.0745 0x10f8 usbccgp - ok
15:51:15.0776 0x10f8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
15:51:15.0854 0x10f8 usbcir - ok
15:51:15.0870 0x10f8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
15:51:15.0917 0x10f8 usbehci - ok
15:51:15.0964 0x10f8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:51:15.0979 0x10f8 usbhub - ok
15:51:16.0026 0x10f8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
15:51:16.0026 0x10f8 usbohci - ok
15:51:16.0073 0x10f8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:51:16.0120 0x10f8 usbprint - ok
15:51:16.0151 0x10f8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
15:51:16.0198 0x10f8 usbscan - ok
15:51:16.0244 0x10f8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
15:51:16.0276 0x10f8 USBSTOR - ok
15:51:16.0307 0x10f8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:51:16.0354 0x10f8 usbuhci - ok
15:51:16.0400 0x10f8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
15:51:16.0494 0x10f8 usbvideo - ok
15:51:16.0510 0x10f8 Usnhiflec - ok
15:51:16.0525 0x10f8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
15:51:16.0603 0x10f8 UxSms - ok
15:51:16.0634 0x10f8 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\windows\system32\lsass.exe
15:51:16.0650 0x10f8 VaultSvc - ok
15:51:16.0666 0x10f8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:51:16.0681 0x10f8 vdrvroot - ok
15:51:16.0728 0x10f8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
15:51:16.0790 0x10f8 vds - ok
15:51:16.0806 0x10f8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:51:16.0868 0x10f8 vga - ok
15:51:16.0900 0x10f8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
15:51:16.0978 0x10f8 VgaSave - ok
15:51:17.0009 0x10f8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:51:17.0024 0x10f8 vhdmp - ok
15:51:17.0056 0x10f8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
15:51:17.0071 0x10f8 viaide - ok
15:51:17.0087 0x10f8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:51:17.0102 0x10f8 volmgr - ok
15:51:17.0149 0x10f8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:51:17.0165 0x10f8 volmgrx - ok
15:51:17.0196 0x10f8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
15:51:17.0212 0x10f8 volsnap - ok
15:51:17.0258 0x10f8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
15:51:17.0274 0x10f8 vsmraid - ok
15:51:17.0368 0x10f8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
15:51:17.0477 0x10f8 VSS - ok
15:51:17.0508 0x10f8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:51:17.0539 0x10f8 vwifibus - ok
15:51:17.0555 0x10f8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:51:17.0586 0x10f8 vwififlt - ok
15:51:17.0617 0x10f8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
15:51:17.0664 0x10f8 vwifimp - ok
15:51:17.0742 0x10f8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
15:51:17.0804 0x10f8 W32Time - ok
15:51:17.0836 0x10f8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
15:51:17.0882 0x10f8 WacomPen - ok
15:51:17.0914 0x10f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:51:17.0992 0x10f8 WANARP - ok
15:51:17.0992 0x10f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:51:18.0038 0x10f8 Wanarpv6 - ok
15:51:18.0116 0x10f8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
15:51:18.0241 0x10f8 wbengine - ok
15:51:18.0288 0x10f8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:51:18.0319 0x10f8 WbioSrvc - ok
15:51:18.0366 0x10f8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
15:51:18.0428 0x10f8 wcncsvc - ok
15:51:18.0444 0x10f8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:51:18.0491 0x10f8 WcsPlugInService - ok
15:51:18.0506 0x10f8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
15:51:18.0522 0x10f8 Wd - ok
15:51:18.0616 0x10f8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:51:18.0662 0x10f8 Wdf01000 - ok
15:51:18.0709 0x10f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
15:51:18.0756 0x10f8 WdiServiceHost - ok
15:51:18.0756 0x10f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
15:51:18.0772 0x10f8 WdiSystemHost - ok
15:51:18.0834 0x10f8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
15:51:18.0896 0x10f8 WebClient - ok
15:51:18.0912 0x10f8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
15:51:18.0974 0x10f8 Wecsvc - ok
15:51:18.0990 0x10f8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
15:51:19.0037 0x10f8 wercplsupport - ok
15:51:19.0052 0x10f8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
15:51:19.0099 0x10f8 WerSvc - ok
15:51:19.0146 0x10f8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:51:19.0193 0x10f8 WfpLwf - ok
15:51:19.0208 0x10f8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:51:19.0224 0x10f8 WIMMount - ok
15:51:19.0255 0x10f8 WinDefend - ok
15:51:19.0286 0x10f8 WinHttpAutoProxySvc - ok
15:51:19.0349 0x10f8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:51:19.0458 0x10f8 Winmgmt - ok
15:51:19.0598 0x10f8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
15:51:19.0708 0x10f8 WinRM - ok
15:51:19.0770 0x10f8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\drivers\WinUsb.sys
15:51:19.0817 0x10f8 WinUsb - ok
15:51:19.0895 0x10f8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
15:51:19.0957 0x10f8 Wlansvc - ok
15:51:20.0160 0x10f8 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:51:20.0254 0x10f8 wlidsvc - ok
15:51:20.0269 0x10f8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
15:51:20.0316 0x10f8 WmiAcpi - ok
15:51:20.0363 0x10f8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:51:20.0425 0x10f8 wmiApSrv - ok
15:51:20.0456 0x10f8 WMPNetworkSvc - ok
15:51:20.0472 0x10f8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
15:51:20.0503 0x10f8 WPCSvc - ok
15:51:20.0534 0x10f8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:51:20.0566 0x10f8 WPDBusEnum - ok
15:51:20.0597 0x10f8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:51:20.0659 0x10f8 ws2ifsl - ok
15:51:20.0675 0x10f8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
15:51:20.0737 0x10f8 wscsvc - ok
15:51:20.0737 0x10f8 WSearch - ok
15:51:20.0878 0x10f8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\windows\system32\wuaueng.dll
15:51:21.0034 0x10f8 wuauserv - ok
15:51:21.0065 0x10f8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:51:21.0127 0x10f8 WudfPf - ok
15:51:21.0158 0x10f8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
15:51:21.0190 0x10f8 WUDFRd - ok
15:51:21.0221 0x10f8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:51:21.0252 0x10f8 wudfsvc - ok
15:51:21.0299 0x10f8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
15:51:21.0392 0x10f8 WwanSvc - ok
15:51:21.0424 0x10f8 ================ Scan global ===============================
15:51:21.0455 0x10f8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
15:51:21.0517 0x10f8 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\windows\system32\winsrv.dll
15:51:21.0533 0x10f8 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\windows\system32\winsrv.dll
15:51:21.0564 0x10f8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
15:51:21.0611 0x10f8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
15:51:21.0626 0x10f8 [ Global ] - ok
15:51:21.0626 0x10f8 ================ Scan MBR ==================================
15:51:21.0626 0x10f8 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
15:51:22.0001 0x10f8 \Device\Harddisk0\DR0 - ok
15:51:22.0001 0x10f8 ================ Scan VBR ==================================
15:51:22.0001 0x10f8 [ D52812608B2B5CC3A8F9FB4B98A9B9D1 ] \Device\Harddisk0\DR0\Partition1
15:51:22.0001 0x10f8 \Device\Harddisk0\DR0\Partition1 - ok
15:51:22.0001 0x10f8 ================ Scan generic autorun ======================
15:51:22.0094 0x10f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:51:22.0172 0x10f8 Sidebar - ok
15:51:22.0204 0x10f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:51:22.0250 0x10f8 mctadmin - ok
15:51:22.0313 0x10f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:51:22.0375 0x10f8 Sidebar - ok
15:51:22.0375 0x10f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:51:22.0406 0x10f8 mctadmin - ok
15:51:22.0438 0x10f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:51:22.0500 0x10f8 Sidebar - ok
15:51:22.0500 0x10f8 TOSHIBA Online Product Information - ok
15:51:22.0516 0x10f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:51:22.0547 0x10f8 mctadmin - ok
15:51:22.0609 0x10f8 SysOff - ok
15:51:22.0672 0x10f8 [ 175CE6C35FF720F0140E3E59A93166CA, 8A75C4BE62FBC8E907AF2DB9E3FF13C11525A2F86A7D62DA63698C2A04F7678B ] C:\Users\Bohlsen\AppData\Local\Apps\2.0\Data\Q9E8B8KT.2PV\QNR6453Y.W26\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms
15:51:22.0812 0x10f8 ZedgeToneSync - detected UnsignedFile.Multi.Generic ( 1 )
15:51:25.0324 0x10f8 ZedgeToneSync ( UnsignedFile.Multi.Generic ) - warning
15:51:25.0324 0x10f8 Force sending object to P2P due to detect: C:\Users\Bohlsen\AppData\Local\Apps\2.0\Data\Q9E8B8KT.2PV\QNR6453Y.W26\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms
15:51:28.0568 0x10f8 Object send P2P result: true
15:51:31.0205 0x10f8 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
15:51:31.0205 0x10f8 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
15:51:33.0670 0x10f8 ============================================================
15:51:33.0670 0x10f8 Scan finished
15:51:33.0670 0x10f8 ============================================================
15:51:33.0685 0x10d0 Detected object count: 1
15:51:33.0685 0x10d0 Actual detected object count: 1
15:52:13.0575 0x10d0 ZedgeToneSync ( UnsignedFile.Multi.Generic ) - skipped by user
15:52:13.0575 0x10d0 ZedgeToneSync ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
31.05.2015, 05:50
| #5 |
| /// the machine /// TB-Ausbilder | Windows Live Mail startet nicht mehr nach Exe Passwort hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2015, 09:45
| #6 |
| | Windows Live Mail startet nicht mehr nach Exe PasswortCode:
ATTFilter ComboFix 15-05-28.01 - Bohlsen 31.05.2015 10:22:15.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3955.1710 [GMT 2:00]
ausgeführt von:: c:\users\Bohlsen\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-04-28 bis 2015-05-31 ))))))))))))))))))))))))))))))
.
.
2015-05-31 08:32 . 2015-05-31 08:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-05-31 08:32 . 2015-05-31 08:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-30 10:15 . 2015-05-30 13:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-30 09:52 . 2015-05-30 09:52 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68396469-7295-4DD4-98EA-8906E106166D}\offreg.5528.dll
2015-05-29 13:14 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68396469-7295-4DD4-98EA-8906E106166D}\mpengine.dll
2015-05-28 17:51 . 2015-05-28 17:52 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-28 17:51 . 2015-05-28 17:52 -------- d-----w- c:\program files\iTunes
2015-05-28 17:51 . 2015-05-28 17:51 -------- d-----w- c:\program files\iPod
2015-05-28 17:46 . 2015-05-28 17:46 -------- d-----w- c:\program files (x86)\Bonjour
2015-05-28 17:46 . 2015-05-28 17:46 -------- d-----w- c:\program files\Bonjour
2015-05-21 18:22 . 2015-05-28 17:33 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2015-05-21 18:20 . 2015-05-28 17:32 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2015-05-21 18:20 . 2015-05-28 17:32 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2015-05-19 15:59 . 2015-05-19 15:59 -------- d-----w- c:\users\Bohlsen\AppData\Local\Apps
2015-05-19 15:59 . 2015-05-30 10:06 -------- d-----w- c:\users\Bohlsen\AppData\Local\Deployment
2015-05-19 15:29 . 2015-05-19 16:04 -------- d-----w- c:\programdata\iRinger
2015-05-13 01:05 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 01:05 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:23 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-12 19:23 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-12 19:23 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-12 19:23 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-12 19:19 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2015-05-12 19:17 . 2015-04-08 03:29 1736192 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-05-08 23:21 . 2015-05-30 10:07 -------- d-----r- c:\users\Bohlsen\Dropbox
2015-05-08 23:14 . 2015-05-30 10:07 -------- d-----w- c:\users\Bohlsen\AppData\Roaming\Dropbox
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-30 10:15 . 2014-12-06 14:43 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-30 10:11 . 2014-12-03 16:40 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-20 20:01 . 2012-04-08 18:57 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-20 20:01 . 2011-12-19 20:18 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-13 01:09 . 2011-06-19 15:00 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-04-27 19:04 . 2015-05-12 19:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-25 03:24 . 2015-04-17 14:02 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-17 14:02 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-17 14:02 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-17 14:02 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-17 14:02 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-17 14:02 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-17 14:02 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-17 14:02 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-17 14:02 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-17 14:02 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-17 14:02 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-17 14:02 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-17 14:02 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-17 14:02 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-17 14:02 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-17 14:02 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-17 14:01 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-17 14:01 769536 ----a-w- c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-17 14:01 419840 ----a-w- c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-17 14:01 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-17 14:01 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-17 14:01 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-23 03:24 . 2015-04-17 14:01 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-23 03:17 . 2015-04-17 14:01 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-03-10 03:25 . 2015-04-17 14:01 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-17 14:01 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-17 14:01 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-17 14:01 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-17 14:01 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-17 14:01 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-03-04 04:55 . 2015-04-17 13:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-17 13:55 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-12 19:17 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-12 19:17 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-04-17 13:55 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-12 19:17 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-12 19:17 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-12 19:17 2560 ----a-w- c:\windows\apppatch\AcRes.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZedgeToneSync"="c:\users\Bohlsen\AppData\Local\Apps\2.0\Data\Q9E8B8KT.2PV\QNR6453Y.W26\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup" [X]
.
c:\users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-9 43374104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-4-22 113664]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [x]
R3 acpials;ALS-Sensorfilter;c:\windows\system32\DRIVERS\acpials.sys;c:\windows\SYSNATIVE\DRIVERS\acpials.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 Usnhiflec;Usnhiflec; [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys;c:\windows\SYSNATIVE\drivers\dokan.sys [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhidma.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 53683951
*Deregistered* - 53683951
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 20:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-05-05 03:08 184856 ----a-w- c:\users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-06 169768]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: Free YouTube to MP3 Converter - c:\users\Bohlsen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
Trusted Zone: myhermes.de\www
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: network.proxy.type - 2
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-05-31 10:35:59
ComboFix-quarantined-files.txt 2015-05-31 08:35
.
Vor Suchlauf: 14 Verzeichnis(se), 331.021.365.248 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 331.430.572.032 Bytes frei
.
- - End Of File - - AC524858E86E8383DF6C6BCEBE0E6424
|
|
31.05.2015, 14:40
| #7 |
| /// the machine /// TB-Ausbilder | Windows Live Mail startet nicht mehr nach Exe Passwort Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.06.2015, 01:15
| #8 |
| | Windows Live Mail startet nicht mehr nach Exe PasswortCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 31.05.2015 Suchlauf-Zeit: 15:55:13 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.31.01 Rootkit Datenbank: v2015.05.24.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Bohlsen Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 519850 Verstrichene Zeit: 57 Min, 41 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 1 PUP.Optional.DVDVideoSoft.A, C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi, In Quarantäne, [7bb2009a5b2f4fe7b4352750a0658779], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.205 - Bericht erstellt 31/05/2015 um 21:25:43
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-31.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Bohlsen - BOHLSEN-TOSH
# Gestarted von : C:\Users\Bohlsen\Desktop\AdwCleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\SecTaskMan
Ordner Gelöscht : C:\Users\Bohlsen\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Bohlsen\AppData\Local\SecTaskMan
Ordner Gelöscht : C:\Users\Bohlsen\AppData\Roaming\software4u
Datei Gelöscht : C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17801
-\\ Mozilla Firefox v25.0.1 (de)
[43zun4eo.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
[43zun4eo.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [2026 Bytes] - [31/05/2015 17:14:32]
AdwCleaner[R1].txt - [2085 Bytes] - [31/05/2015 17:29:17]
AdwCleaner[R2].txt - [2144 Bytes] - [31/05/2015 21:24:26]
AdwCleaner[S0].txt - [2074 Bytes] - [31/05/2015 21:25:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2133 Bytes] ##########
|
|
01.06.2015, 01:18
| #9 |
| | Windows Live Mail startet nicht mehr nach Exe PasswortCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.6 (05.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by Bohlsen on 01.06.2015 at 0:17:40,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{006A0D65-F2BF-47EE-BC41-F4DC58F1FD6C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{00AAEE51-2DEC-4D77-8A8D-E746EADB9DD5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{00DAADD3-AA31-4A30-B1CF-64687AECF9FA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{010400D3-355F-44A2-BB1E-80EE53678BAC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{01110DA8-F740-4950-A0DA-FBD60D16483E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{013B3C55-6B55-40FA-A75B-180EC42F6D93}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0151B26A-E5F3-4335-8294-1B2CB10BC4D4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{01682F29-67CA-4BF8-A4E5-E5A630AACA71}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{01BB60C2-73AA-4E80-8302-3E880B18EC26}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{02064B26-1E76-47F3-BE6F-BE4B4FE4200E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{022921D9-FBD8-4AAF-99E0-ADE3179E1BAE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{022A35AE-5528-4EE9-9ABC-9BB776712AA1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{023529A8-5400-46BD-8D7D-0314387F1820}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{02631D8F-EDD1-4106-8EBA-559FF7708116}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{02A9E817-4228-480E-B3E0-019DB63B3D43}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{02C42EE8-FB64-49AA-9273-65A57031CFF3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{031DD2B3-5D12-41D2-8E47-51421D19928F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{03257112-E13A-4E1E-81DD-B3D475E82CE6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{032D2558-7569-429C-B8E7-3D44CDD5A0E7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{036BE011-4DBA-4378-87CF-060826BA40EF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{03A1EBB5-DC28-4C48-A19D-659735D4F6C3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{03AA0295-1F0B-4D89-9C7C-4303013AA550}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{03FD9F93-6013-4229-A9E2-B987D0666DFD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{040F7AC8-788D-45F2-B64E-8C6DA12E261E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{040FCB20-CBCD-486B-8117-7992AB326734}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{04511700-E074-4585-9EDD-3C35BE20FB82}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{04B0D9B4-65A0-4DB8-8FF0-05D3594518EE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{04BC4BA6-55B9-4349-A592-425D647A3B18}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{04DDB19F-858B-44E5-9604-50E91AB3A2BC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0512D481-D527-4D63-A364-8DDDE9D627C3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{05136CC3-6090-42C1-B9C6-9DB4F30F481B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{052218BB-2EF4-4E4D-992A-7BEF2BB965AA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{05594BA3-9A61-480E-AEE3-8A42362C7618}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{057E5BD9-8797-443E-9E01-C2D70C5A163E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{05AA8C8E-3F49-41E9-AAB5-ADAEA0025CD9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{05B22173-2898-4873-BEF7-A843430A4FC7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{05CBFE6C-EAA8-4C21-8114-10C9D6FDAE72}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{062EBB3D-8AC5-410F-B50D-238A25F733F1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{065C82E2-D124-45E5-B2ED-B259F7868AB7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0667FF63-2813-43EF-BE1C-0B7A35D3FA10}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{074BEDB6-E3A3-436E-80DC-550ADD41A151}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0772584B-66C2-4039-9B8A-08515DA61FDB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{07EE95A4-D6CD-4127-83C6-F0FD71E6F241}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0823C166-91A3-4D39-9E9A-E5D6017684F3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{082EC8B2-E004-42D2-ABBD-DD2BC72E6F09}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{083BB1F3-B0CD-4F5E-8F0A-41A74ECDC853}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0912CC80-4CC7-4D80-A70B-3F184A864CBE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{092BAB8D-592A-4E05-975E-FFFC5CACAE61}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{097200C4-027F-47E9-A8E0-11C49E050159}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0A028BB0-55B4-496D-B347-CC1ECE0B440E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0A2BA863-30E0-49F1-8605-A20427E535BB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0A7D6C8F-C851-4D0C-9D4E-CCF4A8E08FBA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0AB22C54-8D8A-4750-B579-D2C151EFFED9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0AF5713E-99D0-4253-984E-279F682E3310}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B0268E6-98C0-4208-91A6-D3CCDE857608}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B04B937-87F8-404D-AD6A-5CBAC0F02106}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B243E64-52DD-4572-BFDB-95CF39E6AF28}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B32502C-38F9-44CB-92E0-C6E6BF3194C3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B441DB1-5DD8-441B-9568-656501A4AB0A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B4D02E4-0426-457F-902A-42848DC84471}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B64D68D-3FF2-469E-BC1A-076B869E400A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B72A8DA-135F-4DD1-826E-41764B9DCD1E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0B8A4B7E-B64B-4891-B88A-AA649CDFDACB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0BB20F05-1711-4EAB-8111-7189416018B0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0BBA80E6-FDED-463D-A2B7-1E619712F376}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0C02D889-5043-4619-BC87-034D491D8C8C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0C0D999B-8E1F-4CE5-9008-278B9ACAE1C0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0C7A3B6F-2309-470F-82E3-86B3CB756A74}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0CBACC6B-BE21-4D3F-86FD-DC3A23D63166}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0CD9EC21-4399-498B-8CFE-1D93F6EB98A5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0D259BD8-4CC9-487E-B5FA-1DFF529C114B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0D4D90C2-B37C-4CC6-904B-CA8B0369AAB6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0D638DB4-40F3-4A35-9ADE-25BCE81CE513}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0DB67585-06BE-4DBC-876C-147C9E19EC7C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0DBDFC71-AB08-48F3-BED7-C2A11D62BD73}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0DDF82B3-0664-4B41-BA93-CC2DBF0E9FA4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0DFF878D-4EC7-46CB-BACC-BB6F46610BFB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0E2C1A55-25BC-4BD4-8696-AB51A053F750}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0E66F9B0-61F5-480E-86DA-4B4E6045E7CF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0EBCC51F-69A2-4F19-8EC3-F7BB39185FD0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0EC812D1-EAED-47C7-88AB-CC11A71783EF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0ED1EB81-8A66-4D73-8435-55ADD82D69CF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{0F19457C-5A88-4DB1-B99B-CC92474DAF3C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{100B7C2B-35ED-4CBE-90B6-0C3D94D3C85E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1078B213-E011-4C6A-B244-A8EB353C9B24}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{109A0955-DE5E-4D3F-804D-328D9A06065F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{10CE6BBD-23E6-4624-A627-761008DD8790}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{10E7F25A-348D-4755-B879-02E991A5D967}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{10F20253-9210-474A-B2B9-CA5BD9F5BD12}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1172C3AE-A2E0-4ED1-A73A-C6FDFEFF8AF4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1243F32C-9004-4D00-8EBF-E138E964FE5D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{128A945B-4A95-4A20-BDA0-E78A5BBC7D7D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{12B2026C-861A-421A-AA2A-C78D0C7BE4E8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{12EC9500-FEE2-42AB-8FAD-A29A3CAC2704}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{131FB719-F34C-4FEC-BFE2-458C134EE528}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{13564ECF-D5F9-4EC2-BA1E-813B3A257D38}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{13904FFA-4FFF-464D-979A-FC8281D28A70}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{139D01E6-597C-48BE-BE5A-8F72883E7BA8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{145145CD-B317-4D5E-9927-3A9B59187096}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1479EBFB-E5A8-48CF-B2CF-C18FC5638D54}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{14FAD011-98EB-4452-AD22-A51785745599}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{14FF8793-0A9D-41FD-860B-6C7910E39558}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1571A7B0-A98F-4C5C-9DC9-5FC62E7A402F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{15DA7536-AF93-4C2A-AF02-2990F57E7038}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{161868FA-B6CD-40A0-9339-1FAF6D7609F8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{162106F9-F8B7-4CE0-8F7D-C40BFF5AC262}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1640CFCB-1EDF-45BC-88C0-8698EBACFD3D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{165099B4-B3D2-45DE-AD91-35B8A95253F5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{16AEE221-E359-4144-8493-BBFFDE9D6568}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{17E07A2B-6807-4A39-8668-A91BA688E0E9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{17F3AE9C-C938-4A6F-AA9E-7C0F436F7024}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1855AE52-636B-43CB-B852-EAE147FD00B4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1880653D-EEA2-4086-9A0E-8C06E327A15D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{18859E19-4B31-4DB0-8A61-A56F98799434}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{18B30758-FD8C-4924-9F14-756F45B710F5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{18C82A39-F730-4FDD-AF13-D5C317A68E51}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{18F2766E-75A2-4593-B433-BDE2EC808482}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{196DE401-8EE3-46D1-AEB3-64F8BF4A5113}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{199E9545-B96A-44BF-978C-AAE5B8B38B36}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{19F7FA5D-D3C1-4D39-A874-52E611002FA1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1A11131C-D529-4838-95EB-3FCDB9F79170}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1A16128D-C5CE-4E9E-B79F-E80F59B04E04}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1A3B766A-DAC5-4428-A711-F2C7AF29F102}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1A5D2AA4-665F-4534-9E40-538DB4C6A9E3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1A6D753C-63B4-4665-9B82-EC4B44B6B0EA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1A849783-35D7-4135-B20F-02B4FCCA4951}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1A970BFE-4EF8-4216-969D-1E79C49DF3E0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1AC6B01D-82C7-43A0-91C3-D58B2D987E54}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1B27EC53-BD24-49F6-8C3A-ED6F38D07EB7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1B4D65B0-2432-4543-AB6E-6CC7C84FFE2A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1BC5BFCC-DFF1-4E9B-A206-7DBE43AD8E45}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1C049505-64D4-472A-BF39-CD807B3E2523}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1C21E410-8388-48AC-B49C-BA07B1483D65}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1C535984-3613-4C28-82F0-827F1FD4756C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1C8C8B7F-9B7C-4BE1-8805-C2DB597099E2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1CDEB7DE-EDAD-4A48-B008-96908E92CBE2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1D75B234-969A-46F1-8382-CC4FF371365E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1D7BB409-C73B-444A-B56F-C611868FE535}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1DD04415-86B6-4133-AFE4-310D237EB5B7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1DF6CCBA-FA2C-4C44-A613-306488812366}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1E53771D-C0DE-4831-94FF-64B9DB4E0943}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1E965C05-C6EA-4545-914E-B623DC80A8F9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1EB68BDD-1AEA-47A1-99C9-7556E872978E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1EF2CC22-4024-4770-8083-2742697033EA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1F104645-A1DA-4C9E-AC2F-FB7D131668C0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1F429522-8CD3-4326-8703-19A5747A30F8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1F7BF2AB-1791-4E98-926C-7A3C77D7C54F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{1FF2C578-CA3E-4A61-9A96-AC468E659481}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2046A57D-FA51-4012-819A-4DBEC2820DF8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{204A1CE8-2E1D-4096-A0C6-8BB8F2E52B99}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{209F4A8C-58BA-46AC-886D-F46A728C8FDD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{20A48112-7228-4885-8E01-DE23E4C4A73D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2130D3B4-E319-4A91-A0B7-3282519B4F20}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{213F99E3-5559-4239-808B-2AF8E57D6021}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{21C47DEF-221A-4A41-9B3B-706DD6231DA7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{21DE7F47-4A5F-4995-A9B8-14007292A634}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2253B99D-FDA7-4816-B64C-F86DABDB1EB5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2271944C-DB7C-41AA-A465-A621FE0DFB90}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2286C74F-46FE-41BE-A94E-A9470F34709A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{22C9ADC9-5CB8-4BD9-B08B-0101E4FA73D5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{23A8D3D3-A0CE-45F3-9B1F-C1A119024597}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{23DFDF50-D9E1-442F-BF66-C92B64B060D7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{24491A74-3B9A-418B-840E-A8BDC48E2BBA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{256B2265-3FA8-4240-8762-F80F9CA0F4F0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{25DE64E9-F3B6-4023-9092-9CA693B02C5D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2638F198-D997-43B0-8973-FECD086FA736}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{263E3225-03F7-4773-9645-14C577C0CB96}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{26524211-6F9E-4890-9C9D-F14188093033}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{266EDB08-110D-4865-8B35-F2CA80F3D757}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{26D9B76B-6E6B-44C8-9E70-882B6A710C78}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{26DF1984-C887-42B5-9875-6E281CE55CAA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{270B9BBB-C04D-48F7-B8AD-9BBAB1DDF4BB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{275DDC4C-4E6B-4C03-9691-61AFB939F4E3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{27B9C925-305B-4C5D-BC42-9D62288D069C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{27DF198D-882D-4C88-A862-C7EDD3ECBF21}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{27E4C5E9-0DD9-419B-B182-46B34F20A208}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2817894C-17DA-489C-AC6A-F985F4FD7494}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{281D1E1E-E377-403A-9769-B6D4FEE7DC45}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2825A57B-9B5E-46AE-8730-D7E4AB871FDC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{28326224-D970-45CE-ADBB-771D171DEBA6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2892072B-F002-43AE-8101-F14BF5EDE767}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{289CBC23-D0E4-4AD6-879D-0DFE0470F23E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{292C69AC-51B4-4835-B6AF-ADEA9EA9343C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{29BB12D6-770D-4FB5-B0E7-EB3839BD7C5D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A04924B-5F54-4717-8FE5-E3E2B63A3D18}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A1393C8-CC6C-472C-B48B-1D0E152C08A9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A213300-32A9-466C-84A9-235B6120DEBA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A3C317B-6A0E-47F3-A109-9C6D119335DF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A400B79-EC54-4C27-A2CE-A2FFA57B0FDB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A87CD92-8269-4A74-854B-4E0F6059192C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A8A03F1-291F-4ADD-AEE9-8DDDCE277D8F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2A8DF2D5-8F66-4B19-9CF3-FFCC20DDAE39}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2AB27749-C695-48C6-8BD8-6850D38121B7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2AD6B099-9E60-4843-B02D-A4B3175EA116}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2B547DB7-EDEA-4AE8-B99A-DCD9DFA13349}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2B587380-BE88-44ED-B912-9300890C287B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2BB92831-2135-4B4A-B39F-B81FFEE3C0E0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2BD47779-DDA0-4F1C-90E2-A53546F5C9EB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2BFB5E0B-8006-470C-AC6D-D9EE20B68FF8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2C454790-6A78-4935-9A46-B73242B7BD29}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2C52779F-CC41-4DD0-A25D-894FE72B11AC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2CA9FED2-34EF-4734-ADFA-132521832A7E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2CAFC093-823E-4517-8A9F-33B83DA0FAEF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2CC5C013-B87F-4632-B107-EFA3A48C3BB5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2CDA5904-2125-4F52-B2B2-E108CBA3BEDB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2D034905-AEB2-4E94-992D-2FAAF3746FB4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2D3EC020-5C79-41E1-850E-2F28873D0182}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2D6E5F78-851D-42C2-B2A0-588DA2E12BE9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2D816E83-4663-4412-833C-32FDC5178A3D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2D821485-406D-4294-9B57-D1343F53AA07}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2D920C68-3EE3-4A82-BEFA-CB51CD75398C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2DD1EB83-3A98-49E2-8D55-D597CA03D519}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2DEB82DF-9480-4C09-83D8-108D2AE748BD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2E1AA99B-796D-4729-90A0-06BCC5FDD14C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2E53F65B-0D06-454B-9D91-B9370B950BB5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2ED57FA8-C6BF-4234-90C4-558B20666206}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2F27C1BC-9574-4CBC-B8CA-8B0416B2ABDE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2F38F05D-9605-4181-A196-25D7BADCEAA9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2F3DC4DC-866B-4665-BBC3-E7ABE243C7D2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2F73C303-D2E3-4CFF-930B-5C05AD0CD770}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{2F8D5A80-E553-4AD3-87A4-A3FCDD1847C9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3004F9FB-C606-480E-B841-596C83CF6EDA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{300B31D5-3625-43E9-9676-337CB6397F30}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{301CFDF6-2F2D-485B-B94F-1D309A410362}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{30406EF9-5561-409F-868D-CC26C0099C6C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{308BE723-09C1-4338-96A8-170183AE7DCC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{30D67AA1-2F5F-49D7-9B01-0C77B96970D9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{30E956D2-6BBA-4719-A00B-97CE71158D1D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3104D820-E480-4F54-AA0B-DD8FD3DBA5D8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{31074734-3E78-4E9C-BF1F-A1435E2DE80F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{311A5C46-BAB1-48A1-BB9B-87D91254E8B7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{313C1853-92BD-4892-AF40-5D8E7C6AF160}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{314BDC7D-4CBF-4360-8340-C0F1A1A6D459}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3150E77B-5F93-4BF6-BDE0-1E18B5757841}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{31641904-8E5B-46BB-BD85-CB773AAD3EA1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{319CFE0B-573A-4C67-9B48-3EED7EBB4F2F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{31F99832-1770-4507-A531-F2926AD8C792}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{31FAC2C4-D7F9-43A9-9EC5-618EAE53501B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{32855F41-B35B-4080-A4B0-591917C0CB3D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{32E37CEB-B274-40F9-83EA-0DCAB7D5087F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{337738D0-CC6C-4734-9E28-306833778227}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{337D0556-2A04-43A0-B294-F6D4FC421F39}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{33EDA154-64C1-46BE-A632-F726D377B30B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3428F414-CEA3-45A6-A4FC-C8629CA0774D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{34C5EEC5-FD90-48F9-B8D1-28DAFBB56A7A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{34CA12E9-D22E-40A6-85CF-1B1F2A408D6D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{35175AC6-BB50-493E-A8B5-043A324FA8A2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{353817E9-1485-4F47-920E-1FB88F345755}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3543F59D-3797-4195-851A-E3D8BA722EC4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{357392F9-BA8F-4744-9A69-3B3EC0F31683}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{359F0A9D-B308-4D2D-AF35-D99C132F3FD7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{35A5EE08-2600-43F9-B837-EB74510C33B8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{361001F3-82D3-43D2-8A8E-C0045725BBF2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{364D201B-94B8-4639-9766-954F337ED6F2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{369B7B90-045C-48F0-A965-6AE389947501}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{36A8A3A2-65B0-4D70-9951-01ECBB0782F9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{36C62202-93ED-4287-A28E-059EE3F6458B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{37183203-36F0-4049-AE87-980976C8C417}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{375F2322-E451-4FFC-AC7B-499E28624E35}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{378E4C10-646D-4CB4-BE75-E918FF5AF72C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3858866C-6F85-470B-A6F9-28FDD90315AB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{38A550C2-742E-4548-A503-2A1E459ED9CD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{38F43712-CD35-4E17-9A8C-79972688E16C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{397ECE08-AE45-454C-98F7-677E84FB8AC2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{39E5B1E2-BEC2-4DAA-95E6-549312551DD3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{39EC89FA-7556-4C6F-8C00-54D0D59C7257}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3A3143D7-1377-43E4-9500-8DC1271B02F8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3A482D17-3152-4F4D-A12B-B00FF08DA9BA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3A6162A4-B048-47C5-8F3A-20435B9DD367}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3AAD1F59-9D19-4247-83D2-35A2B3975B9E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3B1E18CC-19CB-4972-850D-4CEAF316A088}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3B42BE48-1779-43B3-8E44-C32CA295826C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3B601482-DF22-4ED2-B2C5-7F4B2EEBE810}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3B82EF31-80F8-46DC-BB6E-957FD4845221}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3BCA443D-FD2A-4187-A359-542827E36CDD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3BDB4DEA-5015-46C5-B4EA-9B26E18A0C84}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3C173695-DD1B-4BC7-97DD-896F57FC7006}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3C2DE1D3-3494-4274-9BC4-2F497D3209BE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3C6A34AB-80F2-4EA1-B498-59729D92E415}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3CD732C0-F61B-46CE-A6DC-4EEBCB2A63F8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3D12CB2C-BC52-4C9D-A0EA-C9289CCDBB1B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3D756448-532D-4AF5-8FC1-1D6780CF5CCA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3DCBD996-1E8B-4C07-871E-9DDA0E71D8AF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3E6E1E1C-4E7D-4046-BA8A-C60FF01D3B46}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3E6EC2AC-FA10-4714-BC87-E3B47E42681D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3EA86312-388C-4CAD-A4CC-D6AE5B730165}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3EBE0996-CDA8-45DA-8372-7E772610F9F0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3EE0C28B-3EE0-4171-A07F-E9FA920F7089}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3EF5F102-354A-4C76-9BF5-376F288A2A8C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3F22F9C9-10DB-4C17-B1DC-500971758448}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3F2E7E77-6590-48D9-8762-C582D352A8B9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3F6231AA-B213-4D5D-93D2-79E586F51372}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3F65CAAE-99B3-49ED-9B81-0D6C175E84DA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3F7C0F9A-E026-4BB9-961C-FF2E2D296789}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3F8C5E8F-C185-477B-BD07-DB0DFF52038D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3F99C212-6FBD-436E-A637-EFC4EA5C6D35}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3FA79915-BE81-49DC-9D7B-9E6C0C4D9741}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3FC1E298-DB2C-4C03-A01E-51147129C552}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{3FF8A416-C152-419B-8FC9-BD6B0006156F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{40026F88-85EF-4BDB-9EDA-A299AAF204ED}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4032BAAA-D8EB-45BE-9F45-82D6C421C2C2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{41C8A7A4-C112-48E9-BC30-B55B881DA393}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{41F81E02-F919-4BB1-B639-542F60109DD1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{420D6907-0D9B-4F56-9407-5161E1E70881}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4305D589-5C25-4C77-9E90-CCB4F33A5F5F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{436E56D3-F774-47D9-B5EC-8DAEBAE87637}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{43910699-385F-42AB-8542-5670BBB0DADD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{43C08B6C-6C6B-4B97-99B9-310B5CC8F93B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{43D6D775-727D-4FFB-99EC-CBB09ABDBBE0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{43E1FFAE-B5D0-4567-9B63-41FAED12165B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{43FFAF66-E9FC-48A1-BC34-2D926B138DE8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4429A76C-4DF4-406D-9A47-2E43FED0DA41}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{444D7CCC-E5FB-4817-B074-929CE7116A68}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{44A45B03-A336-4AB0-9237-A458E21E11E0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{44B167CA-87ED-4881-A0D6-4FAF7C95B394}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{45097F89-2680-4C4C-A93E-029C1474C055}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4597FB30-13CB-4738-9AEC-D7DF470D0555}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{45A3ED5F-0845-4D75-9385-A22A9D406817}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{464A0B00-7A84-4CBC-A4F5-93A70611000B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{466374E0-77FC-4D5B-86F0-2B94FBA22FED}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4665F3CC-3771-4BAD-BD67-3A86690A564F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{46697BAC-38EF-4BBF-8B2A-A74D1A850682}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{473013D4-EE71-4B9D-AC5E-51937D1CAEA0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{47965F73-25DC-4D8B-A771-2E16AF24BBB2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4798C912-DF0F-4EED-8674-9F36FFFC84DB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4823367E-1830-4F08-8939-9C6FF1CEC448}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4833FA1B-12A4-4534-A333-26B354B22EBF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{48E9C402-064A-406A-AF9D-A4179DF8D2AF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4918B761-A298-4A07-9529-9BDBF2B838E4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{491FD3C8-BCE3-4FFD-BAC3-FD03287A5A91}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4949EC08-01B8-4DB1-8AFE-05C28324F68C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{49EF1517-5A21-41FF-9AF6-932772B7BF43}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4A104695-39DD-4DF0-BFB8-FA0A043EE0BC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4A6CD28D-4CF8-42E3-9287-4423B5F13196}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4AA2740B-A876-4EE1-94FD-2EC12A423130}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4AEA9013-3030-4B39-AC7C-55968B934B79}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4AFF16A2-CFA3-4829-8A8E-EDF8628503EB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4BB24BDA-31CC-47EC-A750-617147458FDD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4BD87D81-CF63-4058-BE07-29039A37EA26}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4BE90874-A698-4497-94D4-F9AAF709F970}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4C14D4DD-A6CD-4DD3-B81F-CD3C2A5A949D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4C1A6629-B53B-49D3-9476-51513EB62EF1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4C2D50D1-0D31-4986-9AC3-C30FE5788E62}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4C3E011B-015E-48BD-9CCA-1E663B48FF00}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4C6F66FA-F2F7-4EBA-8FC8-FDF15469D168}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4CFA9E83-8174-416F-96AB-70482B6A8E1A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4CFB1B3F-A0FF-4BB3-A8CA-2AAE01B62BD6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4D1CBB89-9788-4C61-AC1E-15DC419B4F63}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4D507F4F-BD8A-4A1C-B625-5F61CB7DDA94}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4D8E737B-C8C0-4BF8-B6D0-51D346E95A3F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4DD88A92-6125-49DD-ADC7-20E8EF60255B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4DDF343D-7101-493F-956A-0DBEC0D7C2DC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4DF42014-AA91-41ED-96C6-080ACFB5CE11}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4E4CEE1A-37ED-416D-844F-F4999DFDBAC4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4E76E469-1136-4162-A22F-F2FC41DA0C23}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4E80A06D-18E3-435B-B30C-88239AE9E4B1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4EA838DB-8DCE-48B3-A13C-5AE7C5BE1BCE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4EC22359-00A8-4B39-99BB-D7EA79A1C85B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4EDDEABC-A849-40EE-A5C8-674A9B20B4DE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4F208B57-AAD3-4431-8790-F74C02368C17}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{4F394E6E-21BE-4D32-9FA5-7C40290083D1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{500E84BA-C1F7-4AE0-BAED-37CE4F199D0D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{50636496-0B40-421E-89D4-36B2C2BA74F5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{50732B32-31BD-41CA-9E93-C50D1E44C14E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{509039D2-C6AE-457E-873B-1FC496D7A533}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{50AD745F-71A4-46F2-8403-5A5A16307980}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{50B3E1E1-B046-4FB7-B810-1A3C179D001C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{51757668-8990-4D04-8747-255753A3EBE6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5180F135-2E4E-460C-BA87-D638CDDD2778}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{51D0ED27-E22A-4539-B545-6E4E70EF8D2C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{51FE1FBE-D0C4-42FD-A30F-819D53477DD6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5291585E-0CA9-4562-AD29-E85192A80E44}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{52C4765A-9A81-4224-80F0-7ED2888163DE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{52DF0CD5-2874-4431-B7F8-825A55B21C87}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{52FBD521-FB5A-4001-8518-03F93DA978EE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{53114025-CFD4-4EA2-BB51-433F59568EAC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5317B79C-5C32-4B6C-9D22-5B9D36A821DB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{535A6494-4EDA-429A-ACAC-F62663110E51}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{536D51A7-85A2-4266-93E4-8981D2B33C53}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{538006F9-8246-4232-A570-C39FBCD61456}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{53E06CB3-47A1-49DC-BEC0-C429DA755985}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{54017391-0AF7-4FBC-B310-065FC7B74B24}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{54222289-72CC-47D2-827D-5DD1CF117DAD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{54496FE5-1996-4F36-A25E-C5330CD6E0B8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{54A211F5-BEA6-4B7C-819B-748A3EAB5181}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{54FA5026-27DC-41F9-9473-0134219AE381}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{553B1626-6F94-4CAC-A1F7-F273E3719B9F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{556DCD79-8981-401C-B6E2-F369084F9F56}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{561FA3A6-A8AB-4E1F-AE2A-BF539D04C693}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{564FFE1A-015E-4562-BC86-42FE2835A5C5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{56635CC9-A1EE-4C08-B63E-95E99CA85B3F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{566508B3-5862-4C45-BB49-0A5FC7728784}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{56827986-0DF9-4E1D-81B3-5D5A02DDE055}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{56B93493-7EE9-4BCD-98A3-EC2964587A09}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{57374166-B96F-4453-9414-C194A429CB1D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{575D62E5-3664-470A-843B-9998ED3A10F3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{57A17604-8053-497E-B4BA-480B3B172BFB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{57A40398-9588-4B4C-A836-C9E580A3F88D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{57E0B9AD-D318-4A16-A57E-0AA6CC1863AB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5808FFAA-C08F-47C9-BCEC-4E6A40513F8D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{581E6CEA-4910-4DBC-8FDA-4A15B292EEA8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{58FC4AE7-A182-4762-846C-480427D58321}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{59079819-6108-4CB3-B1D4-E66B65A7934E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{590AEE95-07C3-46FC-B794-952E44444605}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{59159301-2A13-4AF5-8E87-2EE277FA88B7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{59416590-6095-4D2E-BC35-8F4D1EE56CA6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5972B774-777A-4596-9992-9F6C5D4243BA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{59854F6F-85E2-4E22-B206-DB3F64EBB2CF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{59E4293B-1438-48DB-922B-24FCD7FBE33B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5A8EACEC-1CF6-4D43-8870-C0D62D036881}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5AB51A1C-6199-49F9-8636-577B914AFFFD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5AF361DF-0967-4651-AE67-7F7ECAE2C6E2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5AF8DFE3-5812-4B10-9E83-E60A8C70FBE5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5B01A603-8F56-4B9D-B6E3-AEE1231F17DA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5B129CD8-C96A-479C-A97F-40992F1933C1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5BC264A6-26BC-435B-B4FA-F9C417517895}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5BEAA070-6FBD-4DF6-9231-473C289EFC33}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5D0E6269-8BE9-479D-B601-A5F1AD8B32CC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5D39FAA3-FF5A-4841-A9C0-B0A13D0ADBED}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5D3CB498-A54E-4897-B63E-3FD32D6E2B23}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5D3D01FB-03D7-492F-9F7F-007F6DD03009}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5D639013-B36D-4173-AFB3-7F3EF24138AF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5DF975CD-8099-4E28-83BD-1AD07E311F83}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5E1A0E45-FBF6-487B-B9F4-3EC7B7D9A9FD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5E320DCB-8ADB-4105-B0F1-9ADD8A239599}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5E478C14-B86A-426B-9933-B030182768D2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5EDF0633-98D8-46C3-8530-E791DE778E6E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5F089852-9316-44CC-96DC-01AB96EF9815}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5F96E227-B4C1-4231-9AF7-E2AA9FEF1BCA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5F96E62F-EC77-480D-B338-21909ED38AEE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{5F97894D-AF1A-4353-A4DE-F208C377EAE6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{60470722-8545-4CD9-B04D-7686969077E6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{615A995E-80B0-48F4-A450-B45E62C7E44B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{61A42984-2762-430A-B402-8D558559B61D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{622961D2-0B1E-4AE9-92C0-46ACEB7E1EC7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{62411C51-6EEA-488C-B5ED-B6591E8E63F1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{62950292-F315-4242-9F50-D79630EAB416}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{629BB6F7-CDA1-4097-9ADC-C8EE14B11CAE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{62C18966-AF63-43B1-82FF-37C250ED070E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{62EAC2E9-DEBB-4873-BBA8-E59FCBFC7EBA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{62F96CAE-B34D-4801-84C8-1810BCFD279B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{633272AE-B688-4315-A227-74D66BC21204}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{636BB1B5-ADE3-432E-A111-B16D91F3CFFD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{639752E7-B802-4361-AB54-A29060C8C17A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{63A33A57-7922-4C97-8417-8CFF3821EC1F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6417AD00-9146-4E0B-BC13-8B9A3A459E1D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{642D2FCE-48A8-454B-B15B-1B3D0E3DB589}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{649273CC-2FA2-4E3B-AF35-D3C9E4150B58}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{64BE3F8F-828C-403B-800E-B43E60384D87}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6565895F-5EDA-4EC9-8BE3-D585520DE266}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{65AE6BA3-2D18-4709-B342-A1571AD19BF9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{65E5516C-A29B-4B7C-905B-0B1F459F4B03}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{660FCD35-48F2-452C-8D85-36FBD589E9D2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{663C94D8-F038-4026-A6C6-822C619A2636}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6644A520-BC3F-4F27-A328-EA1388AD4FCE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{667EE784-14BD-4C97-860A-59BFC5FAEAE1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{669EE276-EA86-4249-A186-CEB48D936DED}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{66DBC90A-2AC9-4535-97EC-18E9EC1E6560}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{671AAB89-45F9-4B7A-A112-D92C27A58B89}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6732802D-14E2-42E5-9C70-68254A65DF7A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6740E0A0-35D0-46FE-8A47-679B5A50C44C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{67827465-C38B-474D-8B2C-9A4544F6DF72}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6832469D-058E-448F-A88A-7EF9D60E2790}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{68569616-8703-41BC-BEA7-8EE95EC27773}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{68743CF9-48B6-4C4B-998E-AAEA8120CC48}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{68EF70DD-EF23-457E-A8F0-1B9BF6B95D8F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{68F1910A-4DCC-4A11-AB0C-ED1DB27FE612}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{693DB445-466A-40F6-9E3B-D2D6B0E527CE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6948FFA8-89D1-4485-8890-93AB90C2A87A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{698E22E2-3CAC-47BA-888E-6E48EEE05551}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6998410D-8DFB-469D-833A-E642D7E4E06A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{699E9AA1-6F27-43EB-A02D-DDD3F56B62AF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{69C362B5-BE90-4988-9F25-8DF71815CB9C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{69D6DA6C-7781-48A8-9DEA-4E93294DCBFA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6A07B2A0-549C-42B0-97BB-D216AF5589E5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6A4A1646-AFBF-4C13-9ED4-F447E92B69D7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6B095905-FCB8-489D-824F-711C1C37236B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6B3CF0E8-EEA1-42AD-A05B-302824FFA304}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6B7276D4-6D41-4C18-AEE1-FD9DF7CA6F7D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6BC3CDE6-922E-4A77-BE53-95C4E5C76710}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6C1159DC-13A8-41BF-A8D2-3C88864CBAA9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6D19F057-640A-4872-A4EE-2ADEC51CB042}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6D7D78DA-1DE0-461D-86DD-5978491E53BB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6DCFCE61-B94E-4967-B857-AEFCB7A7BB5B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6E022FDA-CD39-4613-A093-A88DED27CD94}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6E76B5D3-EA8E-4180-B766-310594C61FC3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6EC51F5E-4857-4930-9AAF-C999C6C9EBED}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6EDC7A1C-89AC-4313-B087-DCC6FEC5CA41}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6EEC9EA1-6967-48BD-B47B-C2D9575CC80D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6F01E25E-AA86-46BC-B1DC-114B1A6C88A2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{6FFCA21F-FB6E-43E3-A003-E5483E40B3E4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{704A26C7-B307-4471-9A30-92E4793EBFBC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{70575021-629B-4D1C-9503-EE66A359F536}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{70957338-BE2F-4E85-B5A6-4B47B90E7286}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{70A09068-49D8-4FC6-B141-57053EED680F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7112C25B-ABA4-4150-A275-605F99C90D61}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{711A69C3-F6F7-4573-9208-2C498ED52BEE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7185FCDB-73BA-4610-9240-2E1FBB0091D8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{71885FB7-7444-44B1-8624-F840E4D5837C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{718F077A-A74C-4E41-9828-4CF8005566A9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{71CF3577-4B90-479A-BE7D-BD36A691C724}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{71E12E06-3875-4461-8973-A78A05BF5225}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{727ABD57-BA67-4964-AE98-1DA583794C2A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{72D049C3-27E4-40BD-AC26-BDD91A881700}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{72D82CF8-22C4-40EF-AE3A-31233C47C774}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{730A3D0F-2A9C-41E8-A727-B52F8784AD5F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{731AF9D4-9088-402C-B719-AF2B05E6F715}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{733605F1-930B-46B1-9743-0FBAEC32FCAE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{736242DC-939C-4F25-BA5D-CC4E28AA5604}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7366BC56-F498-4CB7-99CE-7BBDE5C143CC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{73808754-71E3-4586-BD5F-7974FE2A47C0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{738D742B-4241-4CA7-929E-9886EBD4DA90}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{738E3ED9-7A09-4D48-88F8-C1D9874C2459}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{73D130F7-7B77-4F01-B5C4-3E72CA5D163A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{73D31F65-980B-47C7-B3D0-455A9A334735}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{73E0060F-F53B-4810-B0AA-FC8073973EDF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{740C7CCD-31D0-4E06-B462-83CAFC908F92}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{743B94B5-6625-4EEC-A21C-6BC466C4FD73}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{74AFB522-5A43-46ED-AA0A-752CC0AAA1A5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{74B4E8EA-5CBE-48B9-B171-771555D999F5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{75123540-7FC4-4E54-B391-D681B06E8F80}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7568E200-B8FC-42C6-BD64-4B7601A1A57A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{75CDA2AE-58FE-4381-8462-1D7A722F53F5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{75EC5643-6116-43E2-B3D1-BB2532D7C0F6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{762A2E55-D485-4985-911E-4E152585EC25}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{76A9C50B-B051-480F-AE52-66ACC073A338}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{76AFA5B5-E8EE-4C3F-9015-AB83AA3B1912}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{772821FF-A314-4C9C-949C-6807BC5BC0B7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{77753607-93C7-42B5-912D-799697DDEBA2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{77760D39-884C-4451-A94E-EF99B478127F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7852952D-D8BB-413C-99E7-CC57D8814488}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7873A66E-C62E-4E39-885F-2D3EC2D8ABA3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{788117E9-1AF8-4569-9892-85BDEC82EA46}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{78E8399A-1604-42FF-8835-F147CDD828C2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{79B5CAEE-F5C6-4935-9B68-C3B47FE91B31}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{79C90181-9819-472F-97B4-B94BC94773DC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7A339243-20F8-4FBC-A9EF-DA3F46618990}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7A359B61-68C4-4221-95BB-0CC02EEE72FD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7A3AA9F9-324D-48EE-B458-99BDA015E46A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7AA0B447-4BD0-49BD-AEEE-E7040BAECA7F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7AB84345-47C1-4F56-95C9-92530EDB2B48}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7ACC16A3-F425-463D-994F-79967EDCCD55}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7B48BD16-8A1A-41D9-9A06-C1EB5370C3AD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7B4D9AD4-26F8-463C-89B7-A3C224FDA91F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7B71030D-0F5F-4854-8DDD-BC3BD628B22F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7BEF899B-A6E4-41A8-B9DD-A7EF52DBFB50}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7BF5FFB2-3345-4005-86F7-6FE618753371}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7C47E79C-EC53-46C5-9921-B79AB31C663E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7D26F073-444C-4A95-8A90-468F8345FB84}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7D2E33D4-385F-48C6-B739-7AB1E77E9249}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7E16BFEF-085A-4A60-9BB6-AF923E8008AC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7E38025A-20A7-4D3E-A97D-36B00B905D68}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7E3865E4-2955-4B16-B26A-86DDE04BD1FA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7E4BA72B-01C9-47A5-8ADE-0B84E007B5F0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7E94CF4C-E1AB-4CEA-ABC6-C9DB622CE780}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7F150A0F-E715-4116-8F89-6995B7E9C388}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7F7553C5-4964-42E3-895B-C2500A24DBC3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7FAFE0D0-D848-46C4-B343-1DE22BB570BD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7FD2D4C7-2AE7-4FB6-972C-6B6F37DD20E6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{7FD8807E-37A3-4909-B706-3DB506003011}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8007BD5F-9EEB-41E6-B6EC-744D6B293730}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{80F19139-FDB8-45C4-AAAB-07C74092CD28}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{81A55AE8-D8A8-46DE-B432-76A05DBA0869}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{81D59CC4-37B2-4DAC-8F16-6F08E5E49292}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{822D22C3-0955-48FB-ABA4-0119B7F0F501}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{823C4E93-5075-42F9-9C7A-AFAC6232CCA8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{82707980-DB2A-431A-B464-3C6C39A9CD71}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{831F3B16-D414-440A-8265-DD70D4A4ADAF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{832D89B2-2B74-412B-A0DF-6A39791A7270}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{833F5200-2E81-43AF-A62D-07A3945C6017}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{83455A71-852B-4BA0-A913-9E492CB83F55}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8367AAD9-FF3A-4E87-8AD4-B0D224565D21}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8383373A-97C2-4530-A59A-66CDD669F786}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{839B0518-2CE0-4DD1-8C66-B14DE3763742}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{83BBDA34-DB33-4185-9F9D-70289D29E7E9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{843D2D14-195E-40C8-A0C8-5C561AEDCCF4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{847B9F10-4E14-4BA2-9674-2AC7C60654FC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{84C6393B-6038-43B9-9918-07845674DAD9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{84CEED0C-6653-4448-A4B6-A6A65C05BDC4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{852ADC8A-37B5-43FA-ABB3-0C765680F10F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{857C3339-F344-4F93-8BE0-C7F4698ADE04}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{859CD52E-29FB-4580-8751-343EA34F2251}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{85A6C1E1-549F-440B-A8E2-721D602E7C77}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{86127AEF-7DE2-48EC-B62B-812F047CE6B7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8670650D-1A7A-4290-BC0D-3C32C7BFB824}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{867E09DD-1DD0-45D1-BCC8-970E9481A061}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{87A179D9-13F3-441B-87FE-B5864A162991}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{88222443-CEF5-42D2-A611-1148A7E9EEC5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8845F500-197B-46B2-89B1-20E56D25AED2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{888B5F8E-6B5F-4865-974D-D1DB9EF55BEC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{889A484F-1825-463F-A329-2BDE7315FC49}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{889D3404-16BE-4E33-AC0A-024F19B9E704}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{898A2B8F-5BB3-482C-B303-6B03E2DA9BE7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{89AE71A6-EC45-4C07-862E-C6A0758757B1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{89C3D4FA-990B-4ED1-8B3C-FFA6DB6EC784}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8A157A74-EA6C-4597-BC88-2256763B3307}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8A19B327-4B23-4F74-B369-FD51E05BD54C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8A318AEA-A96B-433C-B323-FB258D7E2EF2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8A9CEF0C-291C-4F5D-93DC-599E63CCB2C5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8AAB85DC-DDBE-4927-9BFC-5312CCFFAC4C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8B070ED1-3FC8-4079-84A8-41CA59AA43BD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8B40789C-A3A9-44EA-A92D-BCEAEB69B3E5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8B5E61EE-2019-4DBD-BD53-646AAEFE3695}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8B8D7F14-D74B-49B1-881E-F454B63BD574}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8BE35A27-C4C4-447E-80F9-B63EFF34E6CB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8C609DA9-D595-4F72-BE24-1D18E35C97D6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8C60C6C9-6B26-49EE-829D-40BAD26EEA42}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8CBE4F1D-11FE-4936-B826-D261533C64BF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8D28C39A-169A-4B5A-8D75-0A6F10DD37A4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8D3071EA-8EF8-400E-B13A-AB87B7EBAE45}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8D710F30-ED36-4C3F-B071-A5F3A5FED741}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8E0CB593-44C7-469A-8955-D3BCE68D0620}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8E335ECC-3043-4863-BFBD-7FC83EBF95CF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8EFFC32D-E082-42E5-B4F2-388AB45D0ED8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8F7F8BA6-0799-4A0D-A372-D49B98C1E455}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{8FC1A7E0-8C4C-4891-AB1E-318005B7F0DE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9032454F-9080-4C6A-A13B-7FE5126342C2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{90686EAB-6D29-429C-BD11-07AB63C179EC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{90947E5E-252D-4C9E-901E-AB0C5DF63CF4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9097F9A8-4FB7-4140-9084-CED420019368}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{90EE8652-B03D-4A2A-B1B3-94B3F4943D3E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9119CAC7-D553-4306-A4CB-D4E24762D4B9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9129C998-ADBF-41C5-8366-D55DAC0C0AF7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9193B72E-3F73-49CB-B233-6B554E2A870E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{91A6F29B-9967-4FA4-87F4-2C9F02377751}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{91ECF735-4AB3-48FC-8EA0-E373BFA1D01D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{92031512-88C2-4616-AE61-BBFCF11AEFCC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{92109E70-EF4F-4847-B59E-60FE5E97CC5B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{921B2DAD-A432-48B2-9CDA-A67ACDBE7616}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{922E0FBD-DB79-4BB2-B0B1-D2773E03FBCF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9290FF32-5FA2-4DD7-B935-4A9D56741A4C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9293A01E-2C84-41E9-A1DC-6EBEA7FDAFEC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{93284695-DA7B-4BAE-AFCB-63338D9F832E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{93A75D78-05FE-43E1-AE2E-E4B08C8A9EC2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{93AD03A1-449A-43F4-BDD5-E63337111BDF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{941C5B31-0967-43EF-9955-DF467C15D308}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{948F3A7D-81E0-47B4-85A1-57A262B00B04}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{94E05CB1-8960-4640-ACDA-F56E736DC919}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{95439E40-8383-499F-8B15-AACC7358531C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{95E9D709-AF34-492E-AD95-14B4E9D12455}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{95EA8E7D-EB9B-4D00-A5C3-2FA5DEEAB6BB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9626B765-ABCF-45AD-9984-E6D8461F0CB4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{96A7C09C-8DAC-43F1-9CB9-2F24A83F854F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{96E9BBC8-7BF5-469B-A996-03526389C713}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{97511AD5-57A5-44B7-982F-7DF0D3C826FA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{975B4F6B-AB1D-4E61-917A-A2E423A9831B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{97A0AE7E-A620-4DBA-9EF3-A7FC32B7ACC7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{97C680F2-2E46-44FB-B63C-55B727F0460F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{97EAAC70-BD7B-41E7-9796-661C10F42034}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{980BC9E8-B05B-435D-A381-0C547D52CB66}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{984FA8C6-2459-4F74-94BE-E4959A3DECAF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{996D79DF-28E9-4BC1-AFFE-E38263766C9D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{99AE5DBA-5AC7-4778-931D-4AC90EB5E2E1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{99BD694F-A1EE-448B-83B9-E1E3C690379B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{99D7E783-794A-473B-BE41-0BBA011C1122}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{99E47669-16D1-4B48-9A5F-7848BE196285}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9A2FA000-E82E-4D58-8F13-59207F238842}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9A8A8C93-2EC6-4D42-B578-F5EEE9FCA7C4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9AEE50D8-24A4-4368-B38D-0FE0F770D2BB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9B183D75-BCED-409E-93ED-AD8722D24893}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9B63658D-A3BD-483E-A91A-A16454B03AAC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9BE5E629-8B52-463B-B33F-7EF4EBF9CF40}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9C137400-EC68-453B-972B-C061E7A24440}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9C266F11-92C5-4AC8-A9A7-7C8F51A33505}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9D0E1441-B158-44B7-B444-8DC991388298}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9D2BD5F1-F70F-4493-A1C7-7E024FD2E03C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9D4AC17C-F400-4AC5-93F9-6D19B8FA3A0B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9D5DDE1A-37A0-4686-AF70-427ED2C0C26C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9D90EB16-8C31-4403-B99D-1A42F872EFDD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9DBF57E8-ED55-46C1-B2FE-4271F5827778}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9DCEA7E9-F34C-4E75-8DC0-1E2562893246}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9E30BEDA-3502-4545-B520-E53560D80492}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9E81BBBC-9907-43DA-979E-3584388E78D1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9EDB6BCF-7E43-4587-9494-4B245EE98153}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9EDDB684-8DC6-4B13-A9A6-097A18F6215E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9EDEEBB2-B6AD-4B31-8250-4A139F2CAB89}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9F2752C4-EC00-49E0-A43C-0B20B199FC5D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9F65B05F-3C83-4E62-82E5-4E702EF5DD17}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9F6CFFF5-D2B4-4E4A-9A85-38291A7D4569}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9F7E8DC1-F702-4964-B7BB-77E566F0DB86}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9F8B5B8B-3726-4674-901B-B4C05B34D565}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9FB082B6-5E44-4455-B845-57EB1DC311D5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9FB35E2A-5CB9-4EB3-9C26-A52B10785959}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9FD32626-02A3-4406-AEFC-D13EC85D1877}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{9FD89320-BEF2-4C65-900C-14CCDFD2709D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A0110251-2A9D-4FFB-9E76-64C6A6AE0061}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A02793CD-0215-44F4-BCEC-DE0148CC114E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A078B0E8-1667-4979-8780-3A0EAA8B333D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A08D04B2-04F3-4E20-839B-CFB12E6AEF4D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A104BF15-EDC8-48A4-9904-9B8BAE5DB2D0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A122F0CD-7FC2-4AF6-8ED8-F8337DDFE877}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A1243795-E502-4ADE-A97A-E40117C9E1EE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A13B413E-D90A-488D-99C0-09F9A8E9FA9C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A16F0082-4769-4BA8-BFAE-97BD38E28568}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A175E15D-E39A-4614-A211-A1C6203783EC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A18B08EF-65EA-4BAC-8627-2044AED6805F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A1ADA8EE-CACC-466F-82CE-56C5FBE9FC5A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A1FE1A4E-392A-4566-AD0C-C3C3EBFB17F4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A21C8149-E858-4102-AF56-FBD76A339574}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A24C78A8-51F1-4680-9698-C50298A7467E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A26E8C1F-06DC-4178-894D-2F7122BF49A7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A2E05811-BFF6-40DE-87AB-29DDE3E0F4FC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A3953812-1A80-42C9-8E85-91EEF1B9C4A0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A419AE31-399E-46F5-A357-56C8BA113CF9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A421574F-E648-4451-AE4A-9F479F5D541F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A42CE2F9-D029-4DDC-ABCF-A5A1105B3FFE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A474C5A6-CA36-4063-90C2-BDAF26D86F4A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A479EDF0-F6CD-4AFB-B870-80206C52A637}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A49D6715-E240-4E5F-BEE0-E0E85EB76308}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A4A57675-878A-461A-BEF1-60FDAC72DBDC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A62FEA1D-93F6-4F55-AA52-56CC7A4DA17A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A6B60EAF-DA25-43CB-B692-0929E35E0538}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A6E2DA51-45A5-4ED4-A329-9ADCFB0E02F4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A6EA291B-DB63-4D79-895D-86098DF0B18F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A6F45EB4-000A-4879-8D3A-10694AACA83E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A6FFF1D7-5040-4BB0-849A-9A97AE443935}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A7052D57-E6CA-4F3F-8FEF-A06C812AB72B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A72298F9-E92F-4CF7-BC9A-7D3A52094837}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A725C95F-A37B-4A2C-B154-317B9EB70A93}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A74ED255-5691-4573-AA6A-672F897A0B2C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A7F393E2-B775-458E-BF24-D38CF1C973B3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A853B575-5905-4934-A3BF-1B3CC59F6457}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A8762C2E-CA09-484D-B98D-75C9A2A6BB76}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A87F5661-1852-412E-A66A-3BDE50E00446}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A8DFD07D-3915-4AC8-8446-26D9CB54F290}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A9BA3AB4-61B4-4567-B50E-229E6E5BE6BF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A9BC83E5-96D8-4428-9F1D-F37048F22554}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{A9D4B831-43FD-4FBE-B3E3-A5DF434F8F01}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AA64CBF9-DBE9-49AB-9161-9339AD1D3217}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AAC6FAB0-B828-44B6-BE74-04767283DD46}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AADFB1CA-678D-46B9-B72B-850ECD95DC47}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AAF3E96B-6C89-4ABB-BD9C-064F77933A46}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AB0A109E-89B3-4F7D-B9D1-D416D910CE22}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AB724067-2E16-417D-AD1E-E1509CB6C811}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AB8ABB34-83ED-4A63-8A06-BB907DDC023E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{ABD5DB05-A203-4506-8EB3-1EB9AA49CC88}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AC2564D2-EFCC-4404-81EC-0FCFDA9D7C95}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AC30A1F1-E5D1-4608-A60C-5E1E1560A359}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AC5D52A8-3CC2-4356-A0E8-A03E8ADF1518}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AC80BF3A-A33E-4A34-A11C-F7E6659D4E65}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{ACE984B4-05CB-47F8-8AE6-C152DC5B9C9F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AD5948B9-D37D-40AC-BAB7-4EEF6FE4210E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AD59AFB0-5B69-4CB4-9A5D-45CB21CE0C3D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AE0A762E-61E2-4535-A247-474977B89160}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AE6331B5-398B-4937-B7B5-6A1626950108}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AE6B5994-CFC3-4B3C-8703-7A4F8ED83DBF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AEB710E4-DCF8-49B2-A045-8D1C4BBCC3DC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AEFB7C48-8343-4A70-9473-07C80931DAD0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AF05A359-913E-42A7-BF72-4CBF09BBD841}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AF51D8C3-52D8-4CDB-BB77-A7320C8F3D03}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AF933696-10FA-4700-8451-10D1593AAD40}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AF9E1E2C-4824-47DC-8318-D7407C5267E3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AFB7C997-DD22-4558-8191-CDB7871DB0A4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{AFF6FF37-58AA-4055-8066-F0FA5F948D7D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B024125B-4843-4438-B757-97DE80A8208E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B0406EEA-8CBC-4278-AB55-CB8AE3C6D19F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B05630C9-49F5-42E2-979E-B46D8E8D8E7D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B0626C17-28DE-45A1-9831-3D5239765CBD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B1393009-BD6C-4DBA-B014-112763534353}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B164DBD0-B86C-4E12-A6CB-3AF39431A076}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B1A18FDC-E954-4FBF-B626-4ED60AA41F72}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B1A94263-7E4E-44DE-910D-ACD50FDCBC4C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B1B57904-AC80-4C9C-A5B4-429852C40019}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B1BFE109-A5DF-4250-822B-5EF30CD2FBA2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B2E82098-DDBB-4B13-9182-E7F317D7A77A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B2EA49C1-776A-4EA9-A705-F96E1358FA1A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B2EB372C-E6D5-4ADB-9C2F-1F6F8D88BD9F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B329FEEC-E79A-4BE4-9B23-FE76DFF02A73}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B3A71E6A-ACA5-4192-8254-A86B49676CEC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B3D49C5E-93E2-471E-ABD2-F67A7464235D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B433E29B-A0E4-4CF1-9A50-9F7D38AB5EBF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B4BBAFFD-A47F-49EA-A69A-8296907A7D03}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B50F52AE-E966-4C4A-AD0F-D28E3F35505F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B51C9D25-9B9E-4382-9350-56FFD2FD310F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B6162C80-4D50-4990-8A6B-2409F6C86568}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B659CE48-4C60-4BF2-A181-B4B6759CB00F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B71FEBCA-F9B4-4531-8854-DC68835DF030}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B75E28CB-17AD-4F59-94BE-42508639855F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B79ED970-1897-4B73-A9BF-982C287BB481}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B7BA3609-6C42-4169-849A-D88843803343}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B7F2DE8C-F7AC-4A3E-859D-3BBE0B85C7EB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B7F8770C-B1D0-408F-9988-33806306BCBE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B800BA57-5453-4C5B-863C-396BB41D32ED}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B8495DC5-3011-44A8-9C78-C2CECAFFF929}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B8867682-BAD1-43D0-8A94-9E11CD9AEBFB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B8A30460-AA46-416F-850D-E30B2177283B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{B973E66E-A734-4CE9-95D7-92E5E0282E6A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BA47C5C1-2234-4503-90A8-E2672C19F7D5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BA62547F-FF9D-4A7C-9788-ADA0CA436FAC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BA719244-143B-40C9-BB07-EAA687C4F749}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BAA5D956-C9BF-4CF7-914E-F89ABC982CA7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BB406CC3-D8EA-4904-B526-B7776B06274C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BBBA9BA9-6217-4E2A-BFF1-CA37BD60FF7D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BBC13644-70A0-4304-BF30-17568070C43C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BBD00F68-FBCE-4C69-8EFE-A1B18145E347}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BBF2B051-EBC0-41E7-92CC-7A901F997DB1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BC045821-C283-42E2-96D6-C987CBEA9CB4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BC39FDCC-F73B-4328-9F2A-0ED5952B118F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BC5C311A-E5E0-4472-99E3-FC32056D982C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BC69968B-51B4-4376-9498-65C9D08AB420}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BC8315B2-8ECB-4596-B338-B544AD4AEA3E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BCD89DE6-EE58-43E3-A6D8-D4D1F84B444E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BCF85379-E69D-47D0-BE73-4944C3BEBC78}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BD852766-1433-46B3-B75E-E89087381CC8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BD983751-77E3-4260-BD3C-EA4A9499C6E7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BD9DA9DB-A413-4B21-8154-9040A5B56DD1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BDA6E18D-D167-42B5-B7CF-0D1FBEFCE2AD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BDD2D45C-40B7-4361-A788-6FC3731E222B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BDDA5402-4976-45F1-952B-A6C2ABE7F119}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BE095C9B-80A8-442A-8EED-09EA30E0620A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BE345F23-56FD-488C-97C9-1126672EF150}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BE4EA0A2-B0D7-41FB-95C0-8EA65E353E8A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BED31B22-FA5C-4401-872F-041A3B0BE363}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BEF6262E-A764-4CEB-B227-A37CF03D1D13}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BF19ECED-3C93-4F62-BB99-C2D82EC34529}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BFA3FB2B-4E8B-449D-A55E-A78E3F147D4D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BFA61628-8110-45F9-93F5-6B2D045EEAD9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BFA74FF7-EFF3-4175-A8D7-0A72DAAF22F4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BFB900B3-13C5-4B2B-8084-8E4408259A93}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{BFCE80E4-82E0-4A25-8767-1CA085AE1B6B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C04462E0-714E-4213-958D-2D72644B060B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C05398C7-68E3-4755-915B-30CE5E5DFEF8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C055FC72-93BC-4CF1-A946-5425DAF08DC9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C0A60941-E503-4EDA-A1F8-2EC1A15CD51E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C0C1E26B-E33A-4192-A888-CCC44F5A0D8B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C0DCDC28-9941-43AC-A8A4-7FCFD9F3197D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C107E9AD-5C34-4305-8169-57DAED7625BB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C11481E2-326B-4D43-BA4D-0E96C86BA8DC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C144F88F-DFE0-46F6-A78D-4989D6F5A83C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C1491950-85CC-4CF7-8BBD-A1E71F27159C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C187418B-0782-4B6D-B9F1-3233702DF708}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C1E40938-B196-4217-8E22-10E1914AA8B4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C1EFAE93-1095-411D-A550-997CF05E6831}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C1F5CAB3-F29D-47E4-AAE0-3E6F5EC47CAD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C1F98BFA-73E3-4473-9F36-14F9FD0F2E92}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C3215405-7FCD-4649-ADC5-5681D04B006D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C39E4640-94E9-4D4C-AC85-BD9607E07C02}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C3F63828-29AD-4C82-AB65-6BF2502B4320}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C4295419-FC33-4446-AC52-B4DF338155C6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C43B7B20-E99F-490D-81A5-9219DD0B90E2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C456DC53-9576-43BF-96AC-15BAE50F0944}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C471A537-4B04-4858-8767-B25C1320F8A8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C4EC99C2-E305-43B3-9D1F-197D665C3A9B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C57C9141-7FEA-4F31-B8BE-3400618DE0F5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C58CBE7E-4077-4537-906C-D798FE56EDA9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C59F80A1-B281-495A-9F87-7EE1BCECFE98}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C5AA77E1-F7C2-4B4D-A2A9-F84DC00BAE15}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C5D271E2-D673-4480-B9D2-F33FD0370C55}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C5FD52C2-DB8D-4483-8772-6410D7BFB87B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C698AA46-07AE-4316-A496-4EF6F763E58E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C719BE36-975A-43E9-B6AE-97BC8758E1AE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C7A7E6F4-13D0-4AF6-ADBB-02E3F2B9CFA8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C7B7DB4A-6D0F-4E45-AC53-9600756712A1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C7D05A18-1681-4141-BA42-7330D69D8885}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C7D0E5B5-DE4D-4B55-9482-9E20CA20DEAC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C80BAA03-F4FD-4460-989A-12458B031DA6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C823652F-9601-4AD5-A294-8AE026699179}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C8ACD782-AF5D-4419-8DFD-990E3B160423}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{C9628671-3697-4CB6-9205-7F853D716100}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CA0C65D7-8BB7-4E22-B1AB-FB33852D3882}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CA2398AA-3511-430D-9223-9E8FAD7A753E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CAA7061A-BF5F-4B7B-8564-D11F97069C3B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CACE6FDE-A3FE-4C3D-8E09-A65557AB8A3E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CB17F6E2-AC32-48E4-889A-ADD88A952E26}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CB4AF77F-13E0-4291-AA6F-F930EA8FB16F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CB7FAD50-3ADA-4B63-AC2E-914047E4EE1B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CB8E5490-DAC6-4135-A5CD-B8A6160821E5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CBB0F80F-539A-45AA-9A08-09ADEE4E646B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CBD67AB1-3EE4-4EB9-A511-D8C81DAF9C6A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CC8C75BA-A34F-4FC6-9D97-0FD0961F0420}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CCBC5839-D60A-45D1-9E5C-BBE68F6325ED}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CCBF7AB3-A2F3-42DD-8A9F-A2D4474D4CDE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CD08799B-EB78-4E57-8AB9-8C6CE3160E5B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CD15DE7F-BDB4-48E0-A149-86D75C473BA6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CD96A7D3-9484-464C-B35A-BAFB8620E9F3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CDAF2A5C-2AF1-4F4F-9183-D4E0512AF0DC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CE27EFBA-8826-4180-B690-2084DA485FD8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CE833EE6-CF3D-487D-9E94-BC3538E9E59C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CE90467C-EB7F-4AE0-9F64-33DB55649409}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CF23230A-E5AD-4A00-988A-732AE77BD272}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CF635393-29A7-44E5-85A2-9EC1DF050BEB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CF6BDBA7-BD89-4307-B4CD-E867FFA40D12}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CF6D52C6-AEAA-474E-8C8C-465E8FE3DB60}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CF8F4C96-B6F6-4510-96AD-C7C208CD98CE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CFA479E1-8761-4F6C-ACA8-5CBC776D9C08}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CFA86802-59F7-4E65-94E7-EB904999418E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CFD72EEA-4DED-4644-925B-719BCB40B5D4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{CFE0E46D-18F4-4CA8-B395-011FA1D608A3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D0294400-179B-48DE-8DA7-4AE750EEDA12}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D03B5C56-07DB-43A0-B20F-79553C7B6A48}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D0F24952-D109-45B0-802B-6CFF0C6B2A8D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D114DBB9-25CB-46BE-A872-2D83FCB5B1FC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D13BBB8C-7FA7-4D49-A1C8-3B818F4BCC17}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D2872BD7-E3EE-4873-B699-8F802DF93EF7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D28800A4-73C9-43D0-BC06-5571E1ABD275}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D2AB0526-DB90-4735-B387-9E2A241E7871}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D2AE4F9E-84FB-440E-8D81-989FBFDB33A3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D2DAA3D0-8D05-4B61-B353-E9B42F46EBB0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D33D9539-8777-4DBA-965F-423A551BC44B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D386CB6F-CA77-4E54-9C9B-917F2AD646BD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D3ADBA4A-CAA6-4BFC-9EAE-61A78BE2BDF8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D3B08A0F-2B16-4B22-A32C-07EF449F7CAB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D3E07225-3F22-431C-B079-EF7C2DA0FBB2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D406D9F8-BB44-4DD5-8D21-D9D780983B08}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D45CC568-774D-4BFE-B06E-94ABF83EED9C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D4D052E4-E631-4495-AB24-62F614043010}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D4DA6B75-ADE0-4B37-AF72-06BCA81CD540}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D51016D1-CB67-4BE4-B4C4-E6FFD2F6E5BF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D518ACB2-501A-44C5-969A-EB3C841EAA0A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D5196650-15F6-4975-A1C5-0FE681B36894}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D62B4BD8-D32B-4A4D-A109-438F7B8496E3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D67858AA-680C-4FE8-AE08-2F8DCB9AE74E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D6D7ECD5-3955-4C11-956A-74D3A217E6CC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D6DF0E50-5F27-4C19-AF69-7D57E0E3E5CD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D71F6353-E295-40ED-A727-2671CCBF6D1A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D7350556-1F27-43B1-A2FC-0D151F723F43}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D77C60FA-6980-43FB-AF83-7306A9671DCA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D78C7D0E-B696-4C54-A1B4-7E261296443E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D7E3ADE0-C992-40D0-B33B-AAA37023D0CB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D7ED1801-6C5B-45C8-9A08-13913B9F24F6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D80EA7F9-6F40-4CAA-897B-C1DE380B3018}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D8516F54-A572-4291-B13E-F09769204E33}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D860331B-D73F-4C0F-82F0-1DAB6BBD4B0C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D8A8F16A-112B-4661-9EE7-D212370DB863}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D98868A1-D1AA-421B-A568-3B32E766DBC9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D9BAF3C3-4927-4308-AB73-FB1093723737}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D9E081DB-6490-4E74-B58B-50243FB13757}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{D9E47806-F954-472F-BE38-6520AA7AD9B3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DA2BA963-A7CE-448A-9B99-3057CCE3D0BC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DA4D1EB9-550A-4930-A080-2C3E11C3AFD8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DB58CA7C-2FA7-4903-A507-27F8E5EA44AB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DB612278-D583-41A3-8173-6EA1BC81E671}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DB6A1B9D-0543-4382-9421-3B26CB8C85AD}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DB878482-A611-4507-8BF3-2B238C849E36}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DC017517-4968-445A-998F-A2144A439082}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DC01CD65-B461-44E0-9D54-DB25B5D3CEB7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DC27245B-53C7-4B88-8018-FD00AA435C52}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DC75D7EE-9C11-4CC0-9519-E019D45E63DA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DCB1BC0F-CFFD-4CBF-9309-258E7EB3ADCF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DD1DEBCC-45EA-4EB7-BF45-930D3392F8D8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DD217B0D-3E25-49EE-8372-37D4D1CC51EE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DE275E8F-104A-4C41-929B-4722887188D2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DE401C98-C504-4A74-930B-ECF4430E2A70}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DE481BE7-9801-498F-BF34-3A988C9489DF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DE48A06B-8A11-47F2-90A5-EF82CAA2EDE8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DE777E91-D91C-4BA4-924E-A4E5908D36D3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DEDDB698-CC99-4FDD-A7BC-2F0F9365A193}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DF8E31D1-B1BF-406E-B270-4D936D04646D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{DFA19A8D-29F2-4DEE-BD0C-20F769956A45}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E055F7EA-5BCD-4F1F-A650-E66AD87C6AF4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E08D9F03-D12F-4159-8250-F1ED0D8779BE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E0AE986E-5BDC-4193-9624-34F7CDA1312F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E0D71D6C-EC14-4747-B47D-5B08E2817AD0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E1083033-A9FC-48BF-9133-09BDB8837026}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E173025F-F0EC-41C2-845D-0EDECCD7ED50}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E26A56F8-158E-4A68-9981-245BD472CEFA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E2707DC6-E062-4CE4-B882-809FC8BEFA4A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E37CBA3D-DDC6-4838-8A9E-21705899A91C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E3E29689-47C4-4E71-91C4-023A167DBADB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E3EF7C6B-181F-4DF8-B19C-958CCB88C5F5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E495813B-99CB-4191-BDB3-EC2B7353681D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E4BA237E-B006-4BC9-90D7-450E9F85823E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E4F309DB-6A2D-47F5-A71C-AE51E5671423}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E578F691-A182-40C2-BCC8-AC3E1093630F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E58D5852-EB84-4349-BE65-0CBF2EB4E659}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E5A51D79-5997-4CDA-9420-1CDEC1DC103E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E5FE5DE8-2EFB-402C-83C0-A496CE6ED2C9}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E6137BB9-B230-48C6-95EC-5BA806D152C5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E6E30217-0A42-4842-BE27-8420FCB8FDBF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E6EB6C68-418A-4932-994C-039F3E64C387}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E6EC94CE-A527-4F54-BF97-E7F0D5DC1ED3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E6F4DBA4-58B7-472A-9885-3F4626A9F357}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E704EF98-11D7-4786-8452-26F850A278AE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E77170B7-B7F8-4AD5-ABAA-C33F74199303}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E7810CEC-5B38-4160-AD5B-B3F04A122BB7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E7A215EE-5E76-485C-A27B-B1F900900C0A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E7BF8D53-12CF-410A-968B-77B61697E492}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E7D56388-AB2B-4A38-B036-09DDA40582F6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E7F4499F-3801-41D4-AB8E-1AAA1BB419F2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E80A3731-A95E-4197-8B8B-F3B16CF0B487}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E92F65EB-AEAF-4273-A659-FDE62DE5D1F0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E93E2EE8-EB43-452D-8676-6BA019382255}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{E9BD88BA-B95F-4717-BF7F-6C1FD09BDF59}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EAA2C7DB-B1CA-4D88-BFCE-FDE0B794E2D8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EAAB620B-C793-4F12-B852-0A8BD552E43B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EB176D52-C0EE-4B3C-8E21-99B8D4A6F3D6}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EC18FB99-41D3-4C64-B2A6-A1312FE05226}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EC6C5104-17A9-49C6-99BF-4A852AE1A193}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{ED030111-99F5-4C82-9621-EBE1732C6727}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{ED3BDF10-49FD-45D2-A6E9-B92DE1F8BBCA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{ED641819-DC4F-457C-97A6-1F963C0BAB1B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{ED6DCF35-06A4-4729-985E-BEAA98D3CB72}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{ED829F9F-CECA-4C13-8B86-60F3219DEA6D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EDB71081-35FE-4237-B0EC-48BF0E1F1BC3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EDBDF7CC-7745-4416-BECB-0F9D29420F77}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EE2EE0AC-5444-4662-A525-40FC63BD2DBC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EE88D633-73BB-44DB-8F83-C00DB7CD5BE5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EE8BB9A1-17FD-448E-AC73-DDDB9C0F7A6B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EEDA43FA-0012-4139-94B3-A6C8330DEEE0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EEDB5638-0E4F-4C9A-8C76-C931028381C1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{EF149265-8A5A-4190-AA56-EECFF06B78CC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F00CAB32-7AE9-48C9-AC74-F0699A0C8CA4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F0160154-1D48-4A1D-B6C0-E78DA9A5CC3D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F052EB59-4C02-4A4C-806D-CC4DC6752CB7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F0578D3C-A49D-466D-AA20-0A2972B124AF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F067853F-9D89-426B-AE5B-DBB1B886EB66}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F0897019-2EB2-4688-9C64-28EC2146E665}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F093B20B-3E13-4D25-9FB7-9E8378B9D649}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F149DBA3-5535-46ED-96EC-A2BCB42E2EF0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F180C789-18F4-48D9-BADD-32CF875B2187}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F1C370E1-867A-459C-86FD-8165509F3061}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F206DAB3-F075-4CE6-BB8A-0E5E37D79269}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F2342F1D-37E3-4C2B-A0EA-2B34969EC4FC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F26A0BAC-D89B-4102-B834-53B2C292B3B4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F2A24A14-0C9D-4FD0-9BA9-BFDC643A11C7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F2B8E358-4C1F-49F5-A3FA-63B4C3E67C9F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F2CE1CEB-3D76-4AFD-901E-73FD25584985}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F30362D9-B7F8-4714-9B03-EEC82A9071BB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F326B51D-054D-4080-9AC8-80820407F2E4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F32D7ED9-258D-4B86-B812-D9DE949FCFC2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F3317CE0-2078-4DA8-A92E-5D682A7D5CD7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F335F3B6-EA5F-422F-AA5B-BDDEE6176FA1}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F371B2B5-644C-41BB-8A35-FBAEE2E32849}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F373B5B7-5521-4DE4-B565-4360FFB1BC99}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F3CEFF96-A298-4348-9188-B7BFA087D1A0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F3D230AF-E27E-4252-A430-14EA03491EEF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F4082B2E-ECD4-432E-ABD3-AD9D01C2C69E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F439833B-E731-44FD-B540-091B3234F57C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F5D54B32-CD5D-42EE-B677-74A2143296EA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F5ED7371-98E5-4F49-B4CE-AB299C1E6F52}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F62E0B1B-0F46-48D9-A819-16E238D44C01}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F62F4B31-7755-486B-8B54-B712F6602DD7}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F6C82758-0B6F-4F65-A463-1FF9803ADDFB}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F7332FFA-DC25-45EE-BAB5-3D6D9028F628}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F7DE8D52-ED1D-43AE-8053-9390276EF7EC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F7E0D68D-87A3-431F-BB3B-FFD477B18EB3}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F89571FB-A198-4C46-9D14-1F94651AE855}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F8D4E82D-8F9E-4072-A868-56CFF5290C75}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F8F852F2-FA4E-4D09-823B-5068284774BA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F93EB8BF-EA01-4645-9A2D-6DBC02B375A5}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{F99A9E86-0B7B-44CF-A16D-364441420E3B}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FA0EB5C8-19C0-4509-A18F-FF1A1AC4F7EC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FAC7E66E-4D1F-468B-B1FE-ACA8F36BF9C8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FB2AA3EF-AD75-4792-BD3E-CDA4A6C2F08C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FB2D4456-4063-4236-9EC6-D3D748C36CC8}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FB80E41D-0374-4679-B78C-7A2D50CAFA6A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FB8B88AB-5649-48C3-BDE4-B06E32D0F1CF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FBA7C873-C4E9-4996-93A8-D8B9D150A582}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FBC82AF7-FFB3-4B78-ABD2-9A02E18A871C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FBCC53FF-59A6-4084-A30E-D1C47A4C8929}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FBCEE496-C4C3-4D84-8C3C-4B8C31C3C4FE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FBDC866E-5C61-4EB6-A326-201CF742E27D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FBEFD232-1DF6-42D3-B906-D564D680F0AA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FC1D21AA-54C9-4CC9-98E9-2F251219B0DF}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FC37EFC1-8756-4199-8BC7-0B865F837F16}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FC72591A-3E6D-40B1-8247-688D59B59F74}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FC762684-B64B-4623-B52F-2C6C9A1C1D88}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FC857E39-04B1-4C7A-B619-7FE56194AE09}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FCD1DC72-4657-48F5-AB54-587C2B8EF2E0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FCF1A260-90A2-48C7-8948-B075BA40CD8A}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FD02E7D9-B147-48E1-ABCF-3018B99D9986}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FD0811C2-4541-4B2B-A49D-628C7DE3172C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FD081781-B0E0-4400-8039-A7CD209F396F}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FD5DAEC6-B450-475C-8F13-11BCC1E43BE4}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FD8EECAA-A758-40CF-A65B-E0CEE0A1ED2E}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FDA7E4A9-FBA0-4330-91AA-7736ECE4C4D2}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FDD15C52-B84E-49C6-80AC-DDC491BAF24C}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FDF7C4C8-DAC4-4B37-9DF9-4AB863D13F99}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FE0862EF-4C48-4623-B93A-6CD958418932}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FE1ACE4D-80EE-445A-B59F-C1E77B716BFE}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FE23D3D4-EC6F-4B07-8156-8062913C9387}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FE59D48F-0AE4-426C-AB5D-6E9934455ABC}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FECFE9B2-2B2A-431B-9402-10B40DE3654D}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FEF32AE8-3046-4400-BD75-284629619EAA}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FF21EA98-7DF2-47C9-99F4-77FC36A83285}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FF27366C-3EE2-4E00-ABEC-4CEC37000DC0}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FF679B65-D461-40D3-A8BF-3C20223C5421}
Successfully deleted: [Empty Folder] C:\Users\Bohlsen\appdata\local\{FFBF7FF1-AD77-41A1-B593-A8BC891079F4}
~~~ FireFox
Emptied folder: C:\Users\Bohlsen\AppData\Roaming\mozilla\firefox\profiles\43zun4eo.default\minidumps [36 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.06.2015 at 0:21:56,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
01.06.2015, 01:20
| #10 |
| | Windows Live Mail startet nicht mehr nach Exe PasswortCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by Bohlsen (administrator) on BOHLSEN-TOSH on 01-06-2015 01:53:06 Running from C:\Users\Bohlsen\Desktop Loaded Profiles: Bohlsen (Available Profiles: UpdatusUser & Bohlsen) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe (Dropbox, Inc.) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe () C:\Windows\System32\rpcnetp.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\klwtblfs.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Run: [ZedgeToneSync] => C:\Users\Bohlsen\AppData\Local\Apps\2.0\Data\Q9E8B8KT.2PV\QNR6453Y.W26\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-04-22] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-09] ShortcutTarget: Dropbox.lnk -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-06-19] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-06-19] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2849900719-3015229166-850732124-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKLM -> {A42BE6C4-34A3-4325-A76A-BBFB9AD7E531} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox SearchScopes: HKLM-x32 -> {02294691-9B82-4BD7-B3F2-0DCDC640F101} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2849900719-3015229166-850732124-1002 -> {02294691-9B82-4BD7-B3F2-0DCDC640F101} URL = BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.) BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.) Toolbar: HKU\S-1-5-21-2849900719-3015229166-850732124-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac" FF NetworkProxy: "type", 2 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-18] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-18] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] () FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-09] () FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2849900719-3015229166-850732124-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Extension: Viewtubes - C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-03-27] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-02] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-02] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-02] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-02] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-02] Chrome: ======= CHR Profile: C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-23] CHR Extension: (Google Docs) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-23] CHR Extension: (Google Drive) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-23] CHR Extension: (YouTube) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-23] CHR Extension: (Google Search) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-23] CHR Extension: (Kaspersky Protection) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-23] CHR Extension: (Google Sheets) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-23] CHR Extension: (Google Wallet) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-23] CHR Extension: (Gmail) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-23] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-04-22] () [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO) R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2010-07-05] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 Dokan; C:\windows\system32\drivers\dokan.sys [106888 2010-07-06] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-05] (DT Soft Ltd) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) U5 regi; C:\Windows\System32\Drivers\regi.sys [14112 2007-04-17] (InterVideo) S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) S4 Usnhiflec; No ImagePath S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-01 00:21 - 2015-06-01 00:21 - 00117284 _____ () C:\Users\Bohlsen\Desktop\JRT.txt 2015-06-01 00:17 - 2015-06-01 00:17 - 00000207 _____ () C:\windows\tweaking.com-regbackup-BOHLSEN-TOSH-Windows-7-Home-Premium-(64-bit).dat 2015-06-01 00:17 - 2015-06-01 00:17 - 00000000 ____D () C:\RegBackup 2015-06-01 00:15 - 2015-06-01 00:16 - 02947675 _____ (Thisisu) C:\Users\Bohlsen\Desktop\JRT.exe 2015-05-31 17:06 - 2015-05-31 21:25 - 00000000 ____D () C:\AdwCleaner 2015-05-31 17:05 - 2015-05-31 17:05 - 02222592 _____ () C:\Users\Bohlsen\Desktop\AdwCleaner_4.205.exe 2015-05-31 17:04 - 2015-05-31 17:04 - 00001382 _____ () C:\Users\Bohlsen\Desktop\mbam.txt 2015-05-31 10:38 - 2015-05-31 10:38 - 00000552 _____ () C:\windows\PFRO.log 2015-05-31 10:35 - 2015-05-31 10:35 - 00024355 _____ () C:\ComboFix.txt 2015-05-31 10:17 - 2015-05-31 10:36 - 00000000 ____D () C:\Qoobox 2015-05-31 10:17 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe 2015-05-31 10:17 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe 2015-05-31 10:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe 2015-05-31 10:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe 2015-05-31 10:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe 2015-05-31 10:17 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe 2015-05-31 10:17 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe 2015-05-31 10:17 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe 2015-05-31 10:16 - 2015-05-31 10:34 - 00000000 ____D () C:\windows\erdnt 2015-05-31 10:12 - 2015-05-31 10:13 - 05628678 ____R (Swearware) C:\Users\Bohlsen\Desktop\ComboFix.exe 2015-05-30 15:45 - 2015-05-30 15:45 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Bohlsen\Desktop\tdsskiller.exe 2015-05-30 12:15 - 2015-05-30 15:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-05-30 12:11 - 2015-05-30 15:39 - 00000000 ____D () C:\Users\Bohlsen\Desktop\mbar 2015-05-30 12:09 - 2015-05-30 12:10 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Bohlsen\Desktop\mbar-1.09.1.1004.exe 2015-05-29 23:21 - 2015-06-01 01:53 - 00022929 _____ () C:\Users\Bohlsen\Desktop\FRST.txt 2015-05-29 23:21 - 2015-05-29 23:21 - 02108928 _____ (Farbar) C:\Users\Bohlsen\Desktop\FRST64.exe 2015-05-28 19:52 - 2015-05-28 19:52 - 00001764 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-05-28 19:52 - 2015-05-28 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-05-28 19:51 - 2015-05-28 19:52 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-05-28 19:51 - 2015-05-28 19:52 - 00000000 ____D () C:\Program Files\iTunes 2015-05-28 19:51 - 2015-05-28 19:51 - 00000000 ____D () C:\Program Files\iPod 2015-05-28 19:46 - 2015-05-28 19:46 - 00000000 ____D () C:\Program Files\Bonjour 2015-05-28 19:46 - 2015-05-28 19:46 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-05-21 20:22 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\SysWOW64\rpcnetp.dll 2015-05-21 20:20 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\SysWOW64\rpcnetp.exe 2015-05-21 20:20 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\system32\rpcnetp.exe 2015-05-19 17:59 - 2015-06-01 00:36 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Deployment 2015-05-19 17:59 - 2015-05-31 10:36 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Apps\2.0 2015-05-19 17:59 - 2015-05-19 17:59 - 00000336 _____ () C:\Users\Bohlsen\Desktop\ToneSync for Windows.appref-ms 2015-05-19 17:59 - 2015-05-19 17:59 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS 2015-05-19 17:47 - 2015-03-05 16:23 - 10849560 _____ (WindSolutions) C:\Users\Bohlsen\Desktop\CopyTransManager.exe 2015-05-19 17:32 - 2015-05-19 17:32 - 00000000 ____D () C:\Users\Bohlsen\Documents\iRinger Tones 2015-05-19 17:29 - 2015-05-19 18:04 - 00000000 ____D () C:\ProgramData\iRinger 2015-05-19 17:27 - 2015-05-19 17:27 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Bohlsen\Desktop\iRinger42.exe 2015-05-13 03:05 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 03:05 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-12 21:27 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-05-12 21:27 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-05-12 21:27 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-05-12 21:27 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-05-12 21:27 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-05-12 21:27 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-05-12 21:27 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-05-12 21:27 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-05-12 21:27 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-05-12 21:27 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-05-12 21:27 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-05-12 21:27 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-05-12 21:27 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-05-12 21:27 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-05-12 21:27 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-05-12 21:27 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-05-12 21:27 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-05-12 21:27 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-05-12 21:27 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-05-12 21:27 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-05-12 21:27 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-05-12 21:27 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-05-12 21:27 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-05-12 21:27 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-05-12 21:27 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-05-12 21:27 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-05-12 21:27 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-05-12 21:27 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-05-12 21:27 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-05-12 21:27 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-05-12 21:27 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-05-12 21:27 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-05-12 21:27 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-05-12 21:27 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-05-12 21:27 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-05-12 21:27 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-05-12 21:27 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-05-12 21:27 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-05-12 21:27 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-05-12 21:27 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-05-12 21:27 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-05-12 21:27 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-05-12 21:27 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-05-12 21:27 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-05-12 21:27 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-12 21:27 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-05-12 21:27 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-05-12 21:27 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-05-12 21:27 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-05-12 21:27 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-05-12 21:27 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-05-12 21:27 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-05-12 21:27 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-05-12 21:27 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2015-05-12 21:27 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-05-12 21:27 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-05-12 21:27 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-05-12 21:27 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-05-12 21:27 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-05-12 21:27 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-05-12 21:23 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-05-12 21:23 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-05-12 21:23 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2015-05-12 21:23 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2015-05-12 21:19 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe 2015-05-12 21:18 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-05-12 21:18 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-05-12 21:18 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-05-12 21:18 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-05-12 21:18 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-05-12 21:18 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-05-12 21:18 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe 2015-05-12 21:18 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-05-12 21:18 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-05-12 21:18 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-05-12 21:18 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-05-12 21:18 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2015-05-12 21:18 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-05-12 21:18 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2015-05-12 21:18 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-05-12 21:18 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe 2015-05-12 21:18 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe 2015-05-12 21:18 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe 2015-05-12 21:18 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe 2015-05-12 21:18 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-05-12 21:18 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2015-05-12 21:18 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2015-05-12 21:18 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-05-12 21:18 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2015-05-12 21:18 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2015-05-12 21:18 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe 2015-05-12 21:18 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-05-12 21:18 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-05-12 21:18 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll 2015-05-12 21:18 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-05-12 21:18 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-05-12 21:18 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-05-12 21:18 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-05-12 21:17 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll 2015-05-12 21:17 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll 2015-05-12 21:17 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll 2015-05-12 21:17 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-05-12 21:17 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll 2015-05-12 21:17 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll 2015-05-12 21:17 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll 2015-05-12 21:17 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll 2015-05-12 21:17 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll 2015-05-12 21:17 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe 2015-05-12 21:17 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll 2015-05-12 21:17 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll 2015-05-12 21:17 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll 2015-05-12 21:17 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe 2015-05-12 21:17 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe 2015-05-12 21:17 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe 2015-05-12 21:17 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll 2015-05-12 21:17 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll 2015-05-09 01:21 - 2015-06-01 00:37 - 00000000 ___RD () C:\Users\Bohlsen\Dropbox 2015-05-09 01:21 - 2015-05-09 01:21 - 00001147 _____ () C:\Users\Bohlsen\Desktop\Dropbox.lnk 2015-05-09 01:16 - 2015-05-09 01:16 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-05-09 01:14 - 2015-06-01 00:37 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Dropbox 2015-05-02 20:11 - 2015-05-30 00:49 - 00000000 ____D () C:\Users\Bohlsen\Desktop\Neuer Ordner 2015-05-02 19:56 - 2015-05-02 20:08 - 00000000 ____D () C:\Users\Bohlsen\Desktop\Filme 2015-05-02 19:53 - 2015-05-02 19:55 - 00000000 ____D () C:\Users\Bohlsen\Desktop\Musik ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-01 01:53 - 2015-04-09 18:13 - 00000000 ____D () C:\FRST 2015-06-01 01:48 - 2011-09-11 21:19 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-06-01 00:58 - 2012-07-15 22:38 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-06-01 00:52 - 2014-12-06 16:43 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-01 00:43 - 2009-07-14 06:45 - 00016080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-01 00:43 - 2009-07-14 06:45 - 00016080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-01 00:39 - 2011-06-19 13:26 - 01531273 _____ () C:\windows\WindowsUpdate.log 2015-06-01 00:35 - 2015-04-03 13:07 - 00004056 _____ () C:\windows\setupact.log 2015-06-01 00:35 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-05-31 15:53 - 2014-12-03 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-31 15:53 - 2014-12-03 18:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-05-31 15:53 - 2012-12-17 20:18 - 00001073 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-31 10:36 - 2011-08-08 14:13 - 00000000 ____D () C:\Users\Bohle 2015-05-31 10:32 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini 2015-05-28 19:51 - 2015-02-12 17:49 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-05-28 19:51 - 2012-05-08 16:22 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-05-21 20:28 - 2015-04-05 03:00 - 00000000 ___SD () C:\windows\SysWOW64\GWX 2015-05-21 20:28 - 2015-04-05 03:00 - 00000000 ___SD () C:\windows\system32\GWX 2015-05-20 22:01 - 2014-06-18 23:16 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Adobe 2015-05-20 22:01 - 2012-07-15 22:38 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-05-20 22:01 - 2012-04-08 20:57 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-05-20 22:01 - 2011-12-19 22:18 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-19 17:59 - 2011-07-04 21:13 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\WindSolutions 2015-05-19 17:50 - 2011-07-04 21:10 - 00000000 ____D () C:\ProgramData\WindSolutions 2015-05-18 22:06 - 2009-07-14 19:58 - 00699682 _____ () C:\windows\system32\perfh007.dat 2015-05-18 22:06 - 2009-07-14 19:58 - 00149790 _____ () C:\windows\system32\perfc007.dat 2015-05-18 22:06 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI 2015-05-18 08:26 - 2015-04-03 05:26 - 00000000 ____D () C:\windows\uninstall 2015-05-18 08:26 - 2015-04-03 05:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exe Passwort 2015-05-15 17:48 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache 2015-05-13 19:35 - 2009-07-14 06:45 - 00405440 _____ () C:\windows\system32\FNTCACHE.DAT 2015-05-13 19:33 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-13 19:32 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers 2015-05-13 03:19 - 2013-07-30 02:16 - 00000000 ____D () C:\windows\system32\MRT 2015-05-13 03:09 - 2011-06-19 17:00 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-05-13 03:04 - 2013-03-14 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-13 03:03 - 2013-03-14 02:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-13 03:03 - 2013-03-14 02:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-05-10 03:08 - 2013-02-27 02:33 - 00000000 ____D () C:\Users\Bohlsen\BWINCOMPokerDir 2015-05-10 03:04 - 2011-07-09 22:56 - 00000000 ____D () C:\windows\System32\Tasks\Games 2015-05-09 01:21 - 2011-06-19 14:25 - 00000000 ____D () C:\Users\Bohlsen ==================== Files in the root of some directories ======= 2013-06-06 19:24 - 2013-06-06 19:24 - 0000055 _____ () C:\Users\Bohlsen\AppData\Roaming\mbam.context.scan 2011-09-11 21:22 - 2011-09-11 21:22 - 0017408 _____ () C:\Users\Bohlsen\AppData\Local\WebpageIcons.db 2015-05-30 12:08 - 2015-05-30 12:09 - 0009952 _____ () C:\Users\Bohlsen\AppData\Local\ZedgeLog.txt 2012-05-08 17:20 - 2012-05-08 17:20 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys Some files in TEMP: ==================== C:\Users\Bohlsen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt5bqim.dll C:\Users\Bohlsen\AppData\Local\Temp\Quarantine.exe C:\Users\Bohlsen\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 19:47 ==================== End of log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Bohlsen at 2015-06-01 01:54:09
Running from C:\Users\Bohlsen\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2849900719-3015229166-850732124-500 - Administrator - Disabled)
Bohlsen (S-1-5-21-2849900719-3015229166-850732124-1002 - Administrator - Enabled) => C:\Users\Bohlsen
Gast (S-1-5-21-2849900719-3015229166-850732124-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2849900719-3015229166-850732124-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-2849900719-3015229166-850732124-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.5 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Amazon Amazon Music) (Version: 3.9.3.797 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.10(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.42 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Dokan Library 0.5.3 (HKLM-x32\...\DokanLibrary) (Version: - )
Dropbox (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{A20A58C4-6784-4B4B-86CC-94E2E3671031}) (Version: 7.02.8637 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
PhoenixRC (HKLM-x32\...\{7DF88245-6DD0-4186-9203-93236C2FED09}) (Version: 3.00.18 - Ihr Firmenname)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.19.409.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10722 - TeamViewer GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14563 - TeamViewer)
ToneSync for Windows (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\c2c9648a374f64d1) (Version: 1.2.3.309 - Zedge Europe AS)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{1777CCDA-F2F2-4A77-ACF4-0B7341229BBB}) (Version: 8.0.29 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - Ihr Firmenname)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1.0 - TOSHIBA CORPORATION)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.3 - TOSHIBA Corporation)
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.4.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Transport Gigant GOLD DELUXE (HKLM-x32\...\{6DCDCE92-E862-4EF2-AA81-88B581B72AD7}_is1) (Version: - UIG GmbH)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WBFS Manager 4.0 (HKLM\...\{D34C07CA-DCF0-4A5C-A4DD-55522B17F4F2}) (Version: 4.0 - WBFS)
Winamp (HKLM-x32\...\Winamp) (Version: 5.621 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
19-05-2015 17:35:36 Windows Update
21-05-2015 20:26:04 Windows Update
26-05-2015 17:47:13 Windows Update
31-05-2015 10:18:01 ComboFix created restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-05-31 10:32 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {162809AF-185D-41B1-A4CB-532D8BAA4BD7} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe
Task: {41DAEF34-6E3D-4C34-AAF3-D76E3F3D11BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4D581EBD-0398-41C1-A148-49B1E1547AFE} - System32\Tasks\{6231D0D6-7BE6-4069-AC5C-D7ED6361C52E} => pcalua.exe -a "C:\Program Files (x86)\Security Task Manager\Uninstal.exe"
Task: {5A1600A1-A0DA-47F8-8228-50FEF6C67E33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {6A0667D8-6E0F-4CDF-B811-048F2FCE194E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {796E9547-CE88-4C0B-AE22-BE48040E07E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2849900719-3015229166-850732124-1002
Task: {79E886A2-861A-4829-A2EC-146B03E2F07D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D43FC374-0196-4CF3-9F54-6DDC131990F3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {FCED906E-175A-4A5A-9BC7-A38120E7DF5C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-13 12:33 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-07-05 14:37 - 2010-07-05 14:37 - 00011776 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2015-05-21 20:20 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\System32\rpcnetp.exe
2010-04-06 14:53 - 2010-04-06 14:53 - 00578936 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-06-01 00:36 - 2015-06-01 00:36 - 00043008 _____ () c:\users\bohlsen\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt5bqim.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Bohlsen\Desktop\IMG_20150525_0001_NEW.pdf:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\myhermes.de -> hxxps://www.myhermes.de
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\windows\pss\Bluetooth Manager.lnk.CommonStartup
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Bohlsen\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KeNotify => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Bohlsen\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Bohlsen\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SVPWUTIL => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ThpSrv => C:\windows\system32\thpsrv /logon
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TRCMan => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B79BB21D-B788-412F-9E51-AE7FBA5FE54D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C31C0294-26DE-4F9E-A867-21BA56446B19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{36DACD2B-2C65-448E-B7EE-2D4BF627F9F1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1482256B-40C3-4461-ABC2-54CE3042D362}] => (Allow) svchost.exe
FirewallRules: [{58B8CF03-A57E-44E7-9E81-B1B98DC41827}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{4BDB0D97-08B9-47B7-B0F3-07EE6E6616AD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{00FF6359-BFDD-4F43-AEF5-962E77C029FB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{7A1D8FAB-580F-4B7F-A97C-2B7308E78E93}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{219FD303-A217-4420-ACD8-B026B2F06F0E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{FD577C4A-2A09-42BC-A89F-1D68C3857CA2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{FD032944-8EFE-42D0-9840-D0DCCAAE7E9C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{4AC8266A-4574-4B92-85E0-DB1065AD6B0F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{69516492-D333-4223-A75F-F154FB1D4AF9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [TCP Query User{4F503FBA-2083-46BA-A15A-13DCD2D4EE8D}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{DC2B2C7F-786A-4DF4-9768-BC9C6C173679}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{C0A85645-470C-4C44-972C-1A299BCDE4B7}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E18B42BC-998F-4035-80CA-30CDBB903CE8}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{4AE1C7C6-6F33-44F9-9767-E84B6CF57D6F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CC2F71D7-5A87-4530-B2CD-D70678AF070E}] => (Allow) LPort=2869
FirewallRules: [{4FF31DA0-77ED-41D6-A192-76366F4A997B}] => (Allow) LPort=1900
FirewallRules: [{11AF62D8-939F-45B0-92D4-F122F59921F3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{40C9CFCF-ACE4-4F54-9E13-5C2A7F29A7CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{92517F8E-91A0-4AC3-BA70-0B92D7B34E43}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{F9C28B27-450C-47FA-937D-72DE72F3BEEA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{2C795254-3AD3-4012-9EA3-09003E418D5B}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{F6270AB7-A171-47F4-9810-5724A786FF10}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{8CB5AA75-0F12-410B-B0AB-15401069AB2A}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92A6A158-67A5-4B94-A6E0-AE831C58E3F5}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6FA2BC4A-7AF1-4842-BAD1-E04950E8288A}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B395B184-ACFE-42D6-90D6-75139CEEAD07}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3878DA48-E83B-4B00-9331-E6D1627483C2}] => (Allow) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0B706FB4-F8AA-425F-BF70-788E4E9DDAE7}] => (Allow) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1C4B0562-CE15-4DEE-B36D-EFC0100C8ADD}C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A33371F7-5F70-43D6-BD75-953B58BAFB14}C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{A89C7E22-D1C5-4A88-BD56-CA337E4F4D07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C6529D5-51DB-4F39-BA51-8F42A848C2A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E6158D3-C791-446D-952A-9C686DD8E355}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{207EFC9A-B14C-43A1-9FED-8CDDE7017A1F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{841E245E-8145-45EB-AF03-5FFD3898CE17}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9859
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9859
Error: (05/29/2015 03:54:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/21/2015 08:27:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (06/01/2015 00:34:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (06/01/2015 00:34:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (06/01/2015 00:34:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (06/01/2015 00:18:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ConfigFree Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ConfigFree WiMAX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/01/2015 00:18:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TOSHIBA eco Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20046
Error: (05/29/2015 03:54:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9859
Error: (05/29/2015 03:54:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9859
Error: (05/29/2015 03:54:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6782346
Error: (05/29/2015 01:01:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/21/2015 08:27:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity Errors:
===================================
Date: 2015-05-31 10:31:50.141
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-31 10:31:50.031
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-02 22:45:00.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:45:00.373
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:31.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:31.250
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.599
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.584
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 45%
Total physical RAM: 3954.67 MB
Available physical RAM: 2167.17 MB
Total Pagefile: 7907.55 MB
Available Pagefile: 5741.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (TI30610400A) (Fixed) (Total:455.1 GB) (Free:307.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D5D703FB)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=455.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.2 GB) - (Type=17)
==================== End of log ============================
|
|
01.06.2015, 17:32
| #11 |
| /// the machine /// TB-Ausbilder | Windows Live Mail startet nicht mehr nach Exe PasswortESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.06.2015, 06:51
| #12 |
| | Windows Live Mail startet nicht mehr nach Exe PasswortCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b55a9223a86c2f428829767653cce264
# engine=24125
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-02 01:53:04
# local_time=2015-06-02 03:53:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1296 16777213 100 100 98240 37286266 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 26201 184839834 0 0
# scanned=293811
# found=0
# cleaned=0
# scan_time=8909
Code:
ATTFilter Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java 7 Update 67
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader 10.1.12 Adobe Reader out of Date!
Mozilla Firefox 25.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 15.0.0 x64 klwtblfs.exe
Kaspersky Lab Kaspersky Internet Security 15.0.0 avpui.exe
Kaspersky Lab Kaspersky Internet Security 15.0.0 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Bohlsen (administrator) on BOHLSEN-TOSH on 02-06-2015 07:35:08
Running from C:\Users\Bohlsen\Desktop
Loaded Profiles: Bohlsen (Available Profiles: UpdatusUser & Bohlsen)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Dropbox, Inc.) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\System32\rpcnetp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\klwtblfs.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Run: [ZedgeToneSync] => C:\Users\Bohlsen\AppData\Local\Apps\2.0\Data\Q9E8B8KT.2PV\QNR6453Y.W26\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-04-22]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-06-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-06-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> {A42BE6C4-34A3-4325-A76A-BBFB9AD7E531} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {02294691-9B82-4BD7-B3F2-0DCDC640F101} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2849900719-3015229166-850732124-1002 -> {02294691-9B82-4BD7-B3F2-0DCDC640F101} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKU\S-1-5-21-2849900719-3015229166-850732124-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2849900719-3015229166-850732124-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: Viewtubes - C:\Users\Bohlsen\AppData\Roaming\Mozilla\Firefox\Profiles\43zun4eo.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-03-27]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-02]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-02]
Chrome:
=======
CHR Profile: C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-23]
CHR Extension: (Google Docs) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-23]
CHR Extension: (Google Drive) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-23]
CHR Extension: (YouTube) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-23]
CHR Extension: (Google Search) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-23]
CHR Extension: (Kaspersky Protection) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-23]
CHR Extension: (Google Sheets) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-23]
CHR Extension: (Gmail) - C:\Users\Bohlsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-23]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-04-22] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2010-07-05] () [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 Dokan; C:\windows\system32\drivers\dokan.sys [106888 2010-07-06] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-05] (DT Soft Ltd)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
U5 regi; C:\Windows\System32\Drivers\regi.sys [14112 2007-04-17] (InterVideo)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S4 Usnhiflec; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-02 07:23 - 2015-06-02 07:23 - 00852639 _____ () C:\Users\Bohlsen\Desktop\SecurityCheck.exe
2015-06-02 01:16 - 2015-06-02 01:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-06-01 20:13 - 2015-06-01 20:14 - 02347384 _____ (ESET) C:\Users\Bohlsen\Desktop\esetsmartinstaller_deu.exe
2015-06-01 20:01 - 2015-06-01 20:01 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\GWX
2015-06-01 00:21 - 2015-06-01 00:21 - 00117284 _____ () C:\Users\Bohlsen\Desktop\JRT.txt
2015-06-01 00:17 - 2015-06-01 00:17 - 00000207 _____ () C:\windows\tweaking.com-regbackup-BOHLSEN-TOSH-Windows-7-Home-Premium-(64-bit).dat
2015-06-01 00:17 - 2015-06-01 00:17 - 00000000 ____D () C:\RegBackup
2015-06-01 00:15 - 2015-06-01 00:16 - 02947675 _____ (Thisisu) C:\Users\Bohlsen\Desktop\JRT.exe
2015-05-31 17:06 - 2015-05-31 21:25 - 00000000 ____D () C:\AdwCleaner
2015-05-31 17:05 - 2015-05-31 17:05 - 02222592 _____ () C:\Users\Bohlsen\Desktop\AdwCleaner_4.205.exe
2015-05-31 17:04 - 2015-05-31 17:04 - 00001382 _____ () C:\Users\Bohlsen\Desktop\mbam.txt
2015-05-31 10:38 - 2015-05-31 10:38 - 00000552 _____ () C:\windows\PFRO.log
2015-05-31 10:35 - 2015-05-31 10:35 - 00024355 _____ () C:\ComboFix.txt
2015-05-31 10:17 - 2015-05-31 10:36 - 00000000 ____D () C:\Qoobox
2015-05-31 10:17 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2015-05-31 10:17 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2015-05-31 10:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-05-31 10:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-05-31 10:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-05-31 10:17 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2015-05-31 10:17 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2015-05-31 10:17 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2015-05-31 10:16 - 2015-05-31 10:34 - 00000000 ____D () C:\windows\erdnt
2015-05-31 10:12 - 2015-05-31 10:13 - 05628678 ____R (Swearware) C:\Users\Bohlsen\Desktop\ComboFix.exe
2015-05-30 15:45 - 2015-05-30 15:45 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Bohlsen\Desktop\tdsskiller.exe
2015-05-30 12:15 - 2015-05-30 15:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-30 12:11 - 2015-05-30 15:39 - 00000000 ____D () C:\Users\Bohlsen\Desktop\mbar
2015-05-30 12:09 - 2015-05-30 12:10 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Bohlsen\Desktop\mbar-1.09.1.1004.exe
2015-05-29 23:21 - 2015-06-02 07:35 - 00025204 _____ () C:\Users\Bohlsen\Desktop\FRST.txt
2015-05-29 23:21 - 2015-05-29 23:21 - 02108928 _____ (Farbar) C:\Users\Bohlsen\Desktop\FRST64.exe
2015-05-28 19:52 - 2015-05-28 19:52 - 00001764 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-28 19:52 - 2015-05-28 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-28 19:51 - 2015-05-28 19:52 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-28 19:51 - 2015-05-28 19:52 - 00000000 ____D () C:\Program Files\iTunes
2015-05-28 19:51 - 2015-05-28 19:51 - 00000000 ____D () C:\Program Files\iPod
2015-05-28 19:46 - 2015-05-28 19:46 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-28 19:46 - 2015-05-28 19:46 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-21 20:22 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\SysWOW64\rpcnetp.dll
2015-05-21 20:20 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\SysWOW64\rpcnetp.exe
2015-05-21 20:20 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\system32\rpcnetp.exe
2015-05-19 17:59 - 2015-06-01 00:36 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Deployment
2015-05-19 17:59 - 2015-05-31 10:36 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Apps\2.0
2015-05-19 17:59 - 2015-05-19 17:59 - 00000336 _____ () C:\Users\Bohlsen\Desktop\ToneSync for Windows.appref-ms
2015-05-19 17:59 - 2015-05-19 17:59 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS
2015-05-19 17:47 - 2015-03-05 16:23 - 10849560 _____ (WindSolutions) C:\Users\Bohlsen\Desktop\CopyTransManager.exe
2015-05-19 17:32 - 2015-05-19 17:32 - 00000000 ____D () C:\Users\Bohlsen\Documents\iRinger Tones
2015-05-19 17:29 - 2015-05-19 18:04 - 00000000 ____D () C:\ProgramData\iRinger
2015-05-19 17:27 - 2015-05-19 17:27 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Bohlsen\Desktop\iRinger42.exe
2015-05-13 03:05 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:05 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:27 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-12 21:27 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-12 21:27 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-12 21:27 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-12 21:27 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-12 21:27 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-12 21:27 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-12 21:27 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-12 21:27 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-12 21:27 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-12 21:27 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-12 21:27 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-12 21:27 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-12 21:27 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-12 21:27 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-12 21:27 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-12 21:27 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-12 21:27 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-12 21:27 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-12 21:27 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-12 21:27 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-12 21:27 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-12 21:27 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-12 21:27 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 21:27 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-12 21:27 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-12 21:27 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-12 21:27 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-12 21:27 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-12 21:27 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-12 21:27 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-12 21:27 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-12 21:27 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-12 21:27 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-12 21:27 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-12 21:27 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-12 21:27 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-12 21:27 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-12 21:27 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-12 21:27 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-12 21:27 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-12 21:27 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-12 21:27 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-12 21:27 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-12 21:27 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 21:27 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-12 21:27 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-12 21:27 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-12 21:27 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-12 21:27 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-12 21:27 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-12 21:27 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-12 21:27 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-12 21:27 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-12 21:27 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-12 21:27 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-12 21:27 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-12 21:27 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-12 21:27 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-12 21:27 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-12 21:23 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-12 21:23 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-12 21:23 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-12 21:23 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-12 21:19 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-12 21:18 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-12 21:18 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-12 21:18 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-12 21:18 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-12 21:18 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-12 21:18 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-12 21:18 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-12 21:18 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-12 21:18 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-12 21:18 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-12 21:18 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-12 21:18 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-12 21:18 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-12 21:18 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-12 21:18 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-12 21:18 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-12 21:18 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-12 21:18 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-12 21:18 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-12 21:18 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-12 21:18 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-12 21:18 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-12 21:18 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-12 21:18 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-12 21:18 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 21:18 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 21:17 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-12 21:17 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-12 21:17 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-12 21:17 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-12 21:17 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-12 21:17 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-12 21:17 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-12 21:17 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-12 21:17 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-12 21:17 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-12 21:17 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-12 21:17 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-12 21:17 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-12 21:17 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-12 21:17 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-12 21:17 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-12 21:17 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-12 21:17 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-09 01:21 - 2015-06-01 00:37 - 00000000 ___RD () C:\Users\Bohlsen\Dropbox
2015-05-09 01:21 - 2015-05-09 01:21 - 00001147 _____ () C:\Users\Bohlsen\Desktop\Dropbox.lnk
2015-05-09 01:16 - 2015-05-09 01:16 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-09 01:14 - 2015-06-01 00:37 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\Dropbox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-02 07:35 - 2015-04-09 18:13 - 00000000 ____D () C:\FRST
2015-06-02 07:31 - 2011-09-11 21:19 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-06-02 07:15 - 2012-07-15 22:38 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-06-02 07:15 - 2011-06-19 13:26 - 01571176 _____ () C:\windows\WindowsUpdate.log
2015-06-01 23:00 - 2014-12-06 16:43 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-01 21:45 - 2009-07-14 06:45 - 00016080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 21:45 - 2009-07-14 06:45 - 00016080 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 19:49 - 2015-05-02 20:11 - 00000000 ____D () C:\Users\Bohlsen\Desktop\Neuer Ordner
2015-06-01 00:35 - 2015-04-03 13:07 - 00004056 _____ () C:\windows\setupact.log
2015-06-01 00:35 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-31 15:53 - 2014-12-03 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-31 15:53 - 2014-12-03 18:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-05-31 15:53 - 2012-12-17 20:18 - 00001073 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-31 10:36 - 2011-08-08 14:13 - 00000000 ____D () C:\Users\Bohle
2015-05-31 10:32 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2015-05-28 19:51 - 2015-02-12 17:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-28 19:51 - 2012-05-08 16:22 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-21 20:28 - 2015-04-05 03:00 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-05-21 20:28 - 2015-04-05 03:00 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-20 22:01 - 2014-06-18 23:16 - 00000000 ____D () C:\Users\Bohlsen\AppData\Local\Adobe
2015-05-20 22:01 - 2012-07-15 22:38 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-05-20 22:01 - 2012-04-08 20:57 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-20 22:01 - 2011-12-19 22:18 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-19 17:59 - 2011-07-04 21:13 - 00000000 ____D () C:\Users\Bohlsen\AppData\Roaming\WindSolutions
2015-05-19 17:50 - 2011-07-04 21:10 - 00000000 ____D () C:\ProgramData\WindSolutions
2015-05-18 22:06 - 2009-07-14 19:58 - 00699682 _____ () C:\windows\system32\perfh007.dat
2015-05-18 22:06 - 2009-07-14 19:58 - 00149790 _____ () C:\windows\system32\perfc007.dat
2015-05-18 22:06 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-18 08:26 - 2015-04-03 05:26 - 00000000 ____D () C:\windows\uninstall
2015-05-18 08:26 - 2015-04-03 05:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exe Passwort
2015-05-15 17:48 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-05-13 19:35 - 2009-07-14 06:45 - 00405440 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-13 19:33 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 19:32 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-13 03:19 - 2013-07-30 02:16 - 00000000 ____D () C:\windows\system32\MRT
2015-05-13 03:09 - 2011-06-19 17:00 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 03:04 - 2013-03-14 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 03:03 - 2013-03-14 02:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 03:03 - 2013-03-14 02:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-10 03:08 - 2013-02-27 02:33 - 00000000 ____D () C:\Users\Bohlsen\BWINCOMPokerDir
2015-05-10 03:04 - 2011-07-09 22:56 - 00000000 ____D () C:\windows\System32\Tasks\Games
2015-05-09 01:21 - 2011-06-19 14:25 - 00000000 ____D () C:\Users\Bohlsen
==================== Files in the root of some directories =======
2013-06-06 19:24 - 2013-06-06 19:24 - 0000055 _____ () C:\Users\Bohlsen\AppData\Roaming\mbam.context.scan
2011-09-11 21:22 - 2011-09-11 21:22 - 0017408 _____ () C:\Users\Bohlsen\AppData\Local\WebpageIcons.db
2015-05-30 12:08 - 2015-05-30 12:09 - 0009952 _____ () C:\Users\Bohlsen\AppData\Local\ZedgeLog.txt
2012-05-08 17:20 - 2012-05-08 17:20 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\Bohlsen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt5bqim.dll
C:\Users\Bohlsen\AppData\Local\Temp\Quarantine.exe
C:\Users\Bohlsen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 19:47
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Bohlsen at 2015-06-02 07:35:59
Running from C:\Users\Bohlsen\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2849900719-3015229166-850732124-500 - Administrator - Disabled)
Bohlsen (S-1-5-21-2849900719-3015229166-850732124-1002 - Administrator - Enabled) => C:\Users\Bohlsen
Gast (S-1-5-21-2849900719-3015229166-850732124-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2849900719-3015229166-850732124-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-2849900719-3015229166-850732124-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.5 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Amazon Amazon Music) (Version: 3.9.3.797 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.10(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.42 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Dokan Library 0.5.3 (HKLM-x32\...\DokanLibrary) (Version: - )
Dropbox (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{A20A58C4-6784-4B4B-86CC-94E2E3671031}) (Version: 7.02.8637 - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
PhoenixRC (HKLM-x32\...\{7DF88245-6DD0-4186-9203-93236C2FED09}) (Version: 3.00.18 - Ihr Firmenname)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.19.409.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10722 - TeamViewer GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14563 - TeamViewer)
ToneSync for Windows (HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\c2c9648a374f64d1) (Version: 1.2.3.309 - Zedge Europe AS)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{1777CCDA-F2F2-4A77-ACF4-0B7341229BBB}) (Version: 8.0.29 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - Ihr Firmenname)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1.0 - TOSHIBA CORPORATION)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.3 - TOSHIBA Corporation)
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.4.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Transport Gigant GOLD DELUXE (HKLM-x32\...\{6DCDCE92-E862-4EF2-AA81-88B581B72AD7}_is1) (Version: - UIG GmbH)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WBFS Manager 4.0 (HKLM\...\{D34C07CA-DCF0-4A5C-A4DD-55522B17F4F2}) (Version: 4.0 - WBFS)
Winamp (HKLM-x32\...\Winamp) (Version: 5.621 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2849900719-3015229166-850732124-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
19-05-2015 17:35:36 Windows Update
21-05-2015 20:26:04 Windows Update
26-05-2015 17:47:13 Windows Update
31-05-2015 10:18:01 ComboFix created restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-05-31 10:32 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {162809AF-185D-41B1-A4CB-532D8BAA4BD7} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe
Task: {41DAEF34-6E3D-4C34-AAF3-D76E3F3D11BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4725F3EC-80B6-4AA5-B034-8A6EB91D16EE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4D581EBD-0398-41C1-A148-49B1E1547AFE} - System32\Tasks\{6231D0D6-7BE6-4069-AC5C-D7ED6361C52E} => pcalua.exe -a "C:\Program Files (x86)\Security Task Manager\Uninstal.exe"
Task: {5A1600A1-A0DA-47F8-8228-50FEF6C67E33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {796E9547-CE88-4C0B-AE22-BE48040E07E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2849900719-3015229166-850732124-1002
Task: {79E886A2-861A-4829-A2EC-146B03E2F07D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {8BB5C065-867B-475C-B61F-0EE789E10482} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {92508D7C-E225-4A07-9321-CBD565F7FF08} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {D43FC374-0196-4CF3-9F54-6DDC131990F3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {FCED906E-175A-4A5A-9BC7-A38120E7DF5C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-13 12:33 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-07-05 14:37 - 2010-07-05 14:37 - 00011776 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2015-05-21 20:20 - 2015-06-01 00:35 - 00017920 _____ () C:\windows\System32\rpcnetp.exe
2010-04-06 14:53 - 2010-04-06 14:53 - 00578936 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2015-06-01 00:36 - 2015-06-01 00:36 - 00043008 _____ () c:\users\bohlsen\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt5bqim.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-05-09 01:16 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Bohlsen\Desktop\IMG_20150525_0001_NEW.pdf:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2849900719-3015229166-850732124-1002\...\myhermes.de -> hxxps://www.myhermes.de
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2849900719-3015229166-850732124-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Bohlsen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\windows\pss\Bluetooth Manager.lnk.CommonStartup
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Bohlsen\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KeNotify => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Bohlsen\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Bohlsen\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SVPWUTIL => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ThpSrv => C:\windows\system32\thpsrv /logon
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TRCMan => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B79BB21D-B788-412F-9E51-AE7FBA5FE54D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C31C0294-26DE-4F9E-A867-21BA56446B19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{36DACD2B-2C65-448E-B7EE-2D4BF627F9F1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1482256B-40C3-4461-ABC2-54CE3042D362}] => (Allow) svchost.exe
FirewallRules: [{58B8CF03-A57E-44E7-9E81-B1B98DC41827}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{4BDB0D97-08B9-47B7-B0F3-07EE6E6616AD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{00FF6359-BFDD-4F43-AEF5-962E77C029FB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{7A1D8FAB-580F-4B7F-A97C-2B7308E78E93}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{219FD303-A217-4420-ACD8-B026B2F06F0E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{FD577C4A-2A09-42BC-A89F-1D68C3857CA2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{FD032944-8EFE-42D0-9840-D0DCCAAE7E9C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{4AC8266A-4574-4B92-85E0-DB1065AD6B0F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{69516492-D333-4223-A75F-F154FB1D4AF9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [TCP Query User{4F503FBA-2083-46BA-A15A-13DCD2D4EE8D}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{DC2B2C7F-786A-4DF4-9768-BC9C6C173679}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [TCP Query User{C0A85645-470C-4C44-972C-1A299BCDE4B7}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E18B42BC-998F-4035-80CA-30CDBB903CE8}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{4AE1C7C6-6F33-44F9-9767-E84B6CF57D6F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CC2F71D7-5A87-4530-B2CD-D70678AF070E}] => (Allow) LPort=2869
FirewallRules: [{4FF31DA0-77ED-41D6-A192-76366F4A997B}] => (Allow) LPort=1900
FirewallRules: [{11AF62D8-939F-45B0-92D4-F122F59921F3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{40C9CFCF-ACE4-4F54-9E13-5C2A7F29A7CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{92517F8E-91A0-4AC3-BA70-0B92D7B34E43}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{F9C28B27-450C-47FA-937D-72DE72F3BEEA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{2C795254-3AD3-4012-9EA3-09003E418D5B}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{F6270AB7-A171-47F4-9810-5724A786FF10}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{8CB5AA75-0F12-410B-B0AB-15401069AB2A}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92A6A158-67A5-4B94-A6E0-AE831C58E3F5}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6FA2BC4A-7AF1-4842-BAD1-E04950E8288A}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B395B184-ACFE-42D6-90D6-75139CEEAD07}C:\users\bohlsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bohlsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3878DA48-E83B-4B00-9331-E6D1627483C2}] => (Allow) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0B706FB4-F8AA-425F-BF70-788E4E9DDAE7}] => (Allow) C:\Users\Bohlsen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1C4B0562-CE15-4DEE-B36D-EFC0100C8ADD}C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A33371F7-5F70-43D6-BD75-953B58BAFB14}C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\bohlsen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{A89C7E22-D1C5-4A88-BD56-CA337E4F4D07}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C6529D5-51DB-4F39-BA51-8F42A848C2A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E6158D3-C791-446D-952A-9C686DD8E355}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{207EFC9A-B14C-43A1-9FED-8CDDE7017A1F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{841E245E-8145-45EB-AF03-5FFD3898CE17}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/02/2015 07:21:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/02/2015 04:23:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/02/2015 01:16:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/02/2015 01:15:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/02/2015 01:15:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/02/2015 01:13:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7944882
Error: (06/02/2015 01:13:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7944882
Error: (06/02/2015 01:13:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/01/2015 09:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10000
Error: (06/01/2015 09:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10000
System errors:
=============
Error: (06/01/2015 00:34:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (06/01/2015 00:34:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (06/01/2015 00:34:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\bcmihvsrv64.dll
Error: (06/01/2015 00:18:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ConfigFree Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ConfigFree WiMAX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/01/2015 00:18:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/01/2015 00:18:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TOSHIBA eco Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (06/02/2015 07:21:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (06/02/2015 04:23:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (06/02/2015 01:16:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Bohlsen\Desktop\esetsmartinstaller_deu.exe
Error: (06/02/2015 01:15:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Bohlsen\Desktop\esetsmartinstaller_deu.exe
Error: (06/02/2015 01:15:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Bohlsen\Desktop\esetsmartinstaller_deu.exe
Error: (06/02/2015 01:13:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7944882
Error: (06/02/2015 01:13:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7944882
Error: (06/02/2015 01:13:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/01/2015 09:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10000
Error: (06/01/2015 09:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10000
CodeIntegrity Errors:
===================================
Date: 2015-05-31 10:31:50.141
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-31 10:31:50.031
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-02 22:45:00.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:45:00.373
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:31.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:31.250
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.755
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.599
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-02 22:43:27.584
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 52%
Total physical RAM: 3954.67 MB
Available physical RAM: 1871.53 MB
Total Pagefile: 7907.55 MB
Available Pagefile: 5453.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (TI30610400A) (Fixed) (Total:455.1 GB) (Free:306.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D5D703FB)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=455.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.2 GB) - (Type=17)
==================== End of log ============================
|
|
02.06.2015, 18:48
| #13 |
| /// the machine /// TB-Ausbilder | Windows Live Mail startet nicht mehr nach Exe Passwort WIndows Mail neu installieren. Java, Adobe und Firefox updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows Live Mail startet nicht mehr nach Exe Passwort |
| adware, alert, bonjour, browser, canon, device driver, ebanking, exe, flash player, home, kaspersky, monitor, mozilla, mp3, panda usb vaccine, programm, realtek, registry, rundll, scan, security, software, starten, svchost.exe, system, udp, vista, warnung, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
