Trojaner-Board - Firefox öffnet Fenster zur Seite von systweak/regcleanpro

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Firefox öffnet Fenster zur Seite von systweak/regcleanpro (https://www.trojaner-board.de/149603-firefox-oeffnet-fenster-seite-systweak-regcleanpro.html)

Firefox öffnet Fenster zur Seite von systweak/regcleanpro

Hallo,

das Problem scheint in letzter Zeit verstärkt vorzukommen.

http://www.trojaner-board.de/149597-...eaner-pro.html

http://www.trojaner-board.de/149165-...gcleanpro.html

Ich habe leider die gleiche Problematik. Rechner mit Windows 7 Home Premium 64Bit.
Mein Antivirusprogramm oder diverse Anti Malware haben bisher kein Ergbnis gebracht.

Hier die Logs von FRST.

FRST.txt

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014

Ran by User (administrator) on DESKTOP on 10-02-2014 21:47:16

Running from C:\Users\User\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 

The only official download link for FRST:

Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(AMD) C:\Windows\system32\atieclxx.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

(Farbar) C:\Users\User\Desktop\FRST64(2).exe

(Farbar) C:\Users\User\Desktop\FRST64(2).exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)

HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-07-16] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)

HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-07-16] ()

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [975800 2012-07-16] (Samsung)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-08-16] (Hewlett-Packard Company)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-28] (AMD)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [Fatal1tySTU] - [X]

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\RunOnce: [BrStsW64.exe] - C:\Program Files (x86)\Brownie\BrStsW64.exe [3695928 2009-08-19] (brother)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\MountPoints2: {3e674dd9-5b59-11e1-9699-806e6f6e6963} - Y:\0data\cbs.exe
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6356EC21A8ECCC01

SearchScopes: HKCU - DefaultScope {62A06542-6440-4735-8DA3-A8EBA56D87ED} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}

SearchScopes: HKCU - {62A06542-6440-4735-8DA3-A8EBA56D87ED} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kh1a56dz.default

FF Homepage: hxxp://www.t-online.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-13]
 

==================== Services (Whitelisted) =================
 

S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3606008 2014-01-24] (devolo AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] ()
 

==================== Drivers (Whitelisted) ====================
 

R3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)

R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)

S3 gwiopm; C:\Program Files (x86)\Slotman\gwiopm.sys [3904 1998-06-03] ()

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140207.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140210.001\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140210.001\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2014-01-24] (CACE Technologies)

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()

S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)

S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)

S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)

R0 SMR410; C:\Windows\System32\drivers\SMR410.SYS [96856 2014-02-10] (Symantec Corporation)

R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)

S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [X]

S3 TRIXX; \??\C:\Users\User\AppData\Local\Temp\TRIXX.sys [X]
 

==================== NetSvcs (Whitelisted) ===================

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-02-2014

Ran by User at 2014-02-10 21:47:28

Running from C:\Users\User\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Norton 360 Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}

AS: Norton 360 Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 Online (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 

==================== Installed Programs ======================
 

ACDSee 7 User Guide (x32 Version: 1.0.0 - Ihr Firmenname)

ACDSee 7.0 PowerPack (x32 Version: 7.0.102 - ACD Systems Ltd.)

Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133 - Adobe Systems, Inc.)

Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17 - Amazon Services LLC)

AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden

AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden

AMD AVIVO64 Codecs (Version: 11.6.0.10728 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden

AMG LASSO-DB update software (x32 Version: 1.0.0.0 - Kenwood Corporation)

Ashampoo Burning Studio Elements 10.0.9 (x32 Version: 3.1.1 - Ashampoo GmbH & Co. KG)

ASRock App Charger v1.0.4 (Version:  - ASRock Inc.)

AVM FRITZ! (x32 Version:  - AVM Berlin)

Battlefield 2 Map - A.T.O.M. SP (x32 Version:  - )

Battlefield 2(TM) (x32 Version:  - )

Battlefield2 Map El Alamein Day1 Bot Support (x32 Version:  - )

Battlefield2 Map Hamburger Hill 2005 Bot Support (x32 Version:  - )

Brother HL-2030 (x32 Version: 1.00 - Brother)

Canon Easy-WebPrint EX (x32 Version:  - )

Canon iP4700 series Benutzerregistrierung (x32 Version:  - )

Canon iP4700 series Printer Driver (Version:  - )

Canon MP Navigator EX 4.0 (x32 Version:  - )

Canon Solution Menu EX (x32 Version:  - )

Canon Utilities Easy-PhotoPrint EX (x32 Version:  - )

Canon Utilities My Printer (x32 Version:  - )

Canon Utilities Solution Menu (x32 Version:  - )

CanoScan LiDE 210 Scanner Driver (Version:  - )

Cars (x32 Version:  - )

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden

CD-LabelPrint (x32 Version:  - )

Core Temp 1.0 RC5 (Version: 1.0 - Alcpu)

CyberLink BD Advisor 2.0 (x32 Version:  - )

CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.)

CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden

CyberLink LabelPrint (x32 Version: 2.5.1916 - CyberLink Corp.)

CyberLink LabelPrint (x32 Version: 2.5.1916 - CyberLink Corp.) Hidden

CyberLink LG Burning Tool (x32 Version: 6.2.4619 - CyberLink Corp.)

CyberLink LG Burning Tool (x32 Version: 6.2.4619 - CyberLink Corp.) Hidden

CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.)

CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) Hidden

CyberLink PowerBackup (x32 Version: 2.5.6023 - CyberLink Corp.)

CyberLink PowerDVD 9 (x32 Version: 9.0.4322.52 - CyberLink Corp.)

CyberLink PowerDVD 9 (x32 Version: 9.0.4322.52 - CyberLink Corp.) Hidden

CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.)

CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

devolo Cockpit (x32 Version: 4.2.0.0 - devolo AG)

Die Siedler - Aufbruch der Kulturen (x32 Version:  - )

dLAN Cockpit (x32 Version: 3.2.28 - devolo AG) Hidden

dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden

DVDFab 8.2.0.0 (03/08/2012) Qt (x32 Version:  - Fengtao Software Inc.)

EasyBCD 2.2 (x32 Version: 2.2 - NeoSmart Technologies)

Electronic Arts Game Updater (x32 Version:  - )

Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology)

Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden

FlatOut2 (x32 Version: 1.00.0000 - Ihr Firmenname)

fotokasten comfort 5.0 (x32 Version:  - )

F-Stream Tuning v0.1.73.3401 (x32 Version:  - )

Hama Black Force Pad (x32 Version: 2007.01.01 - )

HD Writer AE 3.0 (x32 Version: 3.00.019.1031 - Panasonic Corporation)

HitmanPro 3.7 (Version: 3.7.9.212 - SurfRight B.V.)

HydraVision (x32 Version: 4.2.210.0 - Advanced Micro Devices, Inc.) Hidden

InstantBoot (x32 Version:  - )

Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008 - Intel Corporation)

Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LEGO LOCO (x32 Version:  - )

LightScribe System Software (x32 Version: 1.18.18.1 - LightScribe)

Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)

MediaMonkey 4.0 (x32 Version: 4.0 - Ventis Media Inc.)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version:  - )

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt (x32 Version: 9.0 - Microsoft)

Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation)

Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden

Microsoft Money 98 (x32 Version:  - )

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Core Components (x64) ENU  (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Train Simulator (x32 Version:  - )

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

MiniTool Partition Wizard Home Edition 7.1 (x32 Version:  - MiniTool Solution Ltd.)

Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)

Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)

MP3Test (x32 Version: 1.6.0.160 - Markus Stein)

MSTS Patch 1.7.0519 (x32 Version: 1.7.051922 - George)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

NAS Starter Utility (x32 Version:  - ZyXEL)

Naviextras Toolbox (x32 Version: 3.8.1.7912 - NNG Llc.)

Naviextras Toolbox Prerequesities (x32 Version: 1.0.0 - NNG Llc.)

nLite 1.4.9.1 (x32 Version: 1.4.9.1 - Dino Nuhagic (nuhi))

Norton 360 (x32 Version: 20.4.0.40 - Symantec Corporation)

NVIDIA PhysX v8.04.25 (x32 Version: 8.04.25 - NVIDIA Corporation)

OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)

Paragon Backup & Recovery™ 2012 Free (x32 Version: 90.00.0003 - Paragon Software)

PDF Split And Merge Basic (Version: 2.2.2 - Andrea Vacondio)

Philips Channel Editor (x32 Version: 2.0.59 - Philips)

ProTrain "Streckenpack" 1.0 (x32 Version: 1.0 - BlueSky Interactive)

ProTrain 8 - Update auf Version 1.1 1.1 (x32 Version: 1.1 - Blue Sky Interactive)

ProTrain Vogelfluglinie Activitiepack 1 1.0 (x32 Version: 1.0 - Blue Sky Interactive)

Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011 - Realtek)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6167 - Realtek Semiconductor Corp.)

Samsung Kies (x32 Version: 2.3.1.12044_18 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.3.1.12044_18 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)

Sapphire TRIXX (x32 Version:  - )

Slotman (x32 Version:  - Elmar)

Star Wars Battlefront II (x32 Version: 1.0 - LucasArts)

Steuer 2012 (x32 Version: 20.00.8137 - Buhl Data Service GmbH)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

SyncToy 2.1 (x64) (Version: 2.1.0 - Microsoft)

Thrustmaster Force Feedback Racing Wheel Drivers (x32 Version:  - )

Trackplanner 1.1.12 (x32 Version:  - Georg Wächter)

Unity Web Player (HKCU Version: 2.6.1f3_31223 - Unity Technologies ApS)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)

WinRAR 4.11 (64-Bit) (Version: 4.11.0 - win.rar GmbH)

World of Tanks (x32 Version:  - Wargaming.net)

World of Warplanes (x32 Version:  - Wargaming.net)
 

==================== Restore Points  =========================
 

10-02-2014 08:38:40 Installed NVIDIA PhysX v8.04.25
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {034F7DE7-F807-4894-9B55-9F4E2D7C0A76} - System32\Tasks\{79216AFC-BD6E-4262-9460-CE3F53CA09FA} => G:\AGFA\ScanWise 2.0.0.9-1212u.exe [2004-05-23] (InstallShield Software Corporation                          )

Task: {06F74E31-AD5F-4DB3-9445-021AB058370F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)

Task: {2435BBBB-3965-4189-BFF4-5CF8FBA9DDBD} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)

Task: {4BC9740F-3A84-4BD3-AFD3-6BBD5B07772D} - System32\Tasks\{37435EEC-E588-4F74-BE6E-1163CC738482} => Z:\Autorun.exe

Task: {7213A401-31E9-4597-B96C-3C12482B9CAB} - System32\Tasks\{67663EBA-0470-484B-9BD5-FE9D79C1CF02} => I:\Steuer\start.exe

Task: {824509D8-9254-481A-AD64-21C6FA15EAA0} - System32\Tasks\{DD63AC66-70D3-4B95-85F7-66BA976826C1} => H:\Program Files (x86)\Electronic Arts\Need For Speed - Porsche\Porsche.exe

Task: {8311B71B-3C00-4D51-B93C-48EB3DE5604E} - System32\Tasks\{4173B9CC-33F6-4F3E-9009-2C8281FD5B73} => G:\AGFA\ScanWise 2.0.0.9-1212u.exe [2004-05-23] (InstallShield Software Corporation                          )

Task: {9C42071A-BC72-42AE-946B-DE7BB3E6A0DD} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)

Task: {A0E189A8-966C-4590-A653-9D020DA6E5CD} - System32\Tasks\{806877D6-B7DC-4C24-B8E9-8101CA863BB4} => H:\Program Files (x86)\Electronic Arts\Need For Speed - Porsche\Porsche.exe

Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe

Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe

Task: {C75DB854-22CD-43B8-A90E-8C07B7A0EAFB} - System32\Tasks\{05279BB0-1DB0-4A9F-8B29-ED59CF77FB80} => H:\Program Files (x86)\Electronic Arts\Need For Speed - Porsche\Porsche.exe

Task: {DD4C6433-07BE-4357-9646-2EB61F27314C} - System32\Tasks\{1403F8C3-9C6C-4D1B-9AC4-80CB7C3D61F1} => Z:\Autorun.exe

Task: {E2ADAA61-88B4-470A-AD0D-6F1708CFF5F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)

Task: {EDB5CC57-CAC1-400E-BAD2-3F417F6B308B} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)

Task: {F519D0C3-A629-4860-9D75-2703371DA42D} - System32\Tasks\{BC84C39F-53F3-48DF-9973-B4D973BD7C99} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exe

Task: {FE6DFBD6-4BD2-4A27-B54D-385C0414506A} - System32\Tasks\{3F331962-1114-4520-B2B5-5F938374D4B3} => G:\Emulatoren\Vectrex\dve_140\DVE_140.EXE [1997-07-10] ()

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Loaded Modules (whitelisted) =============
 

2012-04-12 00:23 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll

2012-04-27 01:13 - 2012-07-16 05:24 - 00021432 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

2012-11-09 09:14 - 2012-11-09 09:14 - 00115137 _____ () C:\Users\User\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll

2010-08-16 13:21 - 2010-08-16 13:21 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll

2010-08-16 13:21 - 2010-08-16 13:21 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll

2010-08-16 13:21 - 2010-08-16 13:21 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2013-06-09 00:08 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll

2014-02-04 22:42 - 2014-02-04 22:42 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2014-02-05 10:43 - 2014-02-05 10:43 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\Users\User\Documents\Akkuladen.pdf:Q30lsldxJoudresxAaaqpcawXc

AlternateDataStreams: C:\Users\User\Documents\Akkuladen.pdf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2012-04-07 20:40:06.167

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-04-07 20:40:06.125

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 16%

Total physical RAM: 16366.67 MB

Available physical RAM: 13743.22 MB

Total Pagefile: 64731.52 MB

Available Pagefile: 61833.93 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB
 

==================== Drives ================================
 

Drive c: (Windows 7) (Fixed) (Total:503.39 GB) (Free:400.14 GB) NTFS

Drive d: (Audio) (Fixed) (Total:302.73 GB) (Free:260.43 GB) NTFS

Drive e: (Fotos) (Fixed) (Total:302.73 GB) (Free:226.42 GB) NTFS

Drive f: (Video) (Fixed) (Total:488.28 GB) (Free:189.42 GB) NTFS

Drive g: (SWAP) (Fixed) (Total:1.95 GB) (Free:0.96 GB) FAT

Drive h: (Spiele) (Fixed) (Total:263.84 GB) (Free:243.4 GB) NTFS

Drive i: (HD2-1 Win-XP) (Fixed) (Total:29.42 GB) (Free:9.65 GB) NTFS

Drive j: (HD2-2 Swapfile) (Fixed) (Total:43.37 GB) (Free:12.03 GB) NTFS

Drive k: (HD 2-3 Videoschnitt) (Fixed) (Total:160.09 GB) (Free:158.39 GB) NTFS

Drive r: () (Removable) (Total:7.46 GB) (Free:6.63 GB) FAT32

Drive y: (DSADK) (CDROM) (Total:3.18 GB) (Free:0 GB) UDF

Drive z: (FS_DISC4) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BE9F8C9B)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=503 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=-739241687552) - (Type=OF Extended)
 

========================================================

Disk: 1 (Size: 233 GB) (Disk ID: 00000001)

Partition 1: (Active) - (Size=29 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=203 GB) - (Type=OF Extended)
 

========================================================

Disk: 2 (Size: 7 GB) (Disk ID: 00000000)

Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
 

==================== End Of Log ============================

Danke für Eure Hilfe.

Gruß,
Sven

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hier sind die Daten:

[CODE]
Combofix Logfile:

Code:

ComboFix 14-02-05.02 - User 10.02.2014  22:38:10.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16367.13420 [GMT 1:00]

ausgeführt von:: c:\users\User\Desktop\ComboFix.exe

AV: Norton 360 Online *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Online *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Online *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\users\User\4.0

c:\users\User\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll

c:\users\User\AppData\Roaming\Ully

c:\users\User\AppData\Roaming\Ully\uxaq.sou

c:\windows\IsUn0407.exe

c:\windows\SysWow64\rnaph.dll

c:\windows\SysWow64\System32\MASetupCleaner.exe

c:\windows\SysWow64\System32\muzapp.exe

c:\windows\SysWow64\tmpC9F2.tmp

c:\windows\SysWow64\tmpC9F3.tmp

K:\install.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-01-10 bis 2014-02-10  ))))))))))))))))))))))))))))))

.

.

2014-02-10 20:20 . 2014-02-10 20:32        --------        d-----w-        c:\users\User\AppData\Local\NPE

2014-02-10 19:50 . 2014-02-10 19:50        --------        d-----w-        c:\program files\HitmanPro

2014-02-10 19:49 . 2014-02-10 19:54        --------        d-----w-        c:\programdata\HitmanPro

2014-02-10 19:43 . 2014-02-10 19:43        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2014-02-10 19:43 . 2013-04-04 13:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2014-02-10 19:36 . 2014-02-10 19:36        --------        d-----w-        c:\windows\ERUNT

2014-02-10 19:16 . 2014-02-10 19:16        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys

2014-02-10 08:40 . 2014-02-10 17:22        --------        d-----w-        c:\users\User\AppData\Local\SAdK

2014-02-10 08:39 . 2014-02-10 08:39        --------        d-----w-        c:\program files (x86)\AGEIA Technologies

2014-02-10 08:39 . 2014-02-10 08:39        --------        d-----w-        c:\windows\SysWow64\AGEIA

2014-02-10 08:38 . 2014-02-10 08:38        --------        d-----w-        c:\program files (x86)\Common Files\Wise Installation Wizard

2014-02-10 08:37 . 2014-02-10 08:37        --------        d-----w-        c:\program files (x86)\Ubisoft

2014-02-04 21:27 . 2014-02-10 19:26        --------        d-----w-        C:\AdwCleaner

2014-02-04 18:56 . 2014-02-10 19:24        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)

2014-02-04 01:06 . 2014-02-04 01:06        --------        d-----w-        c:\program files (x86)\Trackplanner

2014-02-04 01:06 . 2010-01-24 14:13        244024        ----a-w-        c:\windows\SysWow64\msflxgrd.ocx

2014-02-04 01:06 . 2010-01-24 14:13        108336        ----a-w-        c:\windows\SysWow64\mswinsck.ocx

2014-02-04 01:06 . 2010-01-24 14:13        137728        ----a-w-        c:\windows\SysWow64\ijl10.dll

2014-02-04 01:06 . 2010-01-24 14:13        33792        ----a-w-        c:\windows\SysWow64\Cmdlgde.dll

2014-02-04 01:06 . 2010-01-24 14:13        158208        ----a-w-        c:\windows\SysWow64\Mscmcde.dll

2014-02-04 01:06 . 2010-01-24 14:13        152848        ----a-w-        c:\windows\SysWow64\Comdlg32.ocx

2014-02-04 01:06 . 2010-01-24 14:13        152848        ----a-w-        c:\program files (x86)\Common Files\Comdlg32.ocx

2014-02-04 01:06 . 2010-01-24 14:13        125712        ----a-w-        c:\windows\SysWow64\Vb6de.dll

2014-02-04 01:06 . 2010-01-24 14:13        1066176        ----a-w-        c:\windows\SysWow64\mscomctl.ocx

2014-02-03 21:27 . 2014-01-24 09:19        81920        ----a-w-        c:\windows\SysWow64\devolopacket.dll

2014-02-03 21:27 . 2014-01-24 09:19        34048        ----a-w-        c:\windows\SysWow64\drivers\npf_devolo.sys

2014-02-03 21:27 . 2014-01-24 09:19        221184        ----a-w-        c:\windows\SysWow64\devolopcap.dll

2014-01-16 19:07 . 2014-02-10 20:47        --------        d-----w-        C:\FRST

2014-01-16 19:02 . 2013-12-18 20:09        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-01-16 18:58 . 2014-01-16 18:58        --------        d-----w-        c:\programdata\McAfee

2014-01-15 21:21 . 2013-11-27 01:41        343040        ----a-w-        c:\windows\system32\drivers\usbhub.sys

2014-01-15 21:21 . 2013-11-27 01:41        99840        ----a-w-        c:\windows\system32\drivers\usbccgp.sys

2014-01-15 21:21 . 2013-11-27 01:41        53248        ----a-w-        c:\windows\system32\drivers\usbehci.sys

2014-01-15 21:21 . 2013-11-27 01:41        325120        ----a-w-        c:\windows\system32\drivers\usbport.sys

2014-01-15 21:21 . 2013-11-27 01:41        25600        ----a-w-        c:\windows\system32\drivers\usbohci.sys

2014-01-15 21:21 . 2013-11-27 01:41        30720        ----a-w-        c:\windows\system32\drivers\usbuhci.sys

2014-01-15 21:21 . 2013-11-27 01:41        7808        ----a-w-        c:\windows\system32\drivers\usbd.sys

2014-01-15 21:21 . 2013-11-26 11:40        376768        ----a-w-        c:\windows\system32\drivers\netio.sys

2014-01-15 21:21 . 2013-11-26 10:32        3156480        ----a-w-        c:\windows\system32\win32k.sys

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-02-05 09:47 . 2012-04-02 06:11        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2014-02-05 09:47 . 2012-02-27 11:49        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-16 01:37 . 2012-11-09 08:51        86054176        ----a-w-        c:\windows\system32\MRT.exe

2013-11-26 21:43 . 2013-11-26 21:43        940032        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe

2013-11-26 21:43 . 2013-11-26 21:43        194048        ----a-w-        c:\windows\SysWow64\elshyph.dll

2013-11-26 21:43 . 2013-11-26 21:43        942592        ----a-w-        c:\windows\system32\jsIntl.dll

2013-11-26 21:43 . 2013-11-26 21:43        90112        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2013-11-26 21:43 . 2013-11-26 21:43        86016        ----a-w-        c:\windows\SysWow64\iesysprep.dll

2013-11-26 21:43 . 2013-11-26 21:43        86016        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe

2013-11-26 21:43 . 2013-11-26 21:43        84992        ----a-w-        c:\windows\system32\mshtmled.dll

2013-11-26 21:43 . 2013-11-26 21:43        83968        ----a-w-        c:\windows\system32\MshtmlDac.dll

2013-11-26 21:43 . 2013-11-26 21:43        81408        ----a-w-        c:\windows\system32\icardie.dll

2013-11-26 21:43 . 2013-11-26 21:43        774144        ----a-w-        c:\windows\system32\jscript.dll

2013-11-26 21:43 . 2013-11-26 21:43        77312        ----a-w-        c:\windows\system32\tdc.ocx

2013-11-26 21:43 . 2013-11-26 21:43        74240        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2013-11-26 21:43 . 2013-11-26 21:43        71680        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-11-26 21:43 . 2013-11-26 21:43        645120        ----a-w-        c:\windows\SysWow64\jsIntl.dll

2013-11-26 21:43 . 2013-11-26 21:43        626176        ----a-w-        c:\windows\system32\msfeeds.dll

2013-11-26 21:43 . 2013-11-26 21:43        62464        ----a-w-        c:\windows\SysWow64\tdc.ocx

2013-11-26 21:43 . 2013-11-26 21:43        62464        ----a-w-        c:\windows\system32\pngfilt.dll

2013-11-26 21:43 . 2013-11-26 21:43        61952        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll

2013-11-26 21:43 . 2013-11-26 21:43        61952        ----a-w-        c:\windows\SysWow64\iesetup.dll

2013-11-26 21:43 . 2013-11-26 21:43        616104        ----a-w-        c:\windows\system32\ieapfltr.dat

2013-11-26 21:43 . 2013-11-26 21:43        548352        ----a-w-        c:\windows\system32\vbscript.dll

2013-11-26 21:43 . 2013-11-26 21:43        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll

2013-11-26 21:43 . 2013-11-26 21:43        51200        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll

2013-11-26 21:43 . 2013-11-26 21:43        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2013-11-26 21:43 . 2013-11-26 21:43        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2013-11-26 21:43 . 2013-11-26 21:43        48128        ----a-w-        c:\windows\system32\imgutil.dll

2013-11-26 21:43 . 2013-11-26 21:43        454656        ----a-w-        c:\windows\SysWow64\vbscript.dll

2013-11-26 21:43 . 2013-11-26 21:43        453120        ----a-w-        c:\windows\system32\dxtmsft.dll

2013-11-26 21:43 . 2013-11-26 21:43        413696        ----a-w-        c:\windows\system32\html.iec

2013-11-26 21:43 . 2013-11-26 21:43        40448        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll

2013-11-26 21:43 . 2013-11-26 21:43        36352        ----a-w-        c:\windows\SysWow64\imgutil.dll

2013-11-26 21:43 . 2013-11-26 21:43        34816        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2013-11-26 21:43 . 2013-11-26 21:43        337408        ----a-w-        c:\windows\SysWow64\html.iec

2013-11-26 21:43 . 2013-11-26 21:43        30208        ----a-w-        c:\windows\system32\licmgr10.dll

2013-11-26 21:43 . 2013-11-26 21:43        296960        ----a-w-        c:\windows\system32\dxtrans.dll

2013-11-26 21:43 . 2013-11-26 21:43        263376        ----a-w-        c:\windows\system32\iedkcs32.dll

2013-11-26 21:43 . 2013-11-26 21:43        247808        ----a-w-        c:\windows\system32\msls31.dll

2013-11-26 21:43 . 2013-11-26 21:43        24576        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2013-11-26 21:43 . 2013-11-26 21:43        243200        ----a-w-        c:\windows\system32\webcheck.dll

2013-11-26 21:43 . 2013-11-26 21:43        235520        ----a-w-        c:\windows\system32\url.dll

2013-11-26 21:43 . 2013-11-26 21:43        235008        ----a-w-        c:\windows\system32\elshyph.dll

2013-11-26 21:43 . 2013-11-26 21:43        195584        ----a-w-        c:\windows\system32\msrating.dll

2013-11-26 21:43 . 2013-11-26 21:43        182272        ----a-w-        c:\windows\SysWow64\msls31.dll

2013-11-26 21:43 . 2013-11-26 21:43        167424        ----a-w-        c:\windows\system32\iexpress.exe

2013-11-26 21:43 . 2013-11-26 21:43        151552        ----a-w-        c:\windows\SysWow64\iexpress.exe

2013-11-26 21:43 . 2013-11-26 21:43        147968        ----a-w-        c:\windows\system32\occache.dll

2013-11-26 21:43 . 2013-11-26 21:43        143872        ----a-w-        c:\windows\system32\wextract.exe

2013-11-26 21:43 . 2013-11-26 21:43        139264        ----a-w-        c:\windows\SysWow64\wextract.exe

2013-11-26 21:43 . 2013-11-26 21:43        13824        ----a-w-        c:\windows\system32\mshta.exe

2013-11-26 21:43 . 2013-11-26 21:43        135680        ----a-w-        c:\windows\system32\iepeers.dll

2013-11-26 21:43 . 2013-11-26 21:43        13312        ----a-w-        c:\windows\SysWow64\mshta.exe

2013-11-26 21:43 . 2013-11-26 21:43        13312        ----a-w-        c:\windows\system32\msfeedssync.exe

2013-11-26 21:43 . 2013-11-26 21:43        131072        ----a-w-        c:\windows\system32\IEAdvpack.dll

2013-11-26 21:43 . 2013-11-26 21:43        1228800        ----a-w-        c:\windows\system32\mshtmlmedia.dll

2013-11-26 21:43 . 2013-11-26 21:43        112128        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2013-11-26 21:43 . 2013-11-26 21:43        111616        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2013-11-26 21:43 . 2013-11-26 21:43        105984        ----a-w-        c:\windows\system32\iesysprep.dll

2013-11-26 21:43 . 2013-11-26 21:43        1051136        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll

2013-11-26 21:43 . 2013-11-26 21:43        101376        ----a-w-        c:\windows\system32\inseng.dll

2013-11-26 11:54 . 2013-12-11 12:05        23183360        ----a-w-        c:\windows\system32\mshtml.dll

2013-11-26 10:19 . 2013-12-11 12:05        2724864        ----a-w-        c:\windows\system32\mshtml.tlb

2013-11-26 10:18 . 2013-12-11 12:05        4096        ----a-w-        c:\windows\system32\ieetwcollectorres.dll

2013-11-26 09:48 . 2013-12-11 12:05        66048        ----a-w-        c:\windows\system32\iesetup.dll

2013-11-26 09:46 . 2013-12-11 12:05        48640        ----a-w-        c:\windows\system32\ieetwproxystub.dll

2013-11-26 09:41 . 2013-12-11 12:05        2764288        ----a-w-        c:\windows\system32\iertutil.dll

2013-11-26 09:29 . 2013-12-11 12:05        53760        ----a-w-        c:\windows\system32\jsproxy.dll

2013-11-26 09:27 . 2013-12-11 12:05        33792        ----a-w-        c:\windows\system32\iernonce.dll

2013-11-26 09:23 . 2013-12-11 12:05        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2013-11-26 09:21 . 2013-12-11 12:05        574976        ----a-w-        c:\windows\system32\ieui.dll

2013-11-26 09:18 . 2013-12-11 12:05        139264        ----a-w-        c:\windows\system32\ieUnatt.exe

2013-11-26 09:18 . 2013-12-11 12:05        111616        ----a-w-        c:\windows\system32\ieetwcollector.exe

2013-11-26 09:16 . 2013-12-11 12:05        708608        ----a-w-        c:\windows\system32\jscript9diag.dll

2013-11-26 08:57 . 2013-12-11 12:05        218624        ----a-w-        c:\windows\system32\ie4uinit.exe

2013-11-26 08:35 . 2013-12-11 12:05        5769216        ----a-w-        c:\windows\system32\jscript9.dll

2013-11-26 08:28 . 2013-12-11 12:05        553472        ----a-w-        c:\windows\SysWow64\jscript9diag.dll

2013-11-26 08:16 . 2013-12-11 12:05        4243968        ----a-w-        c:\windows\SysWow64\jscript9.dll

2013-11-26 08:02 . 2013-12-11 12:05        1995264        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-11-26 07:48 . 2013-12-11 12:05        12996608        ----a-w-        c:\windows\system32\ieframe.dll

2013-11-26 07:32 . 2013-12-11 12:05        1928192        ----a-w-        c:\windows\SysWow64\inetcpl.cpl

2013-11-26 07:07 . 2013-12-11 12:05        2334208        ----a-w-        c:\windows\system32\wininet.dll

2013-11-26 06:40 . 2013-12-11 12:05        1395200        ----a-w-        c:\windows\system32\urlmon.dll

2013-11-26 06:34 . 2013-12-11 12:05        817664        ----a-w-        c:\windows\system32\ieapfltr.dll

2013-11-26 06:33 . 2013-12-11 12:05        1820160        ----a-w-        c:\windows\SysWow64\wininet.dll

2013-11-23 18:26 . 2013-12-11 06:17        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47 . 2013-12-11 06:17        465920        ----a-w-        c:\windows\system32\WMPhoto.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-16 21432]

"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-16 975800]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-08-16 2736128]

"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-07-28 393216]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-23 75048]

"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]

"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-12-15 103720]

"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]

"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-16 3524536]

"MDS_Menu"="c:\program files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]

"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-08-02 87336]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2010-12-23 222504]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HD Writer.lnk - c:\program files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe [2012-4-10 292240]

ISDNWatch.lnk - c:\program files (x86)\FRITZ!\IWatch.exe [2012-2-20 341304]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

@=""

.

R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/03/01 12:29;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R3 ALSysIO;ALSysIO;c:\users\User\AppData\Local\Temp\ALSysIO64.sys;c:\users\User\AppData\Local\Temp\ALSysIO64.sys [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 gwiopm;gwiopm;c:\program files (x86)\Slotman\gwiopm.sys;c:\program files (x86)\Slotman\gwiopm.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]

R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]

R3 SaiHFF04;SaiHFF04;c:\windows\system32\DRIVERS\SaiHFF04.sys;c:\windows\SYSNATIVE\DRIVERS\SaiHFF04.sys [x]

R3 SaiIFF04;Immersion's HID USB Driver (FF04);c:\windows\system32\DRIVERS\SaiIFF04.sys;c:\windows\SYSNATIVE\DRIVERS\SaiIFF04.sys [x]

R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 TRIXX;TRIXX;c:\users\User\AppData\Local\Temp\TRIXX.sys;c:\users\User\AppData\Local\Temp\TRIXX.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]

S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [x]

S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140207.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140207.001\IDSvia64.sys [x]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]

S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]

S3 AsrHidFilter;AsrHidFilter;c:\windows\system32\DRIVERS\AsrHidFilter.sys;c:\windows\SYSNATIVE\DRIVERS\AsrHidFilter.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\AVMCOWAN.sys;c:\windows\SYSNATIVE\DRIVERS\AVMCOWAN.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]

S3 FPCIBASE;AVM FRITZ!Card PCI;c:\windows\system32\DRIVERS\fpcibase.sys;c:\windows\SYSNATIVE\DRIVERS\fpcibase.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

*Deregistered* - CLKMDRV10_9EC60124

.

Inhalt des "geplante Tasks" Ordners

.

2014-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 09:47]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 2184520]

"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]

"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.t-online.de/

mLocal Page = c:\windows\SysWOW64\blank.htm

Trusted Zone: microsoft.com

Trusted Zone: microsoft.com\*.update

Trusted Zone: microsoft.com\*.windowsupdate

Trusted Zone: windowsupdate.com

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kh1a56dz.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.t-online.de

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKCU-Run-Fatal1tySTU - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe

AddRemove-LEGO LOCO - c:\windows\IsUn0407.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]

"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1671235655-2325290886-3288282889-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1671235655-2325290886-3288282889-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]

@Denied: (C D) (Everyone)

"ccSvcHst_UserSession_2232"="{D4E28F5B-B176-4ADB-B2D0-162B0664064C}"

"ccSvcHst_UserSession2_1580"="{F6E0AEA7-E078-479E-8DAC-118D4B93C91A}"

"ccSvcHst_UserSession_2696"="{0FD6E7B5-21E6-4193-837A-AA2DC0702D94}"

"ccSvcHst_UserSession2_2624"="{686F90EA-EDA5-42F4-8120-E06844A10F34}"

"ccSvcHst_UserSession2_2880"="{F22F68ED-BCB5-44E1-BD4C-5923EA3668CB}"

"ccSvcHst_UserSession2_1180"="{0268CA71-7918-43D6-8363-629CDAA9E90B}"

"ccSvcHst_UserSession_3168"="{34393651-A1C3-4562-AC7C-FC30B7A9B98D}"

"ccSvcHst_UserSession_4208"="{D41DF0F0-A5D1-4F4A-9474-2CC3D5C7B360}"

"ccSvcHst_UserSession2_2916"="{92A2E2E7-C4CB-431F-9DA3-EEC756980266}"

"ccSvcHst_UserSession2_2840"="{FD5B539D-98FE-4E41-AF42-83D14C794845}"

"ccSvcHst_UserSession2_2760"="{9826931A-7D76-4D03-ABD3-77D5641D7AB3}"

"ccSvcHst_N360"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ccSvcHst_UserSession2_1340"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"{0D147FE7-1045-46ED-8F96-06DDA32C157B}.MClientTaskNoficiation"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"ccGenericEvent_Global_EM"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ccGenericEvent_Global_LM"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ccGenericLog_Manager"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_buSvcComm_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"SNDServiceRequestChannel"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"SymRedirSvcRequestChannel"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"g_coVistaProxyChannel"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"SNDLocationChannel"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ipcChannel_ShastaServer"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"NortonNetServiceIPC"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"NetMapServiceIPC"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_isDataPrComm_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ncw_performance_IPC"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_NCWSvcComm_NortonCommunityWatchConfiguration"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_ProcessDetection_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_AvProdSvcComm_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"isError_Service_IPC"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"BashIPCChannel"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"Tuneup_Context_Switch_Channel"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_ISPOCClient_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_IDataStoreMgr_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"CommListener"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_IEventServiceMgr_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"MClientTask.{15F2F1FF-F37B-4673-BCAA-FEB6EB7FB72A}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_buVssComm_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"{FEC3E60C-6AB6-4C7F-B7BA-22794EE4EF0F}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_HSPlayerCommand_"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"{9BBA000F-092F-432f-B9DF-9D64FD1C2978}"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"AvProdSession_01"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"AvProdSession_Options_01"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"AvProdSession_MessageCenter_01"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"AvProdSession_Scanless_01"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"AvProdSession_IPUA_01"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"AvProdSession_CanIRun_01"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"_buUIComm_S-1-5-21-1671235655-2325290886-3288282889-1000"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"clt::AlertChannel2_01"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_1"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"FWAlert"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"g_coUserCommandChannel_S-1-5-21-1671235655-2325290886-3288282889-1000"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"3171AE8E-C48D-4AFC-AF37-45011C17CBE6:User"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"TRUSTCHANNEL"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"SDKCHANNEL1"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"IPS_COMMAND_CHANNEL"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ToasterNotify\\SessionID_1"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"{D9D79767-CD29-487E-9729-730A5CA33689}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{52E886E2-58BB-43F7-9F89-E89322027689}"

"AVModule_ExclusionManager_{C6198C0B-693E-4CE5-BDED-C1C7ABE5E22C}"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"_ReputationSvcComm_ReputationPublisher"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

"ncw_reputation_scan_server_IPC"="{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]

@Denied: (C D) (Everyone)

"{B769C09A-0696-4462-8F46-8D5578148E68}"=""

"{E66759B6-4822-4BB2-BD56-F07EB020CF08}"=""

"{1CC829B8-8036-4241-AF3D-2AB532E59490}"=""

"{D6CD0203-0591-4EC1-94AC-F1F1101D8135}"=""

"{E9F5FC44-FCA7-4D62-90FE-09870252C248}"=""

"{B2ACBCFD-1B64-4654-BC68-A9AF29B0525D}"=""

"{275473D8-607A-44DF-89FB-2F342DE0883A}"=""

"{6F641B02-3837-474D-B870-2C78DE847AAE}"=""

"{A4693D47-0FC3-45E7-82B8-4125650884AB}"=""

"{C2272C15-7163-4C1E-AB80-11964E12040C}"=""

"{DF321E9F-B072-43F9-9F4E-DBEACBD64A97}"=""

"{48D27400-7B70-48D7-BF87-5E825D885E0D}"=""

"{9F11F40C-D385-447F-81F9-C92559D3A8DF}"=""

"{1072C726-F11E-4845-8A6E-30B8B93EDEF1}"=""

"{4F68B608-3712-4240-BB55-448702D2D1E3}"=""

"{1618F2B8-9765-4523-B06D-73B1C57B17A6}"=""

"{07DEC5D9-B575-4208-9180-63C435DE2B2C}"=""

"{9B9B7CFE-BDBA-4D51-8D41-CE85D23FFBED}"=""

"{1EBE7FC1-FC8F-4E6F-8089-AB506148DDCE}"=""

"{F3E22EEB-503E-4977-A7CA-31ADDBF54304}"=""

"{C6839BBB-247D-47E6-A838-A83887AA9E5C}"=""

"{5773F1B9-D640-4ADA-BA1B-EF89D59974C2}"=""

"{EBE96E57-6FD0-4A32-911D-7C93BDFB134E}"=""

"{AAFECB46-21D6-42DE-BD94-2C452D9CEC38}"=""

"{34752207-6E5F-4494-95EB-62FCA6F86137}"=""

"{69E66CCF-8C00-4530-88CE-F211A570D4FC}"=""

"{B7B510B1-36AB-460B-8291-460DD70FB4C0}"=""

"{49EE639D-69FB-47C6-A79D-027F9F632D2C}"=""

"{A835B0FE-71AC-4A6D-98D8-3FC6819DD13C}"=""

"{00B01A36-5779-47A5-88AA-B8913850A193}"=""

"{C27D04B0-92A6-4BEA-802A-D337F2A6E6AC}"=""

"{DFAF1879-5575-426F-9325-F6E8967F46C0}"=""

"{947B89A4-96CA-4D15-B222-046B4BD340C3}"=""

"{FE0421A4-93ED-43AA-A7FA-61C68849521E}"=""

"{2054170B-A961-406C-B204-5FD5AE548668}"=""

"{13DE9480-2EC6-4378-9248-72C1B046E08B}"=""

"{CBFE6D22-02D1-45E4-A866-65968F9E522B}"=""

"{4D7228AE-FCC2-46A1-9C36-44FF9D8CC315}"=""

"{16D080F2-49CD-45D6-B24B-F84B32E02D59}"=""

"{6EAE308B-81D7-4821-81ED-125FB98D3CA8}"=""

"{DC85E34C-AB30-4AF1-AE43-435F866A55BD}"=""

"{50694527-7AD7-479D-90F5-2C9C3319871C}"=""

"{A39224B5-3FEC-4895-8090-7C33A817DE72}"=""

"{69CBA287-9441-4004-9088-501361562437}"=""

"{0FC3E316-041C-4496-B1F9-FDBA27E61FA4}"=""

"{B88FFF54-40C1-4965-A054-92C9FB03CA34}"=""

"{A05F0DFE-803E-47A9-94CE-B1A30AC511DC}"=""

"{7A066DAA-462F-4F08-B47E-0ED0FEFFB4E2}"=""

"{20608162-3ADD-4194-AA4F-7CE853D50B59}"=""

"{8A51DDE0-5C7B-4529-A231-148F3C944535}"=""

"{A65B1030-3DE8-4FFF-9508-EB3FB463CFB5}"=""

"{46DAF85A-866B-4DD3-A305-A1015857633F}"=""

"{3C356830-C667-4BA9-B87F-ECBA739E1D0C}"=""

"{2168E99B-E614-4E55-9141-52DDAB2D69CF}"=""

"{905492DF-A5E4-4F06-8EF5-A387F811669B}"=""

"{8D227A03-F5EB-49E7-AB74-EAC5114FF1F0}"=""

"{F57349A3-CA9F-4881-B47A-BE29FAE04516}"=""

"{C937D997-FFDD-4749-AAFC-465A7FBD3989}"=""

"{969C7CDA-1121-4AFD-98EF-F6821EE6D38A}"=""

"{2991CB94-9D8E-45B1-8D81-77CDCB9EFBCA}"=""

"{1879D478-64AD-43CD-92E3-88C65043EF5F}"=""

"{DC835969-D022-4E04-8692-E3A1FB6C73E6}"=""

"{660E2351-39D0-4C62-86C8-CF98E8CCC152}"=""

"{81BDCC4F-8BC4-4D7A-9DA6-15706AACA151}"=""

"{D7B97F4B-E804-4111-807C-564B90DBAD9A}"=""

"{3E60D854-A70F-43B9-AF08-BBD3056F1232}"=""

"{8F230362-438D-4089-9420-8B06D9DD5C28}"=""

"{EE3E5148-3E1D-44CA-97A2-6F40FF610480}"=""

"{6ECCF42A-C035-4FB7-B914-F4B3622318B1}"=""

"{4F73864F-60BA-4FBE-9E2D-D3CF7112AF73}"=""

"{0C599893-540B-4D5F-8F8D-A92BD559AB06}"=""

"{5CD464EE-9924-40D2-B348-F029C62B8E51}"=""

"{DFF77AA1-98C3-41CE-AD3E-207CD0460043}"=""

"{AEB4C7E5-95D1-40BB-BBA2-6B211CA161E7}"=""

"{BCD7297E-BF20-4ACB-8AA5-741CD1F30EC2}"=""

"{DB6F4DF5-09DE-42F2-A2D8-1A46074D0AB9}"=""

"{2A3348AA-3978-4B1E-94F8-25893706A52D}"=""

"{D051399F-B414-403D-ABFA-152A83FE169D}"=""

"{5E9E1A0D-CE06-4F0E-B4D3-B4A8706DE541}"=""

"{F99C6487-2A4E-4107-B943-AB76846EBF11}"=""

"{4B54C0DA-18CE-4667-BFD7-45017BDAEFDD}"=""

"{8C4C8EC8-8F05-4ED3-8457-1D0989EEAF17}"=""

"{5994151B-0FD5-46F7-81E1-E60835574048}"=""

"{A4AAD30E-FFE6-4199-8EAC-8D9E575F605F}"=""

"{E307A07F-4F97-46C1-BD74-784C4682190E}"=""

"{6E609C29-3B9C-4BA4-B161-C8455C2AEDAD}"=""

"{56AA632F-8ABC-4D5F-B96D-01A02544AF54}"=""

"{ECD310E4-FEDB-49E0-BA16-D32F1C96064F}"=""

"{14F164C0-ACE3-46F8-ABA8-34C89C42B06F}"=""

"{8446615A-971A-493E-A23B-414EF8555A3D}"=""

"{7D3980B6-A1F0-4863-A58A-F729C6D268F6}"=""

"{90725744-A991-47E4-A132-8B30E09DF817}"=""

"{A1673847-D032-4426-963A-7C70EF8E6F03}"=""

"{FE98B836-0E75-4108-BAFD-ECDA9DB912EF}"=""

"{0E847F76-1DE6-4641-AA17-4162625C3420}"=""

"{C7CD94C6-D4E2-46A0-BAB0-AB76693E58B5}"=""

"{94B1D040-FC2F-4D4E-9E58-0480584912B1}"=""

"{784EBB24-9885-4D8D-9D85-F77BC7B0D998}"=""

"{82619B42-75CF-498D-8176-6C26C4C4D7F3}"=""

"{5B70A755-E073-4370-9C49-D98BDCBAF765}"=""

"{FF791EAB-48EA-4DE5-A3CD-CBC48CD077D2}"=""

"{9F78FCC4-4ADD-4B21-BE1B-21F4DC4EC497}"=""

"{028E670A-DD59-44A6-BE4A-518C1EADD064}"=""

"{DCD74295-D57B-4BEF-87FE-F4FC760CA532}"=""

"{6C84E673-B339-46C9-B92F-9B85405D29B5}"=""

"{E85350BB-7F4A-4E5C-AC89-AE3E9F52416D}"=""

"{E0D4EC43-37CF-43A2-9E28-2D29BA5024A7}"=""

"{D13B70CB-E21D-4A7D-987C-D1DE4D232E81}"=""

"{34363D25-C8BC-46C0-8433-83B84C398A44}"=""

"{CF0F6D95-331F-439E-A0BF-7796CDAB6D31}"=""

"{2AE2A4FE-1222-4281-9191-0527FCDA9E85}"=""

"{9C2A43B9-B0AB-4E00-8E8D-CA5EBDEBFD0D}"=""

"{1301ECDB-C36D-41F5-AC54-284C461523F4}"=""

"{A16C50BD-2303-42E9-92DF-2B53D1E65A79}"=""

"{D43E15B5-4F7E-4198-814E-F3CC91BF5E99}"=""

"{F0AC5C19-1D92-4A50-9B52-91018E7B0E80}"=""

"{0E06A77B-DD66-49F3-9516-E584627F7CDF}"=""

"{371A4F92-468E-4A1B-A700-8A6E9849713D}"=""

"{2783566E-BD3A-4E4B-8CE5-361EB5272F94}"=""

"{FB612E25-E39B-405D-A36E-9FA61E5200A6}"=""

"{FEEB701A-F7CA-46D9-A8C6-5F433C82ACC0}"=""

"{F1764146-FE06-4839-AAC9-F8F41F754F9B}"=""

"{52A67267-DE99-4D8F-AD85-461D8800775F}"=""

"{6A627DA1-4C1E-476D-A4E0-56CC13562A94}"=""

"{0B76D498-202B-47C1-94A9-6F2F6D803766}"=""

"{2563DB5E-D516-41E1-92D6-650880B9741D}"=""

"{68B6734C-9AA4-4E5C-A163-A1C7FD92C53F}"=""

"{88D8BD9B-25C0-4B32-881C-E1D502405238}"=""

"{5246B80C-A4E2-47EA-84FB-A86A5F95C948}"=""

"{50577E20-0D91-41CA-A770-AA6A5FB4F0B2}"=""

"{53C11093-CDEE-4837-8716-8A71AECB5F09}"=""

"{C786A7A3-47E7-4242-882C-909AB55D19C7}"=""

"{6140859E-CDFE-45CB-B909-6FE7C6026A6C}"=""

"{6FD31A0C-C09D-496D-9366-AC3C01ED1C3C}"=""

"{0BCFD74D-F020-4BAC-BFB8-3ECF9407D2E3}"=""

"{67AAF1D8-3AA8-4DB6-B482-FB4A741C449F}"=""

"{33331147-EC45-483F-9E02-02064F96CB39}"=""

"{2F8BE95C-F5BA-4B11-8176-2AD28D8CDB27}"=""

"{61A3E72E-EDBF-4B38-924D-30E0BD75DE1B}"=""

"{E5D5F145-B210-4FB8-AFD5-A11A344238DD}"=""

"{09BD3DB1-407F-4404-8DC9-74B5E3F3D2DF}"=""

"{125DE865-C9F7-4F7D-B2E7-2119BBA990D7}"=""

"{F10982EA-5440-4595-A7A4-44F30D491CB7}"=""

"{59BEE55A-D8AB-498F-BA8C-8958FE9B5BC5}"=""

"{348EC520-76DF-4C62-907A-FA46B5B21499}"=""

"{1E01C49F-7BF3-4E6F-994A-D52443D2B30F}"=""

"{2F3D5CF0-A461-472F-8C01-160E37A7CD19}"=""

"{DE1501CB-5D2A-4ED8-8BC4-394F7CD2C968}"=""

"{4CFCB45F-DE87-48DE-B6E7-8B54D2BA00B0}"=""

"{E8868A32-A30D-4962-9A38-118128044C9D}"=""

"{A2352CCD-B8E5-4A65-B1A3-00861E1B375A}"=""

"{35F54277-5C47-4BCB-815F-D6F963AB3F4E}"=""

"{765F1B9A-DB45-4522-8630-1C97BD3B3B3A}"=""

"{ECD9B7BB-2A9B-4CA9-94DF-FFAE29F88C54}"=""

"{CAA535FA-25C0-4530-B155-8ACBB55592B1}"=""

"{3568A63C-A08C-4C56-8321-E50766619B68}"=""

"{17710727-C6EF-4E98-8D85-AF18F34E519A}"=""

"{DFCEEF3C-4AB8-41C2-8C83-6613D926C9B5}"=""

"{E63E38A0-863F-43C8-9F93-8FEB8AD3DE11}"=""

"{64AABF30-70C3-4F47-89AC-952EE2CAF3EE}"=""

"{BDFFFDF4-80E4-499D-9D12-EFD6ED693A91}"=""

"{68C24A8A-9042-4A18-90CF-66CE98EDD386}"=""

"{3B16F3C3-C28D-458B-8C0D-D8305DA9176E}"=""

"{DF60B8D2-0F1C-44C9-B569-A8A5D14DBCF2}"=""

"{7F7BAB0C-79BC-44C1-834D-DF62121F8575}"=""

"{77CBD1AD-6675-4C91-BBCD-37C273FD5040}"=""

"{7D3CFB0F-5B78-4F26-9E3E-7C1935EB9EAE}"=""

"{B3486380-2F2B-4604-A40A-E69D358F1CA6}"=""

"{20F258FE-54F5-4B0C-AAA1-B748579F66C9}"=""

"{96FC8421-9033-40FA-9DC1-E118A827EB2D}"=""

"{39AAA420-2EE6-4A67-984D-52E9B9A7CED7}"=""

"{06E847B3-D1EC-402D-B902-79332632353C}"=""

"{1B3A0664-8B54-4F62-9FFD-84E8113FEF68}"=""

"{9AF4308D-B804-4852-8EFA-555F081163D6}"=""

"{518A8629-9527-4219-90B7-E72F8044FDD9}"=""

"{38EB9326-219D-43F0-A073-A86059238D3C}"=""

"{C185659D-6816-4CF7-A7ED-39756EE9C50F}"=""

"{A807A3B1-9F62-47F2-AEB5-CB86C5960D57}"=""

"{E6655022-FEBA-43BF-A56A-6C81B53645AB}"=""

"{109D0047-AE03-47CF-88E5-15497B09E53C}"=""

"{C61243DF-B1AC-4DDE-AA8A-9B5304BB1CD5}"=""

"{BE7FEACA-2DBF-465B-B7BF-514E837264AC}"=""

"{3F31B6B2-7B0B-4E21-AE9A-AED54BC66DB5}"=""

"{56105A6A-BC0F-47B2-A82C-225A330D0D86}"=""

"{71F0F1E1-3269-4407-840E-E60A1788D33B}"=""

"{4CA528E6-7857-4D1B-9517-F16C48C278E2}"=""

"{AFC9832D-18C9-41AC-85B6-5716110C4890}"=""

"{D88BC1D5-2931-46BC-BF5B-7885CF64467F}"=""

"{F5FEBC79-F8B8-472B-98FF-CE537B6D5DBC}"=""

"{2EB48E35-F312-4C8F-9C8D-6537BA1B1342}"=""

"{0D9FBBA1-5403-4135-994C-54F83FBE2594}"=""

"{2D5866E0-A2A9-4EB0-9743-AA5A688412F3}"=""

"{60CF18C9-BDB4-400A-8EE3-DFAAC56A60BE}"=""

"{FE4F6723-24E5-4236-A0EF-29F227BA75E7}"=""

"{BD3FF273-2111-47D1-A955-050CC7488E9A}"=""

"{EB8F0395-0F58-49FB-8049-D6740F44A070}"=""

"{A7EF133E-CBF9-4F3B-A2FE-246E55D1C43D}"=""

"{1E0BF62D-7172-48D5-8178-B3B82137E20B}"=""

"{727AC136-ADDC-463D-BDC7-21F86C240605}"=""

"{B76BB2F4-0100-4E3B-9255-4CBEA621C64D}"=""

"{7A4E8283-2F69-48A8-9E9A-DBF8F586A678}"=""

"{D71CBEC3-20C4-487D-81EC-432A830A7AD7}"=""

"{6DABCA06-EA22-4EEB-8E2B-F37174CA337E}"=""

"{22DD8836-641B-43E9-8D6D-CD7AA9EC73FA}"=""

"{5A7CD110-8F33-4B31-A2C0-02A3B1FBC575}"=""

"{49900630-F361-4D75-84B9-5746453D9A76}"=""

"{A92EDFCD-F079-446D-9317-462EECFF7B69}"=""

"{B2D8EDB2-92DB-4629-9547-141DE433D791}"=""

"{A9B652E0-4162-43DA-805A-9B08DB941FA2}"=""

"{0495619F-A055-415D-B979-5FAEB43B4756}"=""

"{734D8F56-139F-434B-BE15-CD99F3C5A103}"=""

"{8B39D01B-DCC8-409D-884F-E6D1EE9AEA95}"=""

"{472A1256-C47E-4A1E-B4E6-06EC028263BD}"=""

"{3CE066A2-C053-4C07-BDFA-0283708A867C}"=""

"{E929A411-5B88-458A-8217-ECE539B512CB}"=""

"{38D51301-33CC-49BA-9DA0-672CB3A2D607}"=""

"{2A5EA8BD-FB4F-4257-83AB-2A5E8A5BAD86}"=""

"{CA90879B-9077-4991-B902-8405BF556E56}"=""

"{3664334C-1B2D-4EF1-A2A6-A4F908AD9434}"=""

"{185B8F7C-3DF1-4C4E-AAE7-EB62176D8AC8}"=""

"{644DDA9D-599B-40D0-BE0F-F34663702CF7}"=""

"{00013EF1-C7EC-40FD-B57E-525DDABC6724}"=""

"{0FD4F706-75FA-46B7-8938-A81436D4859C}"=""

"{78AFB52F-DB49-4DC1-9928-C0082B99C8EE}"=""

"{C50A814C-4268-461A-B25C-7463950D353F}"=""

"{317EFD65-F0B0-4D30-A843-1B26CD91CBB2}"=""

"{1A520B51-6518-4F70-A863-373E5979E23D}"=""

"{025E33E4-CDBA-442B-AE7A-CF96B1725D49}"=""

"{105FFA1F-F14A-48C4-993D-A7DFCDA54A0C}"=""

"{46004635-DFDD-44A5-92DE-FD4F5F07CB1B}"=""

"{AFD0B364-CC6D-4B23-934E-4ECDC1506000}"=""

"{26A37F5C-3BBC-4BF3-A25D-5F40631B666F}"=""

"{058ABF90-117F-460F-80A5-C637904578F8}"=""

"{109ECB11-CC59-4918-A543-D794D185DB78}"=""

"{C87E81A9-06B9-4BFF-8EAE-3027856A69F8}"=""

"{347E07E8-FE81-4EFB-8783-290120D61A68}"=""

"{18DC86E2-615E-44FE-AFD7-469BCB5B51C5}"=""

"{88AA0AF3-209B-43C0-9671-AA0F8F59F81A}"=""

"{F5C0063D-16BD-4557-BDD9-12026FD07084}"=""

"{547C55BC-DB83-4DC7-9658-6D325761CA56}"=""

"{B6C588D2-1AF9-4FB0-AE96-7E3B0EEF025F}"=""

"{DFF94A5D-23A1-4762-92D7-EE4C911F0CB5}"=""

"{EB94C7F7-B947-4701-8DFF-95B984DA7DE5}"=""

"{B864EF7F-E44A-45FC-A613-50BD9E2DAC07}"=""

"{A8E742E5-79B7-4372-9E00-55BCA9AFE6B8}"=""

"{94EA5344-8C7B-4430-8310-60D89AE5BEF6}"=""

"{A7FED52F-4FEF-486D-83F2-5BF4CC07D833}"=""

"{8F0806C1-3EC5-43D7-A5CD-B3602616167B}"=""

"{B0E63139-FE57-4EC2-95FD-C3C5FB25773E}"=""

"{7490AA26-B255-47CB-A2D6-C5843C5C87D1}"=""

"{177FD3D5-91D3-4771-B251-86F251A0B035}"=""

"{7400467A-17E0-40BD-89D0-CB7D1E997F12}"=""

"{245CF0B6-AC63-4D5E-8A96-C93BB53ABFAD}"=""

"{8132D38C-83B8-41EB-AFB4-D2C347FEE829}"=""

"{98684B1E-9152-4099-83E8-AC885D672C9D}"=""

"{41CDC574-0509-4071-BF92-53B68D7A0DAB}"=""

"{8FFAB1E9-FB2E-4C1C-8700-FAA92E3D6C99}"=""

"{A43E0DED-D4CF-4215-AD9E-ECA430492B7A}"=""

"{077EFD2D-75C5-4A6B-B15D-BA9C3B724934}"=""

"{20F29870-16D0-4DD6-80CD-3B10704D0216}"=""

"{390E2B8A-E45F-43E3-A708-0DA3DB2E1577}"=""

"{DB46B4A0-E8DF-4245-B1D1-E3251532411B}"=""

"{82CFE414-C95F-461F-A775-07EFD63D344E}"=""

"{E7137041-666B-4A15-A5CA-F34DC9B338A0}"=""

"{21E1FC22-2B66-4FD8-9828-CDA239B2A7AD}"=""

"{887A41C5-FF43-4BC4-A21C-4FA26C2BF9BD}"=""

"{13C50EB3-947C-46E8-85F6-CBFAD9162291}"=""

"{513938B9-D955-4DBD-80A4-CCE603426482}"=""

"{FE1EFF12-F152-4183-A2EB-4614B6421AC3}"=""

"{EDDB12FA-148C-4F0A-8243-711ACB2B25F1}"=""

"{454A836D-BA9C-4D65-850D-F0B975B36ADE}"=""

"{9361C26A-4A8F-4AF0-9ED6-AE2C51702788}"=""

"{A5DB7DDC-5657-4CD1-BBF5-99B321FFCF0D}"=""

"{09DBAB2E-2348-4932-A7B6-5C7D299C1080}"=""

"{5CD8F0F4-008D-4A06-90C7-B923B024040F}"=""

"{921ED6E0-FC3F-4B47-99A9-D31B54DFB9FB}"=""

"{E392006F-6A43-4857-B6AB-211BE599D79F}"=""

"{28EE8D00-4B09-418E-9820-9AA6D1CE564B}"=""

"{AD014A16-CA75-4221-A352-6A10ED3573AD}"=""

"{73090D75-6A32-4432-8759-A48B2837F391}"=""

"{674D3A2E-DF68-421F-99B1-F37B95790B83}"=""

"{C6A32F08-0927-4A16-9A5B-92571A111F1A}"=""

"{963DC630-1CD8-4AE8-B15A-B4F303BAD3BC}"=""

"{0A74B4C4-BD10-450D-9164-26045FB7BBF2}"=""

"{54EFA132-1E47-47ED-B2FB-2FA25F0B84CE}"=""

"{B7D5919F-21EB-415C-A412-0933824B3904}"=""

"{25F63EDA-7C42-49BE-8BC6-2740269477FF}"=""

"{8FDB5A68-536E-43DC-9F98-FF8C32CFB405}"=""

"{52111EE9-39FB-4BC4-8295-8F2710D3D0F3}"=""

"{61B1852D-0025-4F5F-AE4E-42CADC696CD3}"=""

"{8DC81899-3303-4ED7-BF29-4B528D295A94}"=""

"{7258F432-7A82-4A86-816C-5858AE8AD660}"=""

"{665994FF-7403-457A-B3D6-7EB8E649623E}"=""

"{FEC9063A-C0B0-40FA-A364-FA37ABD8A095}"=""

"{7717662E-E312-4580-BD28-5765F7CCB661}"=""

"{929C5DE6-ADE4-483E-8AF7-D135EBB6A143}"=""

"{8DD5EDA5-9508-467D-A540-1619582C8393}"=""

"{BB0C6D4E-A9C2-4DC1-9098-22336D9EE400}"=""

"{65297154-AE1D-4118-BEB4-C53275035344}"=""

"{C63E5934-3DA6-453B-BC5C-DE3A0A6A9C44}"=""

"{216394E5-688D-4A1B-B1ED-DF794D79B584}"=""

"{6B3262BD-BA21-4906-8E22-50ED4012A1B5}"=""

"{0F763CD1-2996-48CD-9A83-69F4FF998276}"=""

"{A06694E8-BC38-48E1-9E7F-2883AA8033E7}"=""

"{34FBAEDC-518A-407F-A8DC-16EAA5269963}"=""

"{69DE1CFE-A086-47C7-94CB-E1690663314A}"=""

"{FE041488-3F92-48FA-9CFF-8596EBDD59CB}"=""

"{EDBE745E-6E49-4F13-B666-7FC7AB5789B7}"=""

"{46579E35-9BC5-45C8-ABB5-92318291A86E}"=""

"{FA96C2CE-9CA6-41D3-80BA-7D6B271ED1DF}"=""

"{8B5E27E6-37B4-4BD9-90EF-4381AD69B7BC}"=""

"{608AAC33-07CD-420D-98FB-55E7C2564433}"=""

"{CFDDA904-D3E7-4092-845C-40B0E6491F68}"=""

"{15898249-6DF4-4D19-8230-92255BB4D945}"=""

"{7716AB6D-B7D0-465F-A096-443DE7C4C074}"=""

"{43552700-C4C7-4901-A44F-88D5EE53EE89}"=""

"{96C27492-AB91-4E26-998D-745B40F5E9BD}"=""

"{F014B824-F3E5-43E0-B0A5-417E150BB2CE}"=""

"{5BABF51B-22D1-4BCA-92B4-B788F2458B3E}"=""

"{DCA77BAE-C488-47D3-AB93-24DBBC416890}"=""

"{6DEFE0A0-C56B-4466-B0FE-DBBE00AEADD6}"=""

"{C32809FE-77DD-4474-8CB7-99D6EE977EE8}"=""

"{BD350000-9A6F-4C82-ADA9-919FCADDDCA7}"=""

"{0C5E6420-6AEA-491D-942F-F407CDB1B6FA}"=""

"{0A78938C-EDD0-45BD-977C-9E4A8A6A7570}"=""

"{877F9D7D-9B61-409E-A284-FA68D07C2867}"=""

"{C084878E-65F5-4EF8-B1BB-9A2B71CEEF17}"=""

"{4AA9CE85-D851-47F7-89D4-627617F90CB1}"=""

"{B42E60BE-8AF6-4678-B3CD-703915EA4F43}"=""

"{D39816CE-F077-4C35-8B86-C9B19DDA9609}"=""

"{E8CA4D7C-9192-4FFA-BA0B-5D3DF4800ABE}"=""

"{AC03BBFC-CB00-44D7-88E6-0DE645D21E12}"=""

"{4D017C2F-339A-484F-8B61-66FCD205A11D}"=""

"{3230C62C-2525-44BC-AD28-6CF8386BBFC5}"=""

"{020C7885-6ACD-49AB-A887-13395CDB86E9}"=""

"{D4AE5703-02A4-4EA5-9546-66E007D8009F}"=""

"{873BC4FD-2FF9-424E-BEEA-164B87580FD1}"=""

"{251E8AA9-319A-46CD-9E11-41AD9EABFE61}"=""

"{FA71417F-C6D1-42D3-B73C-65691CBE5956}"=""

"{1896C6D8-81AF-4A83-A831-55D305C44364}"=""

"{1FDC38C7-364B-4A55-B0DF-4305E2F40A3A}"=""

"{9149A1EE-1303-4889-959B-68F3B3CF7B2D}"=""

"{233B87BB-79F7-4CE7-B8C7-6AB60D4E2A63}"=""

"{75FBC6CA-22A5-4DC9-9163-C50D51191968}"=""

"{CDF58F5B-1BCC-413E-8C17-678ECF852E67}"=""

"{8ACAFE47-41B3-4FA9-B5B3-114ED12F97F4}"=""

"{17689F1E-1B7E-427A-B818-1D3B9D816BCD}"=""

"{208F3E94-713E-4BAB-9AAD-F21003C6B0EF}"=""

"{044FDD8B-A8D5-42C0-BBC2-D440D48BDB66}"=""

"{83B6BB96-FF06-4535-ACE9-9B80D8E6A486}"=""

"{D5F3DDF2-69A2-499B-8878-35342BCFFD76}"=""

"{05210B7C-A868-4A6A-BC20-F56870E0BF68}"=""

"{D65770C1-60C0-4A67-BE3B-01750A86C6EB}"=""

"{9CE509F2-9C69-4D49-B32E-AAADB6A790C5}"=""

"{38482717-8FEC-4A1B-8540-0D7A03D2DE7A}"=""

"{87CAD155-F15F-4139-8717-057D0FE781D2}"=""

"{8DE88C2A-8633-4FEA-AD43-031E104697BA}"=""

"{4729058B-7FF3-442F-BA70-A71C57EC42A2}"=""

"{66B3B079-D09A-41DC-9FBA-9E76FC558F43}"=""

"{B75EB4B7-5D9C-4515-B1F6-0B9ACFF7DC4C}"=""

"{6081EBB4-DDF9-41AF-BA1F-2B78A9538458}"=""

"{A6CABA77-F9C4-48DE-9DE7-68149E05E9A3}"=""

"{D84D1D25-6D24-47C1-8DD7-C1B76CB9BF95}"=""

"{497EEB36-AF21-421F-9F68-9BE76276ADFA}"=""

"{B6C5F670-BB6D-4192-93A1-5BF08C487870}"=""

"{92BD227F-6A8F-4B11-9E69-88DFB8DAF413}"=""

"{E7DABD22-2AEF-4175-BE37-631550134EAB}"=""

"{8DA02DB9-D17C-4B84-96D2-F3C1AF253C40}"=""

"{48467103-D3AA-4B75-AA8B-FCB813655792}"=""

"{733F5AB8-B287-4886-86BD-22E0D61E4D66}"=""

"{7765DA36-78E7-46ED-8829-5113FEF1C70C}"=""

"{F49510F2-C832-41DC-AEF1-0ED61ED34045}"=""

"{25799CB6-C4CB-4B55-AC83-E1ACAE36F438}"=""

"{18567D4B-09BD-4F9B-868D-E3210D79833C}"=""

"{67501BC0-6F1B-4A7D-8D0D-4241D8D5EC8F}"=""

"{E371D4F2-5FD8-4673-A69F-5A21D3D058A5}"=""

"{B4E21A8C-F533-41CD-B524-B405523E90FD}"=""

"{754D0BDA-13A5-4D66-8A2F-9FDF881BA8B5}"=""

"{CFDE2F87-2361-4136-81BB-956534AE98CC}"=""

"{6D441A22-CF91-42A9-94DA-E50BB30D0402}"=""

"{0104A036-E6BB-4507-9B81-1F40523536A4}"=""

"{60E833DF-267D-40E6-B997-1C90900EB485}"=""

"{10BC3B61-0763-4727-B05A-83B65F960D5D}"=""

"{75EAA4E6-958F-4A66-A52E-707F89E5DB12}"=""

"{8CE71A09-B8DE-4324-A53B-0EE17FE7EE17}"=""

"{A85CE786-F864-4ABE-A3B6-D8EEDDCA5020}"=""

"{D82CF640-8D13-4FC3-A32A-178A8E748C94}"=""

"{A6FC141F-7D1D-44A2-B27D-BB95D384EBA1}"=""

"{FF60FA83-D382-4858-9DD2-25E952B4FA38}"=""

"{53E5F36E-DF20-4B4A-9477-F1AA057D6A29}"=""

"{14DAA10C-37D6-493A-8075-E485BFD3756B}"=""

"{D2915836-0D3F-4F5E-84D8-C73CB3F3EE50}"=""

"{2FA1FE47-F0F7-4C66-A35A-4DC7C507EC8A}"=""

"{8C81CF5B-C3C2-4BB8-A0E3-A4E15CF0734B}"=""

"{D09F1C44-3331-4795-B716-66DD25877A01}"=""

"{1876C100-D755-4E6A-92F9-083758E2F011}"=""

"{92873E30-69D2-46A9-B60D-2F4EE24ACF17}"=""

"{FAD9946F-CBAD-4306-BC17-6128E97A0931}"=""

"{19F7B99E-97B0-4856-B3F4-99B0EB5CA27C}"=""

"{F59EE81A-D7C3-4295-BF4A-058038E7D69E}"=""

"{DC84DE56-EC60-4115-A96B-28AA8FB7D9C6}"=""

"{6FF1CA0A-C5A1-4DB2-B8F8-B70C33D82F08}"=""

"{595AB69F-A1C0-4A2E-88E3-08BA9F393D12}"=""

"{BF6C9C1D-6FD7-47F2-9649-9433B0D145C0}"=""

"{83AB3E04-4630-4766-909C-0DD867FB3EC1}"=""

"{709406AE-FD6F-4424-897D-DDBA21397628}"=""

"{9C1A7AE2-AA71-4FE4-BE1B-D57BEF4F6220}"=""

"{0C5D12BD-1572-4543-8651-EBEA72F1B1B9}"=""

"{AF593D18-1815-4B6B-9BDF-BC4070644852}"=""

"{C10C52AB-072B-4A7F-9F01-7307DCA52E75}"=""

"{C4457AA7-7952-48BF-81CE-8D315652FD07}"=""

"{DD7ABB66-2ADC-4658-B443-488D2CF193C0}"=""

"{9EEC75EC-3780-4D13-BF73-EFD341543F31}"=""

"{D5F182A7-2C5E-4139-8558-4230E9B4C7FC}"=""

"{6C605341-E61C-41BF-9B64-B3B7268E85BC}"=""

"{C1083350-D31A-4ABE-B045-381B2D9F2274}"=""

"{F2D1DADC-9DD1-43E3-A788-A21C4E20AA98}"=""

"{D239B7AA-CAAE-48BB-9D1C-3455C6541A54}"=""

"{1498838B-6E67-47E3-B4A1-B9CCCA97689F}"=""

"{0616F1FF-83EA-4A9C-8777-36CF0995C57F}"=""

"{0433F684-4897-4F81-9319-BEDB5B8D2084}"=""

"{1EA4D943-6152-4227-99F3-F0B747CB609C}"=""

"{65A89F02-A38A-4F83-9889-DC2513345D59}"=""

"{FEC9C31A-5821-4032-8FC4-8A185AD3E2D9}"=""

"{6B035179-8D11-44AE-9787-A8A70360C2D2}"=""

"{7915C7AF-1B4D-4E1B-8020-31592EC1188D}"=""

"{409840F5-6D10-4638-A8D5-1032C7FE61E0}"=""

"{6E862FF0-7C24-4FFA-A2E7-80FA6CFF74A4}"=""

"{B6B65E1F-1CAD-44E5-8111-62E3AC806B9F}"=""

"{E5648C2A-3D98-442E-A9BB-55735629D838}"=""

"{F636370E-4E66-4BF5-9D45-F4AD3B0FB554}"=""

"{921F20F5-05F2-46C8-8EA9-EBD0C7110F46}"=""

"{0EE615B9-AE2F-44FA-8EDD-A812CC1CEAB0}"=""

"{903EDFED-8504-43BC-BBD7-BA8B3E9CC0BD}"=""

"{5CDA3DC0-2263-4EE2-AEE6-570BF0F6B173}"=""

"{E964F535-5F5E-4DB4-884E-DA0D0277595D}"=""

"{AF40481C-B975-42C1-AE27-72671D8FDFD9}"=""

"{0AC08CE5-E22A-4449-ADDD-4320CE7EE71A}"=""

"{13F13AD3-CD6E-4555-BDE7-72F187D831B9}"=""

"{0A84F788-4053-4A24-8233-F2EB9E6B1380}"=""

"{FCE5E35F-840D-470B-94C1-8D527A56CB5A}"=""

"{97B2ED2C-D3E4-447D-B300-643B71E995E3}"=""

"{DB4D4D3C-E707-4392-8E38-8064E5DFAEB3}"=""

"{D959FC02-8BD4-4AF7-A3C0-A098604EBF77}"=""

"{1F0040B5-9A9D-4BEF-BBE9-95D1986AC9F2}"=""

"{29A37B91-E75E-46FB-8DFA-2C5726573021}"=""

"{A4B5E73E-A068-49B6-9A4B-A439D868AD24}"=""

"{6FD0B652-CE55-4AD7-82C4-F1B6F5993EA1}"=""

"{7589A3BC-52C2-410D-B349-B891EB5EA63F}"=""

"{501955AA-5C7C-48E4-B2D1-FE0F19ABE204}"=""

"{53875005-E87E-4802-A7D0-53356D1B89EA}"=""

"{8D299EE2-3958-47D7-B25F-DF3ED290A744}"=""

"{861B4338-CAD1-462F-B4D7-C45012D16116}"=""

"{A7A02553-CFD8-40AB-9C09-0F76FEEE7394}"=""

"{6BE6DB20-8D30-4780-B932-7E4EAFF16547}"=""

"{0D373BF5-C23F-49B9-908E-08F1247B7918}"=""

"{B0C90716-5920-4CD9-ADEC-28F4AD7581F5}"=""

"{43317353-9BC2-4D52-A3ED-743EBAB51074}"=""

"{175D9AC7-4EC4-4B25-86F2-8D9F6E885A99}"=""

"{8959A18C-6C05-4DDD-830B-4953B0272460}"=""

"{EA108AFF-3D8E-49CF-8240-38D615FE5C98}"=""

"{FF63FE28-0E22-48B5-8442-36B7B4A2AC1F}"=""

"{367FF3F7-F28F-490B-AD1A-A761FDD89866}"=""

"{EDBCDA6A-EA19-4394-9A68-AD3F06E60B85}"=""

"{DBBAA87C-B743-4083-9252-1CB2748C317E}"=""

"{5EB9BC12-F74A-400B-957C-3CF998AAF5E1}"=""

"{A80687F8-93F0-4D0B-A57B-98BF9133C094}"=""

"{9B60049F-9F35-47B1-ADCA-60EF5BDFE795}"=""

"{162FA2BA-4797-4648-8337-140FB232F814}"=""

"{A091ECC4-3483-4F1C-8FF3-F283335E0DA2}"=""

"{306E22AC-D2F3-4616-9717-2B4F1A849907}"=""

"{930136FC-C562-4461-B54D-5C28CED398DD}"=""

"{E8E74F9A-2BC1-4247-B6A1-3B7D94487E8A}"=""

"{E624A551-6960-40C3-ADFE-7941DFEE639A}"=""

"{940F858C-8C22-4FF5-BD7A-BC263682DBD9}"=""

"{EB4CF509-E7D7-4713-ACB3-2F9B22036FE6}"=""

"{BC802074-508A-4747-8888-1B591C44592F}"=""

"{129F7E7B-AF3F-4A7A-9E94-2F60B06E1705}"=""

"{2AF156ED-7D84-4582-8539-26F7FCD5BEF5}"=""

"{CBE28E5E-D03F-4621-8E72-11EE824BB0E2}"=""

"{7BB63D88-1400-4ECD-A0BB-4AB3A60FF1BB}"=""

"{36F40D8D-7562-43D3-9D44-A4AAAAB426F3}"=""

"{CE8ED8A8-C282-41D5-B287-E084CB20BD50}"=""

"{95F0B3D1-764E-4648-957B-5143D7DA4883}"=""

"{0E6AD3B0-FEE3-4BD3-A95A-3CCA5408F550}"=""

"{3A35CBC6-E81D-445D-955A-4F16BBC84CA2}"=""

"{6C083E1A-6BBF-4075-9388-D5AECA435358}"=""

"{BC5D2214-F7BD-4574-A62D-C364104FCA41}"=""

"{379AE88B-F1E6-4DF7-AD68-69B45BE2F483}"=""

"{9AED66EC-96F7-495B-BAB3-8E0F3FDC7EC4}"=""

"{854DBF88-29C1-4B46-A988-C2ABB69B6AE2}"=""

"{CAF7A9A1-8E2A-4B71-A9C9-3AF594E63018}"=""

"{E8A471FF-01AB-4763-9B35-018728E3C637}"=""

"{008ABC43-A305-4535-9A22-9B9891CF73E7}"=""

"{6BB73BC4-9A50-4C66-A2F0-348A65CF2729}"=""

"{B881C529-07F0-4C1F-9A52-8EDBECB3E150}"=""

"{4607BAE1-8F4D-4BC5-910F-AABEFBB1D2E7}"=""

"{665AD354-B967-4A34-B961-4F8846011F1C}"=""

"{C0DD9027-A3AD-4558-B60E-9F59DBD29FA7}"=""

"{30139EF2-D95F-4A33-B07E-E3C216C89CF8}"=""

"{654BF0F6-E198-4AD8-938B-76F44E49BE20}"=""

"{7B3EA20C-0FE4-4B69-80A4-779F6F0C7DB0}"=""

"{9A9D39EE-640D-49BB-9FAF-5975E850C4CD}"=""

"{E77AF90F-36E9-468A-B5F8-27FEEDF1F299}"=""

"{ED677BCC-5566-4DBD-901F-233B23126239}"=""

"{03002D13-8CB2-4C66-ACDD-BA37E10DB4A0}"=""

"{687ABBCA-10F8-4BE9-981A-11226C98FF33}"=""

"{7DD22548-AA88-4CBD-B60C-446137A2784D}"=""

"{37200530-EB76-456E-9E3B-6AF7BC81D0C6}"=""

"{3394B49C-B004-4968-B9C2-097164FD21DD}"=""

"{55C09A05-2A6F-4EA1-9505-6BD562295878}"=""

"{6CE194A2-64E0-4B5F-BE8E-1139BEDEB13E}"=""

"{C7819E7A-F768-4C8D-ADE7-8AED164618D6}"=""

"{B4686CA0-738B-4888-939F-DBF79D71BA10}"=""

"{CB5521BC-3D91-484B-AC16-CCD0B7A3419F}"=""

"{50EEE4A6-87B8-4639-994B-91CBFD3496A2}"=""

"{AA0614AE-2400-43A1-97B3-B62CB4FF78BD}"=""

"{D89F601A-C31F-41AE-980A-485DEBFF7186}"=""

"{8597E274-5EC9-4F54-9875-63220CCB9C67}"=""

"{C64C952F-2628-491E-8335-2802C18CCEE9}"=""

"{9CA0B1F8-B96E-40E3-AA77-BBE3488179CC}"=""

"{C8801FFE-3619-4A22-ACFF-8ED1DB85F4EB}"=""

"{D634E3FC-B568-4279-87AC-F97907B42C2A}"=""

"{4CEE35E0-0DE9-489C-9D45-B2DFB7C56580}"=""

"{A3B75266-0E62-4F96-8DDF-5AF4DC5FD74D}"=""

"{6C635AB1-B01B-401A-9146-2AB76E39957F}"=""

"{D4D134CC-863E-4964-9DD9-9B6949B66352}"=""

"{272621DB-967C-4AA7-976E-98C14F0836C6}"=""

"{A915460E-A5C6-4833-B5BB-CBD5F3CBC521}"=""

"{7EDC7B7B-CEA6-4ABA-B6E0-09542BC2ED63}"=""

"{2F029DE9-670B-42ED-BBA5-49B894AAE512}"=""

"{5C502A02-7F94-4239-B98E-06F8C313E35C}"=""

"{63F525A0-7841-4B81-B762-C906EE90C5F0}"=""

"{DDE7A0F1-C066-4D3D-B484-960779EA0160}"=""

"{3D65955F-C989-4E3B-A34E-A88AE4822CE8}"=""

"{90618E78-A485-4AD6-ACFF-10B99FFD60B2}"=""

"{6A77EDCE-18E6-48DE-8BC5-0DF8C2C45C32}"=""

"{D0D9778D-E4A1-4054-8D2F-962456D3B61F}"=""

"{03C49F79-9711-4F3D-A521-D19602F0F737}"=""

"{EFAAC11E-745D-45D2-B51D-8C4739B64EF6}"=""

"{646DE0DF-C532-4270-9F53-3D5C48854DF9}"=""

"{61A7724F-5B78-4B28-8105-3E9BBC50541B}"=""

"{16C41A07-FE84-4E1E-9ECA-AAE673370E13}"=""

"{289F0060-FE09-4578-B294-E241822BE688}"=""

"{371038DF-E459-43D1-B5CB-450F2855567E}"=""

"{002606D5-B1EC-42A8-9CCC-4DF1FE77B398}"=""

"{441FA2EE-4763-47EB-B34A-4A085DE506C8}"=""

"{C772709C-BDEA-43C7-9909-485A57A903FC}"=""

"{A3B45588-B385-47BF-8DC1-1F2D8867B7A2}"=""

"{9B9D389F-6C5C-4E8F-9655-0AAB66C34DA2}"=""

"{5A2FC62B-A439-4027-B02A-941A9E4C643E}"=""

"{39C23103-1801-423D-87BE-BCF3AC256C51}"=""

"{F06F77A6-1571-430B-AA20-9491760B087A}"=""

"{076BC832-83B0-4DE1-8029-18D61AF3B7F2}"=""

"{8A20A446-D430-4488-A87A-BBCB5664A9EB}"=""

"{222111DE-B20B-43F7-AFF9-2C915E58AE11}"=""

"{BBE8BCFA-F802-4833-AF60-B21E5D7BAA93}"=""

"{4815CF8D-5E8A-4192-A788-50854A830255}"=""

"{0CA98B89-B8DE-4A5B-B8FE-64B699A5CA7D}"=""

"{247C778B-6643-403C-83F0-BE8E31B3F961}"=""

"{1AEB7B22-EE6E-4A0D-AD84-15F8FE6B69D2}"=""

"{22B30541-FDA6-432D-A02A-D500B766EBC1}"=""

"{C996C290-3C30-43CB-AF9E-E108EFD2B2CF}"=""

"{E2F45B19-1887-4A11-BDC7-7F9247A4BBD5}"=""

"{58F81BE5-CB25-4E70-80AF-13E56CF58A92}"=""

"{BDB22988-FBFA-4E0F-8E41-3DCFE2797199}"=""

"{236B1089-EBD2-444E-B95E-41F5480B41F0}"=""

"{08B74F89-AA05-4A70-9CAE-724852F2FC4A}"=""

"{1773973F-7A31-4678-9FAD-E06043AE8CE9}"=""

"{F24BBF53-20E5-4A10-9530-6B0D6589C3E0}"=""

"{618AFB96-99A0-4DB0-AF32-993C81F9714D}"=""

"{B2185367-C90E-4CEC-B200-942FCC44691D}"=""

"{7B0E0028-96CC-4E27-8281-6DED289ACD43}"=""

"{DBE80445-E857-409A-B3E0-86D1DB8E4411}"=""

"{54CC0D5E-808A-4522-B866-CF0AD60CC03F}"=""

"{44D88DA9-0065-4375-826B-82C2855851F0}"=""

"{0478DB2B-3BBE-4938-ADDF-7D3DA33B3A9D}"=""

"{DB12370F-13AD-4B25-BC2E-E6D16DEA4F43}"=""

"{DCA3E252-06E4-49A6-823B-8A3EAEDB60D7}"=""

"{BC83E6D9-D391-4498-A4E8-734440ADD996}"=""

"{099CAFC9-107B-489F-A935-26837402C398}"=""

"{B79F7643-DCC5-43BF-9D07-402DE25FCB49}"=""

"{82B7F7C9-8CB7-4B60-A7B9-DBD34D123A04}"=""

"{FB6AA540-6B35-4D0B-B98B-F96CFE99A5DC}"=""

"{44C6F69B-86C6-45FD-9266-4E8389531F5F}"=""

"{3F83AE65-83A1-4752-9D85-607F2FEB884F}"=""

"{A1AF2C01-4EC5-4BE5-AA4D-5F3BDD74560D}"=""

"{5EDFBEAB-0516-423C-AF5C-FFD63F1279D6}"=""

"{4799EE89-D5F1-45BB-81A1-10D51CE09D20}"=""

"{EA2162DB-90B2-4F8F-B00A-A047B8EE19A2}"=""

"{84C42C1A-E68D-431C-A49B-BEF30D0CB5D6}"=""

"{480256CD-2E3D-4CD4-B1E8-460041A1345B}"=""

"{FD243EDB-9972-49D2-8A80-E23E89B5BA9F}"=""

"{E6307F51-ECFB-45C1-BF54-7F5E890DDD77}"=""

"{B467EB6B-5443-44CC-8F14-37D48D7B8634}"=""

"{239BA78B-76B6-4C6E-9445-C07491A5A72D}"=""

"{CA8B8A32-9CE1-44E2-AE7B-A707140A655E}"=""

"{E1C36548-D2C2-4857-88B1-5CB8D16F4F46}"=""

"{E468D377-DE81-499D-9349-183A30CAB483}"=""

"{F6CE7D2A-2161-41A1-9B31-780E6A7AAFC1}"=""

"{A5991FC3-916D-4B10-A695-912875B3A561}"=""

"{38D4B103-8F8F-4130-899C-9C2B14C7CD0B}"=""

"{25A33A0C-5621-4833-A4BE-B0B3B7045DF4}"=""

"{84A0531E-EF3A-4200-94A5-9F590BD2225D}"=""

"{80C509A6-83C0-49B2-B033-7969BFA098DB}"=""

"{49D6F6EA-A6A2-454A-89C5-64DB816508E1}"=""

"{7BE458D0-7A76-4FD1-B044-D5302F9E7AAB}"=""

"{D24963C7-8072-4797-84E2-ABA2E45C06B2}"=""

"{68F211A1-0592-4B3F-B677-3A12A9FD5F64}"=""

"{8323B19F-7A64-4521-8EB7-2CCD284225A4}"=""

"{62FEB926-80F2-48F3-A99D-748FDA705DA3}"=""

"{DE998826-20DF-445B-9135-D74E5994309D}"=""

"{E4867DD0-B561-465E-B1FD-622416686F92}"=""

"{C789A440-5971-4846-A247-B5999AA076ED}"=""

"{215A9297-7907-4F61-BB2A-ECE189902095}"=""

"{B4E7E6A7-518E-4ADA-B719-E5F93369F6FA}"=""

"{47F7FEAE-0193-4635-AFDA-8F632EA10D27}"=""

"{CC001095-897B-4D1F-8904-04C3EF458666}"=""

"{9A6B6D25-AFBB-4E6B-BB47-A3775EF8A627}"=""

"{200461A8-377F-4B6B-B933-A968EA54E047}"=""

"{8E4B2EEA-5929-4A33-B711-C197F1F23843}"=""

"{7D9AB677-74AC-415A-BFD5-9EE182CAE45F}"=""

"{9681ADC0-D886-42DB-B5F9-054EAEC2059E}"=""

"{78A77E39-2D07-4482-B156-5E1B7F99D4F4}"=""

"{AFD62B0E-1D43-47B9-A360-E4E852722D30}"=""

"{50E42830-2D93-4CF4-8D52-985B3E855795}"=""

"{CA062052-CCD1-4ADB-B214-81611C4461C6}"=""

"{A61B94D3-6EDA-4143-BB0D-0294EA77C501}"=""

"{6E0D5DEB-9BF1-4997-BCBD-9695B3E8BE01}"=""

"{386F0AF1-20D4-48BD-90F2-310C8FF3E644}"=""

"{0AC309A9-0638-456C-A56C-8C726692E3F7}"=""

"{34885C45-F0A8-42B3-9CFD-BBA645535210}"=""

"{D8CA1FA5-97B4-4D62-9F2C-BA2E5198A000}"=""

"{79AD8570-29A9-484C-B08C-3258BB403351}"=""

"{C6472501-1508-471C-9EB4-4DCF634A4FF7}"=""

"{9053AB52-7AA4-4B62-A954-2A4194B3AE73}"=""

"{77E94103-5E36-42FB-9542-05042AC11AD0}"=""

"{5F587747-AFD0-45E6-B339-66860A41AF9C}"=""

"{80A5C70B-D5CE-4D53-B2B1-40B65BCCB780}"=""

"{9F62A71E-FE68-4BE3-9FF5-1E1AB1F85C76}"=""

"{1E118285-A3DB-4EF6-A5A6-7B1A96FEB635}"=""

"{EC14E18E-BD72-4EB0-9914-CF4468CAC9FB}"=""

"{92C333AB-2D20-49A9-AFFE-4DBC4032CD0A}"=""

"{11F10795-8F42-4A84-BF63-9F5EF78ABDA5}"=""

"{C8206AFC-FC26-4281-85A2-7D5293C39C0F}"=""

"{D6A85F34-355F-40D3-9FA0-3111ABA3C9F6}"=""

"{7ACDD88C-2E94-4B1B-AF3E-12479D8089E3}"=""

"{96F18256-149F-4C7A-8107-D03C7D3E4CEF}"=""

"{44D6C251-0E1E-4853-B46C-182DF0692FF9}"=""

"{D76D70DE-D4FC-4176-BDFF-F909042A099F}"=""

"{8E20C467-5302-43AB-8486-954AEF1BDB18}"=""

"{002CA085-71D4-49AA-8DE9-DB41ABBE5B67}"=""

"{D42FAB83-4956-45BC-91D3-A8DA41137A64}"=""

"{BD216E5F-D5E4-43DA-A0D1-86A122404FEE}"=""

"{281C9760-C0B0-45F9-B532-50D14A1B98FF}"=""

"{84C9A7E9-D640-4384-A2C1-D2F690D3F2CD}"=""

"{04E906A7-A22A-42B9-938A-E954A9185477}"=""

"{D5889ED8-8C0D-47BD-AE41-AF2F81E048D5}"=""

"{BD82A3D1-1D3B-440B-A8C0-8F208D1F0CBE}"=""

"{D7B7C88A-25E5-46C8-9530-0B3C09597BD5}"=""

"{0C79DB3C-A9E4-44FC-8576-7EA801D4685B}"=""

"{7FF3E425-06F5-4259-99E4-45A2975E67EC}"=""

"{2F97B6C8-D4CE-4EE0-B619-FF36A150126F}"=""

"{062377D9-C54B-464D-980D-2E1D5C505B64}"=""

"{D4E28F5B-B176-4ADB-B2D0-162B0664064C}"=""

"{F4165CCC-8EF7-42D8-AB87-23C1A259CA34}"=""

"{138EF053-B43D-41EA-8A14-4406F8D2699E}"=""

"{9174DDE6-AEF7-4AC0-9813-9BE720F28988}"=""

"{6394FFBE-8256-4048-A8AF-04CE72F0D110}"=""

"{806194DD-27F2-48F5-87F2-75452B930642}"=""

"{46EAFC2F-5416-4CA5-886D-527A5817469B}"=""

"{F3C22682-AE25-43EE-A647-365593B5E45D}"=""

"{F6E0AEA7-E078-479E-8DAC-118D4B93C91A}"=""

"{02E41EF9-7FB1-4D50-A6D4-978EB0A8D020}"=""

"{C6CDFA89-2E1F-4A54-8820-7685684A2117}"=""

"{C0CF2654-2E8A-452F-9B29-5038B3327152}"=""

"{F7A8A0D9-4658-4D59-9E73-46DDC573748F}"=""

"{653BE830-3593-4B7D-A14A-3A48644B60A9}"=""

"{0FD6E7B5-21E6-4193-837A-AA2DC0702D94}"=""

"{8534A3F0-FF71-4FDF-8694-B31B9351502C}"=""

"{9D465E40-7DAE-44D1-8A22-DE36638BA0BD}"=""

"{9082FC28-A0DB-41EC-9E8F-582F62119D0E}"=""

"{2C2AFF87-08A8-440C-973C-BD0786501A66}"=""

"{ABB7C1F3-A7C5-408B-A2FC-000CA70DC586}"=""

"{8FCE324C-C4D9-4DF2-988A-C4F30AB7A879}"=""

"{E11792A2-5582-4C0E-9354-C504A5A32A10}"=""

"{517775B6-C1D1-4009-9E61-BABB8B5E3547}"=""

"{9C2CB815-1D0F-4C46-A4D7-8DF4A8AA566A}"=""

"{39C4ED5E-DFF1-4578-A69B-574026E9B80B}"=""

"{81A751A6-5564-4BD2-9CDD-4FB35BE3C830}"=""

"{627B3227-551C-49C7-9ECA-1DC0D637D6EE}"=""

"{FF6D4D3A-DCBF-42F9-B62E-D3D695541205}"=""

"{3D4C1A98-3F27-4788-830B-896E716B421C}"=""

"{31EF776B-FD4E-425E-BF5A-44ED6D322298}"=""

"{686F90EA-EDA5-42F4-8120-E06844A10F34}"=""

"{53A598AA-FDF5-4156-98E6-3C2DEE1E6549}"=""

"{B0C4595C-190D-48DB-A1B2-4B51C8D8C3FC}"=""

"{665938E8-C390-475D-8946-F1FAE25C9895}"=""

"{D4F75953-49B8-4EC9-8685-43B4814B4662}"=""

"{B5A59519-524B-4D03-96A2-17522CE729B3}"=""

"{3BB20944-FEC4-471E-BEFE-1810B5243EE8}"=""

"{561FDC65-AE8E-481A-94FE-01E41408D745}"=""

"{82C8FE63-9FAB-41D0-A52A-84A350229C39}"=""

"{CEED70BF-3769-45E2-B080-A84DD02B70B7}"=""

"{63412436-8936-49EE-A327-17BD077D9127}"=""

"{687416C6-A6FA-4D90-AF97-1329941A40F8}"=""

"{86FB666E-1529-4806-93CC-F0409FC6912D}"=""

"{99DBC840-AB70-4F5B-B9BC-BB53A5E15284}"=""

"{AC4FB348-D01E-471A-BA43-16B955038533}"=""

"{15FAD0D7-6C26-4933-948E-52A249EBA93E}"=""

"{345FC7F7-CF48-4D03-9ABC-99DCDF8D5DCA}"=""

"{625077CD-02BA-4ED5-9A17-A989482A8D5D}"=""

"{C31F512C-88E2-4E06-A366-51A92DAD68D8}"=""

"{260E6A73-470A-497D-A90F-5202B47A4288}"=""

"{5F20703D-064D-4768-9376-69FC1AF41AFD}"=""

"{3DF5B666-7D93-43D0-89F4-515F835DE917}"=""

"{8E9BC507-4B82-4A80-8BB2-19D512564B05}"=""

"{58C9176F-1285-4490-95B2-1F5F67827D63}"=""

"{899CA544-0B15-4385-B52E-863C7145BA5F}"=""

"{B063302C-FF87-4CAD-8E35-981D2759E15F}"=""

"{4992367B-82FB-4754-A3BB-E63401EEFB40}"=""

"{CD43C2A0-356A-4890-BEF6-08EBB819DE7D}"=""

"{27D355C2-84E3-4FAF-A70C-53E56EA1EA9E}"=""

"{54E360FD-C9F3-4EB8-8C75-FA6887566AD4}"=""

"{54C9FA17-65C1-43AE-B57E-3869D82119FF}"=""

"{35B8ABAF-4302-4EF9-92C7-9FF8DBF260C6}"=""

"{EE1EF7CC-A714-41BE-A730-C2BFA2E8CA4D}"=""

"{202016C4-8F84-4DF5-B050-7D5031C4A2F6}"=""

"{D94AB559-3788-43CA-90B8-2D3A5DF187A5}"=""

"{EF3C4748-A99F-4D09-B04A-E03700217179}"=""

"{80FF2300-12D4-485C-AF3B-50D3CD1F4C39}"=""

"{3CCDE133-6316-4544-9BE9-2A345CE423F2}"=""

"{C69FD7C8-46BF-4598-B42A-5B0AE378D515}"=""

"{38208993-01B0-4C2D-BA1F-EA758424D3B2}"=""

"{E21FB51D-010D-46DF-A4FC-F64045DF3EFA}"=""

"{DE95B28B-2428-4E34-A2DE-226AFFD47E2E}"=""

"{F9831B04-C9F6-455C-8DE1-AB544376FB3A}"=""

"{0533898B-D687-487F-B71D-50D9F18E4566}"=""

"{B6DA6103-B9B6-43D3-A821-2FA05AA3F583}"=""

"{E5FEE1EE-B99F-4088-A644-562ACE00C7A2}"=""

"{3C147182-57F2-473D-9073-3AEECFEE88B1}"=""

"{D723266C-5F10-426C-A497-1BB8742FA143}"=""

"{193D14B3-D1B7-478A-844D-7D262121CC5F}"=""

"{6EE03AFE-07D6-4EA5-89B7-00FCCBDA3C5D}"=""

"{6D8914A2-BCFC-4A9F-ABFA-BAE23E0FA467}"=""

"{7B35B5C7-54E5-4601-9D78-2F26D4146E52}"=""

"{61D5F9ED-6270-4F21-9D19-49A57F7EBAB5}"=""

"{EEE9DBBA-42BC-44DD-815B-85A52B19B9E6}"=""

"{210849D6-BC8A-4618-9E45-423BE2C1E13F}"=""

"{9B8C0EB2-1F13-461F-B1E2-4E9457280099}"=""

"{7ADCE806-7A30-4DF0-86D0-937AC16AD56B}"=""

"{38BE08A3-22C6-43BE-AD21-BBA5E9FA43D1}"=""

"{10E90005-5D7D-4780-9ACB-136C3C6AF631}"=""

"{DF7D1BB6-6FD1-435C-9006-8145F533EE96}"=""

"{81E10004-5308-4134-B351-D8E53656DAEE}"=""

"{77EF7BF3-CEA7-4F60-86C8-1CCBCDBF4216}"=""

"{0A6AB52D-7FAC-4D09-B1CC-0EF3F5356E39}"=""

"{A8C756C6-D14C-4A12-9A08-DE65383ECA5B}"=""

"{5EADE0D7-804E-40FE-85A3-2EAE3D1DF1DE}"=""

"{05ADF9F4-6F39-4735-B1AB-CF6EEF6E0127}"=""

"{D08A1B38-D635-40CA-B0F6-F4565F60077E}"=""

"{545E5F34-A351-41E9-B889-F8971304B1BC}"=""

"{044B5D42-9E6D-4ADF-993F-30910B79F2DD}"=""

"{765B84E7-9F19-418B-A6A7-CA19995A2BD1}"=""

"{86A306D8-85A3-4B42-A8C7-0BF0ADCDA887}"=""

"{F1182409-71C7-46FE-BC5B-1AF61F3A84ED}"=""

"{494160EF-E50F-4595-9444-03B8AF8D9AEC}"=""

"{1CDF8D13-1F91-4F1A-B1CE-93254C87523E}"=""

"{21EF7674-BC94-43C2-9961-C709E78B2FBD}"=""

"{DB937B46-EFEB-4091-9A84-94D8045CC1ED}"=""

"{A8FC50E6-BCA5-4EFD-9340-C23E31DF3404}"=""

"{A05368A1-ECE6-4206-A840-7F530FB1A71A}"=""

"{688FE73A-3E8E-48C3-9D69-2C9AA3F0B585}"=""

"{94E1EB57-D64B-4783-AD9C-068A3B0D70D2}"=""

"{D1504A7F-3569-46D8-8A2B-3D0D8D40C292}"=""

"{25B22A9D-3C6A-47AC-9CFD-06430BEC1491}"=""

"{BA969394-1B9A-4426-85D6-F6D6D8C90AB9}"=""

"{5F272E77-DB27-468A-BF5E-3CB3FB45DD83}"=""

"{8394EB8F-6B5E-4657-A2C5-76293DD10142}"=""

"{E5AE75EE-CB14-4BBB-B23F-89D491436785}"=""

"{2240AAE0-2D4D-4C31-BCC6-0E15A6DB53BB}"=""

"{6E3E5891-9501-4513-9780-AE9A6C60B29E}"=""

"{978E4AA1-9B88-4F66-800B-FAD6A13B0FE5}"=""

"{F7A87031-CF96-45F9-B910-EA3CB278566F}"=""

"{E32238F9-633E-43D0-A44D-08C036B635D2}"=""

"{FCB688CC-779E-4C43-AEE3-F91DDDD6C498}"=""

"{804E1A5E-7D84-442A-AB93-D17B84004278}"=""

"{F4AFCE23-23F3-4CED-B5CA-5EAB66CB3532}"=""

"{4952FBDC-7982-4202-B256-137937F58A93}"=""

"{E740CF30-207F-4B2B-8FB1-ED5626A825E9}"=""

"{22759C44-E73A-4E7F-96F1-23CCB2B64D79}"=""

"{AD73FBA6-582F-42E5-A3A6-DE819D241D36}"=""

"{4EE8A340-950C-419D-973C-A4439288EB22}"=""

"{A74AB8C8-754D-4702-991C-237ED56E09DB}"=""

"{AC4130E8-52C3-413D-A0B0-3DF51E621588}"=""

"{E77AC58B-4880-4885-903B-622A3D99194A}"=""

"{DCB7D378-2BDE-41DA-B4BB-140A91878D41}"=""

"{3E2C4D2A-7A1C-424D-906B-FC904669F245}"=""

"{1D11C2E5-C9D7-4026-AFB7-62F41D910E17}"=""

"{E2BDA35F-1197-4D08-AA8E-BDD6986EBC41}"=""

"{84127870-B6E5-448E-BDBE-53A0B162489D}"=""

"{4F28DD0C-98F5-4609-8796-77D0E3AEB3B2}"=""

"{900072BD-C136-469A-82C1-147D31E4F98F}"=""

"{01EA442C-D81F-4BF1-A5F2-D0BCD62B5B58}"=""

"{9FCEE110-0CA6-42D2-AADB-D0ECE509BA18}"=""

"{C878BABC-5D79-4BCA-8193-8981B580F9B6}"=""

"{90457240-0939-41E6-B122-B3B45C6602BC}"=""

"{141FF693-96D5-4943-833B-4CE0696DFD08}"=""

"{D58E0295-76EE-4F6F-9B56-F575E5C701A9}"=""

"{45A6796D-6561-47F0-B2B4-7970DCDBDC41}"=""

"{D38D8B0A-EFF5-434C-84BF-4484F3BA56D9}"=""

"{AAC68587-27C8-4979-B935-B33E56FA260E}"=""

"{58E5449D-59FC-4C2C-A246-F53A35227910}"=""

"{76181378-1D44-47BA-B3EC-7F288381A685}"=""

"{BB209398-93B7-428C-954C-EF7260A1B7EC}"=""

"{41560A98-C461-414C-A682-33CA21D6DF15}"=""

"{808A82C9-FF50-4698-A4BD-01716FCE6648}"=""

"{439BF37A-2F1E-4E87-97B4-8E9D7590DA16}"=""

"{298AF1F3-6A88-47BC-BD25-284E6BCD4D06}"=""

"{DE9F8344-35D4-4F4A-9A1F-1F75EEC8D96B}"=""

"{85C55C46-06E3-4BFA-847C-FF5136B797CC}"=""

"{9F16F0D9-C244-4052-9A0E-4F105FF97614}"=""

"{939364FE-C71B-4435-B90A-4212FB9ACCB3}"=""

"{CFCEBBB4-C189-44CA-B59C-AE2048C56E7A}"=""

"{5FE04C2B-2E69-4EFF-8E24-5BC208E99815}"=""

"{C83F60AD-495D-4123-A393-2F0F182AF60B}"=""

"{6C2BFF0D-C5A2-4C0B-8AC6-01101D46A1E4}"=""

"{41409D93-6537-4A1A-B2B2-A5A159244A8B}"=""

"{5E591210-59A1-45ED-9D3B-7B2DF9AC74A3}"=""

"{852E2CC2-8D2A-4747-8B8C-CACC37AC7058}"=""

"{81A1E7C9-EC48-4E90-BFE2-6C313A276EA6}"=""

"{0C48C737-4A68-41C3-8D7B-F143E08C290F}"=""

"{46A48004-D0C7-4591-BC85-6BB5AEF1F6B8}"=""

"{D4F6E4E2-D3D9-4139-B26C-4B3A918F3E16}"=""

"{01CA7039-A72C-46B4-A467-0476915E16BC}"=""

"{BD75FD7F-744D-4E05-8642-D324B8684500}"=""

"{81E25BCB-AB1C-4E2E-A75B-CF916EFD68BC}"=""

"{0E86B16E-E42D-4BF5-86D3-64B13CF7B5A1}"=""

"{172F507F-DEA1-4D01-A2DB-441985551FCB}"=""

"{053107DD-0D86-46F6-B373-DFCBD53A0163}"=""

"{CDA8326B-0167-483B-949A-62B48827A6E4}"=""

"{E914C0AE-3943-4D10-A669-1CFC67F00F4D}"=""

"{C8A8D1AA-D5D1-4F48-955C-DD7F1043A770}"=""

"{7475CB65-DC0D-4DB8-9D20-DA186F3B96C6}"=""

"{9E95AB6A-3374-4327-B22B-9DD301D4063F}"=""

"{7120342A-5AF1-44A4-8DE0-83A76FE8B8C2}"=""

"{E707FBDF-C7E0-44CA-9EAA-3EAAEC6D31C3}"=""

"{BCF8965E-B660-4ADA-ABD2-A825FB7923BF}"=""

"{68DB0279-C124-43A5-976A-9609DE2E193F}"=""

"{13F13E01-5C1F-440C-A3B9-6A7BE687DEF6}"=""

"{3ACE29E6-4C5F-4B7D-9999-02D1CBF9DA38}"=""

"{F22F68ED-BCB5-44E1-BD4C-5923EA3668CB}"=""

"{2CBDB5AC-3918-469D-A6B0-793398E3C58D}"=""

"{1AE9A48C-00EA-4273-BB01-AAA20D34E85D}"=""

"{BE1CBF0E-6B65-48A4-BC4D-525AA7C01078}"=""

"{8CBAEA73-40A8-4E7E-9FE7-3F518C23317B}"=""

"{49FE5CFF-A94B-4859-B1C3-29C2AF8CAECE}"=""

"{761760BB-1890-418B-A9DC-FEDEBDF1BF2C}"=""

"{B7D62EF4-CE09-48F2-A61E-552990D66B3D}"=""

"{BD6F911F-70E0-4D7B-A7CF-5178A6653D60}"=""

"{83998758-D7D4-4F80-B879-D7ADE64F900D}"=""

"{41D76D47-CFA8-4FE9-9A35-8A2B8C59B019}"=""

"{C41F3C76-6AEB-46BE-9489-AEA9D70A3A44}"=""

"{DAA27352-60CB-483E-9E59-B16116D474C2}"=""

"{13E0C7DF-2BE0-4E70-9E4A-DC7A3055623D}"=""

"{0D3FDEB1-1020-4F2A-9047-4ED38E9B8F18}"=""

"{E26153A3-78D3-47B8-9E7E-012C75C4B901}"=""

"{059B78F4-8E39-4272-9FFC-2763A555E667}"=""

"{BE9587F9-0BDA-4942-A6B0-05785D95C508}"=""

"{F9533564-60DE-409C-A65F-C2AD630D8AD2}"=""

"{778DADEF-D88E-4A7C-9D22-C591C17901EE}"=""

"{B5ACDD18-F4FC-42B0-9A4C-6CBE72BDE429}"=""

"{61AFDB86-79F6-4303-BB33-8BA6D81C7E7C}"=""

"{757E5531-7677-4646-B95A-504A47758FF1}"=""

"{8FBD8BA6-0D11-4B82-BFB5-32CF1B6AB46B}"=""

"{0D93C39A-AC51-4E1C-80FC-AAB857E28686}"=""

"{9479448C-DCC6-4DD9-B94D-4F3E8B4008BA}"=""

"{1883B736-56A9-422D-B32E-63E848D005CF}"=""

"{4A5D1F43-A149-4D6F-8D9C-E1CC8E07608D}"=""

"{82063BFA-04B6-4894-A4A7-16D4DC16F136}"=""

"{F31278E0-FCE4-4D07-91C3-DFB42410CE5D}"=""

"{188BDAC4-97B6-4563-BAEE-012B1E1DDC1E}"=""

"{068F0D8B-7FE3-487B-9F0C-3B9D1007D638}"=""

"{386C4664-48A8-4A4F-86F0-480B09A74510}"=""

"{890C9465-39C4-4A21-AD13-7EDA56BB4B7E}"=""

"{F91A248B-494A-4D50-B5C5-B46C364FA12C}"=""

"{82FC3E48-4067-4466-8385-FE0A3EC4C1CE}"=""

"{413C0776-156D-481F-A204-C6BC1FBA8166}"=""

"{2FEFDE2F-9DAB-42E8-A403-370FF43EDF8E}"=""

"{FA71B07D-0C90-44BB-89BA-0B99D11D6CFC}"=""

"{56DD005C-CAA9-458D-B2FC-8B5B675CA0CA}"=""

"{9AFC303B-430A-4367-9F4F-E5897FFEE61F}"=""

"{C157DC80-1A25-460E-9CBA-3C64A167071F}"=""

"{4234A369-AF6E-4690-A5B4-BA6A616F485F}"=""

"{4EBD6CB1-500B-4B29-81F8-88CF4E6246BF}"=""

"{0B1F8F17-0CCF-4C11-A6BA-D8C1AF562213}"=""

"{0309BC79-2FB2-4FC0-9739-15334241864C}"=""

"{A3542060-CCDC-4451-BEEE-9F931AF3A6ED}"=""

"{CC240C2D-6F9C-4551-BCDF-91C199504D53}"=""

"{36E2AC73-43FE-4F04-A4F3-9B833FB82ADE}"=""

"{C55EFAA7-D83C-4ABF-B5BF-E724C052537E}"=""

"{D7A2E5FB-05A6-429D-9F7E-7AC6B01C3A3D}"=""

"{90A01AC8-41A8-4DCC-898A-60051B34DB9B}"=""

"{CF5AF655-7BB5-4F1E-AC37-910A23916E56}"=""

"{0CD9B561-6E81-4AD9-B82E-336F443781F0}"=""

"{0CDA564E-DDDD-4153-8BEC-DFD747AD7C97}"=""

"{0355EE9C-6F07-45BA-BCAE-C3BC89A6C6C3}"=""

"{42373FC3-BA0A-4273-9125-B7E9947520B5}"=""

"{92D31B16-7BEE-43B4-833D-E9DE52FCBB54}"=""

"{1FE07FE0-CFBF-4125-A145-26B62D2DD2D5}"=""

"{A277FC47-2154-4717-8902-988FF29E6199}"=""

"{69A4E080-15ED-4DCA-89C8-8122D099951A}"=""

"{FDD2408B-2709-48B1-8AC1-3901761B70FF}"=""

"{54CD1526-180C-4A21-8785-64718FC63B38}"=""

"{3C7F985F-1D40-43C4-B719-A0CEFEE5D589}"=""

"{177093A7-112A-428B-9D50-6384B2BA4DCF}"=""

"{51540A3C-9EC0-4ECA-9131-AD9407FC18E1}"=""

"{B0EB794D-0DA1-41E3-9391-84F5902002D7}"=""

"{38FAB5F6-0A7B-494E-BA74-63549FE32081}"=""

"{3BC8B763-2904-4DB3-AA60-A0A0AB61D030}"=""

"{4C6AF7C0-2AE1-4D65-A402-BA3EE5AD7F32}"=""

"{6DB63A2E-847E-4949-8412-EABDA3715144}"=""

"{007AFCF0-9F02-44D3-925A-828B36F5C321}"=""

"{1EA5208D-DD47-4C79-B5EA-4B368BD49211}"=""

"{D232B789-DB62-4EAF-9666-FA62BC39CBE2}"=""

"{B798CF3D-5CFB-49A0-B8EF-8359274A17D9}"=""

"{D1C11798-186D-441C-A91C-FCF6A445B5B3}"=""

"{F2E4239D-30A3-486C-831E-7CF9FDFC3A27}"=""

"{D7DE1FBE-6DB4-4CDA-A835-810392DBABC7}"=""

"{BB37157A-0586-4863-AF1D-D6269BEF5CA9}"=""

"{5C90B76F-2359-4427-BFC0-EC4214A22785}"=""

"{F5D07E7A-D22D-4203-8604-3918F8221C66}"=""

"{CFB63335-28E1-4827-B05B-BDE730632B17}"=""

"{E32746D0-B0E0-4A15-8AB0-CE64DECCB1AE}"=""

"{057EA5FE-4A9D-45E6-943A-2DBD2EAF6BA5}"=""

"{3B727268-ECC3-42D8-95D3-63024757EF41}"=""

"{2460CD9A-BA1B-4B42-837B-5FB803F06000}"=""

"{06AD9289-65AA-4C89-A275-E6C4F6615440}"=""

"{C6633FE9-B65D-4F06-B01D-C47CBB96D20E}"=""

"{C6A9F763-1DCE-492C-85C6-ECD064207890}"=""

"{2962A038-8C44-4A26-B0B6-32661973E42C}"=""

"{23B56C20-D982-495A-B1E9-23744B4B7FD7}"=""

"{A975B139-DB7F-4D41-BBAE-C32FBD88B5C8}"=""

"{55C3406C-A876-4D7C-924A-6C7B693027F8}"=""

"{4F332DBF-9A1E-4780-9101-044A04548E92}"=""

"{8E5BCAB3-A137-4859-AEEE-0479AAA057AA}"=""

"{381B02FF-0326-4486-980A-11A588F40934}"=""

"{D444D1CA-B7C3-4FF0-9793-181935FDFDF9}"=""

"{F6C6CDB0-F556-4E12-963C-7A5881E54FF7}"=""

"{332F28BD-524B-4C92-B176-1146FB149F90}"=""

"{949AEB8D-82EE-44E3-855C-8CC8436137D2}"=""

"{77DF3DDD-7D8C-4A04-9BD3-90355F602A02}"=""

"{F78B3E69-81C9-4A9B-BCCB-46DFE5DB6025}"=""

"{2815B806-42BC-4127-B17D-EACBDA6C3D6E}"=""

"{C2F70735-0B51-4906-9F4A-18AFD047020F}"=""

"{9E07ED5F-3A5F-4366-A7C8-E195AE01BAD9}"=""

"{2DFD9C15-072D-40C4-8773-6C3BEF94B5EC}"=""

"{B0F31970-E8F8-40A6-9628-2AE5F4EEAAB3}"=""

"{AC58D164-678A-43C3-BEEE-4A2CE1649BC0}"=""

"{6642E63A-C1BB-49A0-8567-5A8E4C6D2EAF}"=""

"{F0112CF2-4380-48BF-B3AC-F0A0ADAD4AD3}"=""

"{F67E97B5-8737-4304-887B-074144ADCC79}"=""

"{8B91AEDF-C152-4AB1-BFD4-3F6F590B5ED7}"=""

"{DEC3B9A1-7AB5-4D97-9B50-A0B9F2E9AA19}"=""

"{D625E22F-DD23-4402-B26D-5F10BE583959}"=""

"{1BE08486-A4C5-45CD-93AD-197BCB74AFA1}"=""

"{4EDD2215-5AE0-4708-A03C-3A4D099F20E3}"=""

"{0268CA71-7918-43D6-8363-629CDAA9E90B}"=""

"{47407DA1-3C7A-49DA-BC1F-D258A7578EDA}"=""

"{4980A0E1-BB55-45AF-BFFF-5F9EA8B655FD}"=""

"{7EF78915-578D-41EB-8C6E-B173A86943BB}"=""

"{FC29BB7A-0875-41F3-AB70-F5AEDDFAD306}"=""

"{58A1C26C-517E-4E70-A8BE-21F41583A5D7}"=""

"{DF363D90-B34D-46AA-9DF5-AF2CEE8E260B}"=""

"{55CD9F7A-5B97-406C-ABD5-F8A1C5485F54}"=""

"{8F67ADDF-76C8-4840-B1AB-69ACC9DE6332}"=""

"{EBA4617B-A0F9-4BF1-814A-5C52D167EC96}"=""

"{A6F9983E-8747-4100-8FD4-39E713E014BE}"=""

"{88709C20-DB59-4E47-A7E1-674820E3A08C}"=""

"{92D706CE-5293-4E90-AC7E-3A1FF8CE997D}"=""

"{E04A9A63-9801-4184-AE67-AB31BF63F1F3}"=""

"{892952D6-8B3C-4E83-AE06-448C88F4F887}"=""

"{C5159E76-3EC5-4F33-916D-5DB698F2C241}"=""

"{B9DA6DFE-E22B-48F2-A549-3995B6D05D3D}"=""

"{C281D7F1-7166-4B4D-BB5F-DD0F5AF973C2}"=""

"{B0C16175-0C23-4BCD-95F2-7DDC7766445C}"=""

"{9E09BD6A-E0A9-4B99-AB7B-E64361D694CF}"=""

"{9566CF50-6CFD-4D98-A0AC-8D211F8CC5D6}"=""

"{59C0DB31-6AC7-4C5D-B323-5BB67F594210}"=""

"{14DF8F42-2125-41FB-84A5-C099611CD8D6}"=""

"{B794CA7C-F33C-4041-B6EB-0BD536E2DE09}"=""

"{1A6430F3-25FF-4CAA-BA41-2352C9874E4A}"=""

"{F2CEE03C-FCE7-4946-B69E-BFDD78829492}"=""

"{BC16B52F-43E9-476D-B027-B023E3F6FC2D}"=""

"{A5209430-76A1-44D3-808D-2C2E6C9A2A2B}"=""

"{365F41E6-F140-4D3E-A90F-9BF206777188}"=""

"{EA2C7023-8572-4CAF-A8FA-F92BDD537512}"=""

"{745CFECE-1B8E-404C-8BB9-3C047564EF65}"=""

"{C2B720E5-FFE0-45F4-84DD-7852E85DA5D7}"=""

"{4B953294-46D8-42B3-A464-F557B7CF3FDF}"=""

"{8BE7D3BE-EFF8-454C-A331-308C17F42C6F}"=""

"{3CEE7406-65BE-46C2-A68E-97FCB4CE8381}"=""

"{A3D78DAB-FA0F-439B-B310-C954C38FE299}"=""

"{A9089063-B0D9-4ACD-8FF7-506497193D3D}"=""

"{BE20FE9A-D75F-45CF-B3D7-96219DE7DF63}"=""

"{A66580EC-0BC9-4201-B2F7-399749DA7A9E}"=""

"{EF30B02D-D826-42F2-AC7B-27CF98AAD402}"=""

"{16E55AEE-D8C3-4F65-B4B2-7C388F076F06}"=""

"{39A5B444-5A19-4276-862C-C859CD73827E}"=""

"{83B9DC24-FB49-41D2-B25A-7959277E42D3}"=""

"{FE0520C8-B361-409D-8CD7-24630D47CD9F}"=""

"{7F67D5DE-6B7D-4120-8497-980A4AC72F5D}"=""

"{CE451B2E-EA9B-4326-BCBC-AFD4B2A1AE17}"=""

"{CDD7907A-37DD-4CAB-B052-ECE17C0D825C}"=""

"{A8DD949A-B3B9-46E7-9962-29CED0837B5D}"=""

"{4B1D2AB0-830F-4B0A-AFC4-4FEEB5E2AD9A}"=""

"{DB295ADC-39CC-4003-8995-2C1B435B7649}"=""

"{1D97886B-33A9-4353-9CF6-9DCF7451D90E}"=""

"{2335CFE3-6B0C-4901-9FEF-18A84E677609}"=""

"{AB9C4C32-4413-4008-B5D5-06AF1DD8FD63}"=""

"{EF79779C-E975-4E31-926F-025B4F6BAD31}"=""

"{7BB4B85F-F28D-422C-821C-EBAD9A029D06}"=""

"{2F96F068-B3F2-45DC-A70E-4C6C3AE5AE74}"=""

"{2023659C-6F51-4AC5-9006-FD784702D045}"=""

"{4AEB9060-8BB5-4CD5-9423-55342A6478FF}"=""

"{7D06E5C1-59F0-4631-A40D-89DEFE0CCCA9}"=""

"{14336BCC-5558-4B22-885A-2B5E444B8DDB}"=""

"{19F41039-63F8-4EEC-A908-4C242A7E054F}"=""

"{ADC4E506-DA47-4D0E-839B-8BCBA513F085}"=""

"{CA7BB016-4698-4B36-A6B5-0874D732BFFC}"=""

"{72F41B98-A51A-4085-9E5B-2725E72FE2DE}"=""

"{F160C9EF-E82F-415A-9F5F-372DCE4D4FE8}"=""

"{AF33EAC9-1453-4317-94D7-81843CD16032}"=""

"{947498F8-A6CF-4EA9-9FC0-C5D26F445B80}"=""

"{5E432886-EE04-4519-AC3D-0773A79A980C}"=""

"{91181A40-9C17-4256-A8E8-F129CB56FC35}"=""

"{E20B43BC-9809-486A-9A8A-AE7BA3615F87}"=""

"{39385FF8-4896-4745-BB14-56596DCD3F8C}"=""

"{93BC7B25-0089-4581-ADED-B15CD94FEAFB}"=""

"{7AA7F0EE-4901-478F-B541-AB4B32F2D0B1}"=""

"{EB0DC580-FA32-44F9-BE15-59F09AED950C}"=""

"{D3D5E74B-E3E2-43FC-8652-CF91A9CCDEAB}"=""

"{FA50C66C-9927-4761-93DA-D91A30393361}"=""

"{35330F86-749F-4327-B6DB-81D714273A7E}"=""

"{A26F9136-D151-4BEF-89F1-BEE7ADE9021C}"=""

"{6F5CDF88-4812-42CB-BC75-9638CA30EA1B}"=""

"{1B9D8264-618B-46B8-B242-F01FB4A648A1}"=""

"{29929059-E9FC-4EB9-B6EA-ED80EAF24081}"=""

"{00071683-6A86-43C9-9614-2A720DD63F46}"=""

"{104B6336-6849-4861-9BEF-3898EB2615FC}"=""

"{984BF3E4-30A4-4722-988F-0871E4BC5854}"=""

"{BE8B32BF-5CDE-4C8D-AB2B-3164C353FABC}"=""

"{B70BF684-E780-47D7-8EF3-A85C93BB0FC7}"=""

"{FB56E528-72E8-497C-9F83-35A4EDEFFF44}"=""

"{6DF687DC-C619-48CC-BAD5-635723E2A235}"=""

"{3081B6FD-09D7-461C-AF83-6BC42D45E6D0}"=""

"{2F007AE0-79CA-46B3-BF48-1673A620474B}"=""

"{8B944DB8-DA72-44FC-AAD4-C86EE560E6F4}"=""

"{61ED1F71-A418-4E56-834C-B71AABD0D155}"=""

"{462AF299-E2D4-4F28-B7CB-3534A010521D}"=""

"{BD966562-A9A6-4A54-BE71-37F41592FFBB}"=""

"{35D3EDAB-78D4-46B3-80CD-81D625166770}"=""

"{D2CF1493-508A-4EC4-A9EB-693787F7C4FC}"=""

"{1973158F-662B-4879-B84D-4013F0F3653B}"=""

"{61961AE7-F338-45BF-8A60-C4BB709E030D}"=""

"{3DEAC8C2-350C-4DEA-92C4-38A8D0A0CC5C}"=""

"{B4DE1859-C150-40C1-8DEE-D80973B32D77}"=""

"{E698D99F-70B6-4F18-89EA-B14D620F4DDF}"=""

"{CBE8DDEC-84CB-4429-88D1-8F06BAE6478B}"=""

"{D504A53E-C843-435E-A7AE-7EB07F04E1F0}"=""

"{1985A71A-CF04-4A84-8C90-6A7943115118}"=""

"{C49C7400-1449-4F58-B98A-D7E59C665365}"=""

"{809874FC-A373-4A79-A68B-2AB099D7E96C}"=""

"{FFFB8DE3-A78D-4D5D-A68F-B54AB328546D}"=""

"{CDAA45CA-AC84-42D3-B2EC-B2B5695902D3}"=""

"{F2B31337-2BB0-41A9-A923-C8244B1C4D32}"=""

"{05C5ECF4-3720-45F2-B567-1E463BC8E258}"=""

"{E1020E7D-8BA2-4633-B39E-538A4CFB3AB1}"=""

"{3E814F01-AA15-43C5-8402-4D7FE25E91A3}"=""

"{98CD3B48-153E-4926-99CC-A38ABAF2E07B}"=""

"{89011593-176F-4F06-B508-C6761E4FE50C}"=""

"{37EA6D5C-3F15-44AA-AA88-8D541F75E1CB}"=""

"{08AB4856-8E02-4A3C-85A4-6DD44FFF6FD9}"=""

"{F69DEE43-F67A-4D7A-B00B-0D1B1489BA38}"=""

"{B48E90D9-85C3-4B1F-8626-B82AB0FB88B3}"=""

"{2F8306E3-7739-4E38-A95C-96DBF4577DEF}"=""

"{07D96A00-245C-4626-BE90-8B56997E76A0}"=""

"{509F9AB1-4846-45F6-9CE9-93B5E96C2CBB}"=""

"{A73EF8A2-5288-46E3-9233-69CBE8CD5513}"=""

"{33C752A4-37B4-4F49-A833-440CC5AA8F47}"=""

"{0A7DF165-430C-4AB3-A609-F22AFA826173}"=""

"{8AD06B35-80C4-4F0D-9DDD-484000C87298}"=""

"{33CB3232-B985-47C3-8249-19A7827FB78A}"=""

"{9C030DF0-97E5-4238-AEE9-BFD704B85355}"=""

"{AFFE8E86-2466-4727-9292-B707DF0EF123}"=""

"{79EAEF74-1E8D-4658-A1CD-A4DA757401F3}"=""

"{B1DB6B83-9B1C-4BE8-8995-5E70B3DA6B37}"=""

"{6E3E14E9-B087-4A9C-80B8-5CBA613C568C}"=""

"{74649769-D42C-44FC-8A38-D24F777C6B66}"=""

"{96840F06-66D8-4503-BA7D-6E6EB9B670E7}"=""

"{C9618663-7806-4D16-B1D3-6AC2A192342B}"=""

"{4FF7C8D9-65FF-4BE7-889C-7412383C526F}"=""

"{2E2CFD69-DF32-4226-9938-D0EF5787A96C}"=""

"{F1A6E9CD-2B04-4533-8EA9-7B3077F05034}"=""

"{E89E0392-FED9-4899-BBBF-BD703EB3F0D3}"=""

"{5AAB19D0-8705-415E-B1D9-948B11DD3083}"=""

"{E4A48A45-2E85-40A8-9075-94C8664B4075}"=""

"{B92BC8B0-6D5F-4A87-BC72-626036476508}"=""

"{10E52DF1-61A2-4CEF-9685-A0B7D3997233}"=""

"{F4F6A61B-B0D7-4A35-BC04-9E5A6CE4B8CF}"=""

"{30D85163-95A4-4FCE-BD07-5211A31C6650}"=""

"{26AFDFE9-6FEE-4BAE-A9F6-CEB409C28AC9}"=""

"{6C22098D-B814-4219-A395-CB3740573D59}"=""

"{63E12BD3-CAB9-40D7-9A8F-A4ED0C8CA413}"=""

"{95B6F538-9959-4F77-BC30-2F6AF05DD24E}"=""

"{EFC33DBD-89C9-4803-B89E-FC5D09DA00AB}"=""

"{10BAA065-80B6-4C3C-9498-75FBC35A87F5}"=""

"{E8B2FD09-4069-4CC5-B6A1-774B9B8277A4}"=""

"{1AEA0E3C-D397-4592-B1E9-E3012404CD30}"=""

"{12B82B87-CC3B-4819-9D8C-849530D5BBB2}"=""

"{A71C2514-DC51-4091-AE8B-4A44A2BB1FDD}"=""

"{6B20265F-D71D-41F4-A34F-58C5C6A3E343}"=""

"{14891670-2386-4908-BC64-88DE7D2D14F3}"=""

"{34393651-A1C3-4562-AC7C-FC30B7A9B98D}"=""

"{740857A7-BFC5-4CB3-9975-3BED84D04043}"=""

"{F5925342-A5CD-46DC-B83A-8321309EEE7E}"=""

"{46A1410B-D2C6-46A5-8FEA-C97DE039F2BF}"=""

"{8C75ED72-E627-46F4-8454-269B28453B2D}"=""

"{6DB817B3-AC10-4C0F-B81E-B3FCB87BC0A1}"=""

"{23A9CFE4-32AA-48C0-9174-97FE7370E9DF}"=""

"{9612E2AC-8B10-4AA9-98E1-4A65A42F4919}"=""

"{73708CE2-C452-4249-82A3-6848367447CC}"=""

"{0A8525FF-D88B-4E47-A14A-B0683CBFBD13}"=""

"{6134A775-5824-429A-A719-91377D47EF71}"=""

"{903EB1CF-1CF7-4227-886C-DDE84977986D}"=""

"{CA89C4F0-F2C5-4F34-99AF-4A18C21EC339}"=""

"{32B9783B-0144-4113-ABDE-C2C8F4E6D641}"=""

"{A0815148-9426-4907-9008-A133DEFC6720}"=""

"{55E6CA81-8421-42E1-8F39-358861BD89DD}"=""

"{479B151D-8CF3-4FBC-BF9B-442E63CB08D4}"=""

"{96A32624-7266-49B1-BAC4-07E1F124C857}"=""

"{8447F044-AC39-449D-AF79-9D434F11C55E}"=""

"{BA173159-54E8-4454-936A-FB9702D11D45}"=""

"{483806C3-FD04-4587-87C6-50D7244E3DC0}"=""

"{FF6AA72F-2239-445D-B5B0-288F6A5B85AB}"=""

"{793AD785-CBB4-4217-A25E-ACD77FCFD5A2}"=""

"{9C92C8BA-C6FE-4FE9-AFDF-7A845E2E96BB}"=""

"{B4B349DD-23B9-42AC-AE6E-6E4A96A7A86F}"=""

"{0ADF9828-4DC4-4E40-B980-85591D193B1A}"=""

"{8AAD45D2-ADA8-4B0D-A0CB-0CE9DE6425D1}"=""

"{1DE1077A-BB25-4681-81B3-CBFEE1907260}"=""

"{097CAA4C-CA92-4802-BF26-B29D5565DE0C}"=""

"{5D14B2D3-986A-45C3-A1DF-191D2485C8B2}"=""

"{B6C31F05-127C-4C22-8620-85A7963C069D}"=""

"{6D9E647F-B511-46DA-99FC-1EE6F64CEE54}"=""

"{1ED650EF-656E-4B8E-B7AD-6EE48AB16838}"=""

"{E1E8A3CD-1CCB-442A-97CD-4678515B2DBF}"=""

"{B7CE024E-D61B-42F5-81F4-817A3D438DF7}"=""

"{9C1D08BB-D643-400C-B83D-EB0FC208EA73}"=""

"{8D921B52-61E6-4434-A7CA-D281B1837541}"=""

"{83FE99E1-2E52-4ADE-BAA8-FF403EA67EEB}"=""

"{AB2FA757-B513-4D42-888B-F582FCFCED86}"=""

"{09739660-A8E7-4B02-ABD9-D7CE0BEADED5}"=""

"{B12E3C3A-5F15-4B5D-8A44-167E49C6C728}"=""

"{A675AC67-7DED-443F-8280-0C1E59FA829C}"=""

"{8924EF52-435E-457B-9FD6-9FF5790E998C}"=""

"{2B76F117-36B2-4159-80B8-CA4AF2C10E1B}"=""

"{E6E6D520-07D5-47B0-AED5-F95E05D969AD}"=""

"{F9EE1CE7-E065-4E95-805C-2EE704D67711}"=""

"{430D779F-FBBF-428D-ABAD-B761F6E5A738}"=""

"{229BA125-3F0E-4D7C-A1AD-2B8A392D6670}"=""

"{6B612BC3-DB32-444D-83E1-04793176C0AE}"=""

"{F50826C8-719E-44F2-ADCF-97B77D28223B}"=""

"{D24310CC-97E7-4C86-B2E0-344A2C9E420B}"=""

"{AB9DF636-5824-439B-A3D7-9AD6A0528801}"=""

"{3250265E-5F42-4AA4-A8AE-1907BB0D8899}"=""

"{D41DF0F0-A5D1-4F4A-9474-2CC3D5C7B360}"=""

"{4245C0A0-8DBF-409D-AA87-F009904E49A5}"=""

"{B9334E6A-2A17-4B87-AE1F-EC1502C8D73E}"=""

"{A3C6F415-D6DC-4E60-848A-15C673946B4A}"=""

"{B6D5778D-BE53-4873-B224-0136FD72CC0F}"=""

"{DC616909-D7E4-4DF2-9C7F-E6EB78E5AE3C}"=""

"{59654048-5724-4208-9F97-686823503A51}"=""

"{F3AFEB8A-69B3-4CCE-9C3B-EB673962A354}"=""

"{A9168DB4-DE44-4D7B-B6CC-F91D0BF820A0}"=""

"{0A71D8FD-F78D-4493-989D-A33464651A4E}"=""

"{6A1642A5-6C7F-485D-B65D-8A1564446D8A}"=""

"{D00129D1-690F-412C-AD67-7D7FC60DAC04}"=""

"{036ACA06-F8AD-40D8-93BD-59CF9E0DC186}"=""

"{41BBE341-E693-4A40-AD2C-C84F196E926B}"=""

"{E76E3D36-2791-49D9-9B8E-2C0D1BB9394D}"=""

"{53753496-A21D-4026-8667-34285AD9B5AC}"=""

"{F5C97428-9F89-4794-B41D-44D520B11C67}"=""

"{9F5EA216-9AF5-4BFF-AB97-93CFB17150C1}"=""

"{B72D227F-98E6-473A-8665-16A4CD41A51F}"=""

"{F6BDBD9A-AD76-4C2A-993E-D9AB15114F89}"=""

"{9516BE4D-5D88-4B12-B2D9-A93961E4A3F9}"=""

"{12B12B26-2DDE-4FFF-88DB-29A61B472050}"=""

"{FC8E2049-8522-4FCD-8EAD-88E59C06F515}"=""

"{5A61489B-03B8-4A53-9F76-5F37724D0624}"=""

"{0CF480E4-7F52-4365-8A36-FAC56199718D}"=""

"{8E28053C-5BA1-428F-9700-B2D68D3A6B97}"=""

"{B089314A-5FAB-4AA1-82BA-CCA53472A721}"=""

"{92A2E2E7-C4CB-431F-9DA3-EEC756980266}"=""

"{8929124C-D561-48DD-992B-98A82EF8C3A9}"=""

"{BE749C94-C4A0-49A2-A52D-BEF128B47EC9}"=""

"{FE45DA0D-0D74-4A66-B096-B00BC441D1DB}"=""

"{BA3F2412-F074-4BFE-917B-B2FD047C3EB7}"=""

"{C03431D4-5558-426C-8B63-640A2ED52663}"=""

"{A542C7FF-8B0A-48DE-9DA2-AF02AD867EA1}"=""

"{1B883A56-F76C-4A7B-BD06-223F96AFDB7F}"=""

"{7B2C0F78-7CDE-4B91-8B37-2999B8496C41}"=""

"{0D4836EC-448F-49DD-B771-C2C358AA39A1}"=""

"{EC529A7C-7CF4-4706-9BD0-17233D4120B8}"=""

"{0AF3B0D5-4005-41B0-A58A-FB4752F454F9}"=""

"{C4FB7CBD-8917-440D-8FCF-823C34971C34}"=""

"{3670ACD3-59C0-40DC-B58E-80CDC14EE47D}"=""

"{03DA943D-174D-4040-BCE2-1FAB8F588481}"=""

"{A6891400-5128-4AC2-BECF-7EBC6778674F}"=""

"{4A5BFA00-B04B-4CA4-AA27-906F06E1A0D5}"=""

"{F66F4C2D-632E-47D5-B07F-A91FD6EED6A4}"=""

"{3926DD2F-2DE8-4B60-9817-C58B560CB947}"=""

"{DCBA70E9-EBC2-4A6D-9D7E-641955CE5EDD}"=""

"{11A98A3E-2C7C-4F1F-9382-144AE8BA4957}"=""

"{330202F2-EB7E-4EC2-9AE3-CC5B0DCF5FEB}"=""

"{DB4D2A03-E9D9-44D2-879D-19BC9D2D4D1C}"=""

"{5F2EED30-B8D4-4FB3-9312-B106383395DC}"=""

"{F8633B8D-8F22-4D7F-A942-D954FF812A56}"=""

"{4B8A77C1-9460-4B86-83E0-FC9D4B255D96}"=""

"{8D01CF9E-CA41-40C3-8D46-AA794764A7CD}"=""

"{6C2533F2-9F43-452B-B9E8-6AC17B465D59}"=""

"{7326DF67-9E92-43E9-8122-642241429F70}"=""

"{D1894612-1D79-460C-A588-9F4018EA44EE}"=""

"{296EE9EC-17E4-4F9F-AB9E-575322DE4BF4}"=""

"{BAA28A85-A043-4C1F-8CB2-B4A83529F098}"=""

"{08F19DF4-9B3C-4D94-A995-8662610F8397}"=""

"{2B8DF6F2-C8B9-4284-B04A-C0ADC53D0731}"=""

"{275CF35B-DFDA-46DD-9A90-C067E0E8C655}"=""

"{F5BDAEA3-4FB1-4D50-8F29-75A257553FEE}"=""

"{6125F93C-D129-4DF3-ADC9-892FFC1A1BD9}"=""

"{E938EB2D-770E-4AB6-AA5B-2F33688E3340}"=""

"{FD5B539D-98FE-4E41-AF42-83D14C794845}"=""

"{3A22D395-B834-45C4-95F7-44EF805875DC}"=""

"{F685D12F-3FAE-4FE7-AF21-078F4D6600F9}"=""

"{011EEB29-C3E7-497F-B054-F65C796A975C}"=""

"{38EBA84A-0A8A-470E-B780-333125DACB3C}"=""

"{2EB8FCFC-0355-492D-9A10-7EFA13406A9E}"=""

"{0F74C8B1-8A80-414F-80D5-365D759E9D3B}"=""

"{DADB296D-BF41-47FC-83E7-59754D14CE35}"=""

"{9826931A-7D76-4D03-ABD3-77D5641D7AB3}"=""

"{BC058980-E8A4-4CD2-ABA6-D50A09A6CDBD}"=""

"{2D650D8A-E2FD-429D-96DE-C68CC08E3936}"=""

"{BABECCDE-FACC-4AF7-9E2B-2A1D426ECA31}"=""

"{0D4F373E-EAF5-4A46-BC88-827D07DE6624}"=""

"{C105F33B-F0F0-4E1D-B4E2-8CE1F3ABB792}"=""

"{FD77B32D-49D8-4C67-BF97-162B3CF5C27A}"=""

"{2444A8E3-89EB-4EA3-82D3-B40B91B7309D}"=""

"{A6BFDA2D-8155-4992-8778-D0B125155CD6}"=""

"{DF33E428-A0A5-4A1C-91E3-8F1262C993A2}"=""

"{D072F3E9-98E4-42CE-B82E-A7DCF034EC2E}"=""

"{CA909B3F-7CA4-4CB4-9B38-B1052AAFA1DB}"=""

"{E0D3ED65-FE5E-4049-967F-F75F0100D9A6}"=""

"{E936D713-2680-403E-899F-9AB4168C77CA}"=""

"{3C9EE5E6-2CE8-4198-B175-C7CBE3009527}"=""

"{2D67431F-6A52-43B2-BFE5-7C3539BFBB08}"=""

"{BD81498B-726A-4783-B4F4-9C7C54D15CEF}"=""

"{1670C621-5548-4634-A5F1-F01761ED3587}"=""

"{920A789E-6704-4953-AE63-F0B23099F2C9}"=""

"{02DC2067-09A3-4FE6-A936-608576BBBBA0}"=""

"{AE920931-415C-4DEC-8B1E-7026308C02BC}"=""

"{9C2600ED-A657-4CF4-BBFA-70D0A066CE7A}"=""

"{28FA9215-7635-4393-9725-745C8D9A4F6B}"=""

"{136D5D3F-DBE7-46CA-B4B9-F579D1BFDF3B}"=""

"{22DEE976-9A07-4B18-A990-DD6410F6A234}"=""

"{16F06FF9-257E-4CE9-9420-EE2417625365}"=""

"{C14DAEFC-86AD-4B99-B2B3-7CAF1B6EE46D}"=""

"{99BF59D9-F958-4B05-A497-2B992D468716}"=""

"{5F41CAB7-7C4C-44C0-BADF-02FA569B4058}"=""

"{D15D9D12-3BC1-48E4-88DC-48ED6B958293}"=""

"{EE1FE380-C3FA-4C93-ADB2-A339A130285D}"=""

"{D74910CA-23F7-4FD0-A375-E2A2855023E9}"=""

"{2CC2DCE3-6B21-4C71-9ECA-94CF74B2FB44}"=""

"{A1B3848A-5B72-4929-B30D-56C1022BB8A1}"=""

"{0270EF27-CEAC-42AB-81BA-9F73C203F937}"=""

"{13AE51CD-94EB-4C23-9AC4-44BE866D7246}"=""

"{52E886E2-58BB-43F7-9F89-E89322027689}"=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2014-02-10  23:02:34 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2014-02-10 22:02

.

Vor Suchlauf: 16 Verzeichnis(se), 429.535.105.024 Bytes frei

Nach Suchlauf: 23 Verzeichnis(se), 429.378.539.520 Bytes frei

.

- - End Of File - - E12A2B432F5A5460ECF5DE2B23CEA28C

--- --- ---

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Nun denn, so sei es

Code:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2014.02.11.08
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

User :: DESKTOP [Administrator]
 

11.02.2014 21:40:03

mbam-log-2014-02-11 (21-40-03).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 244433

Laufzeit: 1 Minute(n), 46 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Code:

# AdwCleaner v3.018 - Bericht erstellt am 11/02/2014 um 22:04:01

# Updated 28/01/2014 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzername : User - DESKTOP

# Gestartet von : C:\Users\User\Desktop\adwcleaner(2).exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.16428
 
 

-\\ Mozilla Firefox v27.0 (de)
 

[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kh1a56dz.default\prefs.js ]
 
 

*************************
 

AdwCleaner[R0].txt - [3467 octets] - [04/02/2014 22:27:15]

AdwCleaner[R1].txt - [919 octets] - [04/02/2014 22:42:34]

AdwCleaner[R2].txt - [1037 octets] - [10/02/2014 20:25:17]

AdwCleaner[R3].txt - [1156 octets] - [11/02/2014 21:52:59]

AdwCleaner[S0].txt - [3428 octets] - [04/02/2014 22:33:10]

AdwCleaner[S1].txt - [979 octets] - [04/02/2014 22:44:57]

AdwCleaner[S2].txt - [1099 octets] - [10/02/2014 20:26:06]

AdwCleaner[S3].txt - [1078 octets] - [11/02/2014 22:04:01]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1138 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.1 (02.04.2014:1)

OS: Windows 7 Home Premium x64

Ran by User on 11.02.2014 at 22:22:04,89

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5CECF5B5-E11D-486F-B309-86D01C665C36}

Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6AD0238C-83F1-4228-B834-A4B3429D9E52}
 
 
 

~~~ FireFox
 

Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\kh1a56dz.default\minidumps [1 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 11.02.2014 at 22:26:32,82

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01

Ran by User (administrator) on DESKTOP on 11-02-2014 22:30:01

Running from C:\Users\User\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(AMD) C:\Windows\system32\atieclxx.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)

HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-07-16] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)

HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-07-16] ()

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [975800 2012-07-16] (Samsung)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-08-16] (Hewlett-Packard Company)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-28] (AMD)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6356EC21A8ECCC01

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - {62A06542-6440-4735-8DA3-A8EBA56D87ED} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kh1a56dz.default

FF Homepage: hxxp://www.t-online.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-13]
 

==================== Services (Whitelisted) =================
 

S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3606008 2014-01-24] (devolo AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] ()
 

==================== Drivers (Whitelisted) ====================
 

S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)

R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)

S3 gwiopm; C:\Program Files (x86)\Slotman\gwiopm.sys [3904 1998-06-03] ()

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140209.002\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140210.033\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140210.033\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2014-01-24] (CACE Technologies)

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()

S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)

S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)

S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)

R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)

S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [X]

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 TRIXX; \??\C:\Users\User\AppData\Local\Temp\TRIXX.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-11 22:26 - 2014-02-11 22:26 - 00000966 _____ () C:\Users\User\Desktop\JRT.txt

2014-02-11 22:07 - 2014-02-11 22:07 - 00001218 _____ () C:\Users\User\Desktop\AdwCleaner[S3].txt

2014-02-11 21:12 - 2014-02-11 21:11 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT(1).exe

2014-02-11 21:10 - 2014-02-11 21:11 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT(1).exe

2014-02-11 21:07 - 2014-02-10 20:23 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner(2).exe

2014-02-11 21:06 - 2014-02-11 21:06 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-11 21:06 - 2014-02-11 21:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-11 21:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-11 21:01 - 2014-02-11 21:01 - 02151424 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe

2014-02-11 21:01 - 2014-02-11 21:01 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion

2014-02-10 23:02 - 2014-02-10 23:02 - 00093244 _____ () C:\ComboFix.txt

2014-02-10 22:37 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-02-10 22:37 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-02-10 22:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe

2014-02-10 22:36 - 2014-02-10 23:02 - 00000000 ____D () C:\Qoobox

2014-02-10 22:36 - 2014-02-10 23:01 - 00000000 ____D () C:\Windows\erdnt

2014-02-10 22:36 - 2014-02-10 22:36 - 05180173 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe

2014-02-10 22:35 - 2014-02-10 22:36 - 05180173 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe

2014-02-10 21:47 - 2014-02-10 21:47 - 00023636 _____ () C:\Users\User\Desktop\Addition.txt

2014-02-10 21:45 - 2014-02-11 22:30 - 00016277 _____ () C:\Users\User\Desktop\FRST.txt

2014-02-10 21:44 - 2014-02-10 21:44 - 02150400 _____ (Farbar) C:\Users\User\Downloads\FRST64(2).exe

2014-02-10 21:20 - 2014-02-10 21:32 - 00000000 ____D () C:\Users\User\AppData\Local\NPE

2014-02-10 21:18 - 2014-02-10 21:18 - 03057128 ____N (Symantec Corporation) C:\Users\User\Downloads\NPE.exe

2014-02-10 20:50 - 2014-02-10 20:50 - 00001918 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-02-10 20:50 - 2014-02-10 20:50 - 00000000 ____D () C:\Program Files\HitmanPro

2014-02-10 20:49 - 2014-02-10 20:54 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-02-10 20:45 - 2014-02-10 20:45 - 10820032 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64.exe

2014-02-10 20:37 - 2014-02-10 20:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300(1).exe

2014-02-10 20:36 - 2014-02-10 20:36 - 00000000 ____D () C:\Windows\ERUNT

2014-02-10 20:35 - 2014-02-10 20:35 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe

2014-02-10 20:23 - 2014-02-10 20:23 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(2).exe

2014-02-10 09:40 - 2014-02-11 02:42 - 00000000 ____D () C:\Users\User\AppData\Local\SAdK

2014-02-10 09:40 - 2014-02-10 09:40 - 00000000 ____D () C:\Users\User\Documents\SAdK

2014-02-10 09:39 - 2014-02-10 09:39 - 00001330 _____ () C:\Windows\DIFx.log

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\User\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\Admin\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2014-02-10 09:37 - 2014-02-10 09:37 - 00000000 ____D () C:\Program Files (x86)\Ubisoft

2014-02-09 14:38 - 2014-02-09 14:38 - 13255324 _____ () C:\Users\User\Downloads\de752oc.zip

2014-02-09 14:35 - 2014-02-09 14:35 - 08556299 _____ () C:\Users\User\Downloads\b753desc.zip

2014-02-09 13:33 - 2014-02-09 14:34 - 25660442 _____ () C:\Users\User\Downloads\a380_lufthansa_d-aimi.zip

2014-02-09 13:29 - 2014-02-09 13:30 - 29049929 _____ () C:\Users\User\Downloads\berlinb72era.zip

2014-02-05 22:41 - 2014-02-06 00:58 - 00020866 _____ () C:\Users\User\Desktop\Beitragsordnung_20140205.odt

2014-02-05 22:02 - 2014-02-05 22:28 - 00023755 _____ () C:\Users\User\Desktop\20140205 - Entwurf einer Satzung des Queen Lui Slotracing Berlin e.V. (o. Kommentare).odt

2014-02-04 22:42 - 2014-02-04 22:42 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(1).exe

2014-02-04 22:42 - 2014-02-04 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-04 22:27 - 2014-02-11 22:04 - 00000000 ____D () C:\AdwCleaner

2014-02-04 22:26 - 2014-02-04 22:26 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner.exe

2014-02-04 22:20 - 2014-02-04 22:20 - 02080256 _____ (Farbar) C:\Users\User\Downloads\FRST64(1).exe

2014-02-04 20:53 - 2014-02-04 20:54 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-04 19:59 - 2014-02-04 20:05 - 153481200 _____ () C:\Users\User\Downloads\47pfl6877k_12_fus_deu(1).zip

2014-02-04 19:56 - 2014-02-10 20:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-04 19:54 - 2014-02-10 20:24 - 00000000 ____D () C:\Users\User\Desktop\mbar

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1009.exe

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Desktop\mbar-1.07.0.1009.exe

2014-02-04 02:06 - 2014-02-04 02:06 - 02707816 _____ (Georg Wächter ) C:\Users\User\Downloads\Trackplanner.exe

2014-02-04 02:06 - 2014-02-04 02:06 - 00000000 ____D () C:\Program Files (x86)\Trackplanner

2014-02-04 02:06 - 2010-01-24 15:13 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00244024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll

2014-02-04 02:06 - 2010-01-24 15:13 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00137728 _____ (Intel Corporation) C:\Windows\SysWOW64\ijl10.dll

2014-02-04 02:06 - 2010-01-24 15:13 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6de.dll

2014-02-04 02:06 - 2010-01-24 15:13 - 00108336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Cmdlgde.dll

2014-02-04 00:42 - 2014-02-04 00:43 - 22948790 _____ () C:\Users\User\Downloads\vlc-2.0.6-win32.exe

2014-02-03 22:27 - 2014-02-03 22:27 - 00002116 _____ () C:\Users\Public\Desktop\devolo Cockpit.lnk

2014-02-03 22:27 - 2014-01-24 10:19 - 00221184 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopcap.dll

2014-02-03 22:27 - 2014-01-24 10:19 - 00081920 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopacket.dll

2014-02-03 22:27 - 2014-01-24 10:19 - 00034048 _____ (CACE Technologies) C:\Windows\SysWOW64\Drivers\npf_devolo.sys

2014-01-31 15:14 - 2014-01-31 15:15 - 06447511 _____ () C:\Users\User\Downloads\Mig-19_HuAF.zip

2014-01-25 18:38 - 2014-01-25 18:38 - 00002408 _____ () C:\Users\User\Downloads\Bank(1)

2014-01-25 18:37 - 2014-01-25 18:37 - 00002408 _____ () C:\Users\User\Downloads\Bank

2014-01-19 22:13 - 2014-01-19 22:13 - 00000519 _____ () C:\Users\User\Desktop\Unbenannt 1.csv

2014-01-16 20:08 - 2014-01-16 20:08 - 00032334 _____ () C:\Users\User\Downloads\Addition.txt

2014-01-16 20:07 - 2014-02-11 22:30 - 00000000 ____D () C:\FRST

2014-01-16 20:07 - 2014-02-04 22:24 - 00040076 _____ () C:\Users\User\Downloads\FRST.txt

2014-01-16 20:06 - 2014-01-16 20:07 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-01-16 20:02 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-16 20:02 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-16 20:02 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-16 20:02 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-16 20:01 - 2014-01-16 20:02 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-16 19:58 - 2014-01-16 19:58 - 00000000 ____D () C:\ProgramData\McAfee

2014-01-15 22:21 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 22:21 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-01-15 22:21 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 

==================== One Month Modified Files and Folders =======
 

2014-02-11 22:30 - 2014-02-10 21:45 - 00016277 _____ () C:\Users\User\Desktop\FRST.txt

2014-02-11 22:30 - 2014-01-16 20:07 - 00000000 ____D () C:\FRST

2014-02-11 22:29 - 2012-04-02 07:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-11 22:26 - 2014-02-11 22:26 - 00000966 _____ () C:\Users\User\Desktop\JRT.txt

2014-02-11 22:14 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-11 22:14 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-11 22:12 - 2012-11-09 09:05 - 01544357 _____ () C:\Windows\WindowsUpdate.log

2014-02-11 22:07 - 2014-02-11 22:07 - 00001218 _____ () C:\Users\User\Desktop\AdwCleaner[S3].txt

2014-02-11 22:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-11 22:05 - 2009-07-14 05:51 - 23763766 _____ () C:\Windows\setupact.log

2014-02-11 22:04 - 2014-02-04 22:27 - 00000000 ____D () C:\AdwCleaner

2014-02-11 21:11 - 2014-02-11 21:12 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT(1).exe

2014-02-11 21:11 - 2014-02-11 21:10 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT(1).exe

2014-02-11 21:06 - 2014-02-11 21:06 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-11 21:06 - 2014-02-11 21:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-11 21:01 - 2014-02-11 21:01 - 02151424 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe

2014-02-11 21:01 - 2014-02-11 21:01 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion

2014-02-11 18:37 - 2012-11-10 16:19 - 00071408 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT

2014-02-11 18:37 - 2012-11-10 16:19 - 00001434 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-02-11 02:42 - 2014-02-10 09:40 - 00000000 ____D () C:\Users\User\AppData\Local\SAdK

2014-02-10 23:02 - 2014-02-10 23:02 - 00093244 _____ () C:\ComboFix.txt

2014-02-10 23:02 - 2014-02-10 22:36 - 00000000 ____D () C:\Qoobox

2014-02-10 23:02 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default

2014-02-10 23:01 - 2014-02-10 22:36 - 00000000 ____D () C:\Windows\erdnt

2014-02-10 22:58 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-02-10 22:56 - 2010-11-21 04:47 - 00094648 _____ () C:\Windows\PFRO.log

2014-02-10 22:56 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-02-10 22:36 - 2014-02-10 22:36 - 05180173 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe

2014-02-10 22:36 - 2014-02-10 22:35 - 05180173 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe

2014-02-10 21:47 - 2014-02-10 21:47 - 00023636 _____ () C:\Users\User\Desktop\Addition.txt

2014-02-10 21:44 - 2014-02-10 21:44 - 02150400 _____ (Farbar) C:\Users\User\Downloads\FRST64(2).exe

2014-02-10 21:32 - 2014-02-10 21:20 - 00000000 ____D () C:\Users\User\AppData\Local\NPE

2014-02-10 21:22 - 2012-02-20 01:52 - 00000238 _____ () C:\Windows\Brownie.ini

2014-02-10 21:20 - 2012-02-13 12:36 - 00000000 ____D () C:\ProgramData\Norton

2014-02-10 21:18 - 2014-02-10 21:18 - 03057128 ____N (Symantec Corporation) C:\Users\User\Downloads\NPE.exe

2014-02-10 20:54 - 2014-02-10 20:49 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-02-10 20:50 - 2014-02-10 20:50 - 00001918 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-02-10 20:50 - 2014-02-10 20:50 - 00000000 ____D () C:\Program Files\HitmanPro

2014-02-10 20:45 - 2014-02-10 20:45 - 10820032 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64.exe

2014-02-10 20:37 - 2014-02-10 20:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300(1).exe

2014-02-10 20:36 - 2014-02-10 20:36 - 00000000 ____D () C:\Windows\ERUNT

2014-02-10 20:35 - 2014-02-10 20:35 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe

2014-02-10 20:24 - 2014-02-04 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-10 20:24 - 2014-02-04 19:54 - 00000000 ____D () C:\Users\User\Desktop\mbar

2014-02-10 20:23 - 2014-02-11 21:07 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner(2).exe

2014-02-10 20:23 - 2014-02-10 20:23 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(2).exe

2014-02-10 09:40 - 2014-02-10 09:40 - 00000000 ____D () C:\Users\User\Documents\SAdK

2014-02-10 09:39 - 2014-02-10 09:39 - 00001330 _____ () C:\Windows\DIFx.log

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\User\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\Admin\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2014-02-10 09:37 - 2014-02-10 09:37 - 00000000 ____D () C:\Program Files (x86)\Ubisoft

2014-02-10 09:09 - 2012-02-18 22:36 - 05638144 _____ () C:\Users\User\Documents\SvenSchulz Sicherungskopie.mny

2014-02-10 00:03 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

2014-02-09 18:29 - 2012-07-19 17:12 - 00000000 ____D () C:\Users\User\Documents\Flight Simulator-Dateien

2014-02-09 14:38 - 2014-02-09 14:38 - 13255324 _____ () C:\Users\User\Downloads\de752oc.zip

2014-02-09 14:35 - 2014-02-09 14:35 - 08556299 _____ () C:\Users\User\Downloads\b753desc.zip

2014-02-09 14:34 - 2014-02-09 13:33 - 25660442 _____ () C:\Users\User\Downloads\a380_lufthansa_d-aimi.zip

2014-02-09 13:30 - 2014-02-09 13:29 - 29049929 _____ () C:\Users\User\Downloads\berlinb72era.zip

2014-02-09 10:31 - 2012-03-10 02:15 - 00000000 _____ () C:\Users\User\AppData\Roaming\FileOut.cns

2014-02-09 10:31 - 2012-03-10 02:15 - 00000000 _____ () C:\Users\User\AppData\Roaming\FileIn.cns

2014-02-06 01:40 - 2012-02-18 19:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\MediaMonkey

2014-02-06 00:58 - 2014-02-05 22:41 - 00020866 _____ () C:\Users\User\Desktop\Beitragsordnung_20140205.odt

2014-02-05 22:28 - 2014-02-05 22:02 - 00023755 _____ () C:\Users\User\Desktop\20140205 - Entwurf einer Satzung des Queen Lui Slotracing Berlin e.V. (o. Kommentare).odt

2014-02-05 10:48 - 2012-04-02 07:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-05 10:48 - 2012-02-16 11:54 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe

2014-02-05 10:47 - 2012-04-02 07:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-02-05 10:47 - 2012-02-27 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-05 02:07 - 2012-02-18 22:32 - 00000000 ____D () C:\Users\User\Documents\Bank

2014-02-04 22:48 - 2013-06-22 22:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-04 22:42 - 2014-02-04 22:42 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(1).exe

2014-02-04 22:42 - 2014-02-04 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-04 22:32 - 2013-06-09 17:51 - 00001534 _____ () C:\ProgramData\ss.ini

2014-02-04 22:26 - 2014-02-04 22:26 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner.exe

2014-02-04 22:24 - 2014-01-16 20:07 - 00040076 _____ () C:\Users\User\Downloads\FRST.txt

2014-02-04 22:20 - 2014-02-04 22:20 - 02080256 _____ (Farbar) C:\Users\User\Downloads\FRST64(1).exe

2014-02-04 20:54 - 2014-02-04 20:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-04 20:05 - 2014-02-04 19:59 - 153481200 _____ () C:\Users\User\Downloads\47pfl6877k_12_fus_deu(1).zip

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1009.exe

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Desktop\mbar-1.07.0.1009.exe

2014-02-04 02:34 - 2013-08-19 20:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\SumatraPDF

2014-02-04 02:06 - 2014-02-04 02:06 - 02707816 _____ (Georg Wächter ) C:\Users\User\Downloads\Trackplanner.exe

2014-02-04 02:06 - 2014-02-04 02:06 - 00000000 ____D () C:\Program Files (x86)\Trackplanner

2014-02-04 00:43 - 2014-02-04 00:42 - 22948790 _____ () C:\Users\User\Downloads\vlc-2.0.6-win32.exe

2014-02-03 22:27 - 2014-02-03 22:27 - 00002116 _____ () C:\Users\Public\Desktop\devolo Cockpit.lnk

2014-02-03 22:27 - 2013-03-15 12:31 - 00000000 ____D () C:\Program Files (x86)\devolo

2014-02-02 23:53 - 2011-04-12 08:43 - 00654150 _____ () C:\Windows\system32\perfh007.dat

2014-02-02 23:53 - 2011-04-12 08:43 - 00130022 _____ () C:\Windows\system32\perfc007.dat

2014-02-02 23:53 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-01-31 15:15 - 2014-01-31 15:14 - 06447511 _____ () C:\Users\User\Downloads\Mig-19_HuAF.zip

2014-01-29 15:28 - 2013-09-18 09:16 - 00000000 ____D () C:\Users\User\Desktop\autos

2014-01-27 12:05 - 2012-02-20 01:54 - 00000432 _____ () C:\Windows\BRWMARK.INI

2014-01-25 18:38 - 2014-01-25 18:38 - 00002408 _____ () C:\Users\User\Downloads\Bank(1)

2014-01-25 18:37 - 2014-01-25 18:37 - 00002408 _____ () C:\Users\User\Downloads\Bank

2014-01-24 10:19 - 2014-02-03 22:27 - 00221184 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopcap.dll

2014-01-24 10:19 - 2014-02-03 22:27 - 00081920 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopacket.dll

2014-01-24 10:19 - 2014-02-03 22:27 - 00034048 _____ (CACE Technologies) C:\Windows\SysWOW64\Drivers\npf_devolo.sys

2014-01-23 13:28 - 2012-02-18 22:32 - 00000000 ____D () C:\Users\User\Documents\Carrera

2014-01-19 22:13 - 2014-01-19 22:13 - 00000519 _____ () C:\Users\User\Desktop\Unbenannt 1.csv

2014-01-19 15:46 - 2012-02-20 02:22 - 00000000 ____D () C:\Users\User\AppData\Local\FRITZ!

2014-01-16 20:08 - 2014-01-16 20:08 - 00032334 _____ () C:\Users\User\Downloads\Addition.txt

2014-01-16 20:07 - 2014-01-16 20:06 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-01-16 20:02 - 2014-01-16 20:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-16 20:02 - 2013-10-30 08:21 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-16 20:02 - 2013-06-23 08:15 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-16 19:58 - 2014-01-16 19:58 - 00000000 ____D () C:\ProgramData\McAfee

2014-01-16 19:52 - 2009-07-14 05:45 - 00311800 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-01-16 02:39 - 2013-08-10 01:46 - 00000000 ____D () C:\Windows\system32\MRT

2014-01-16 02:37 - 2012-11-09 09:51 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 

Some content of TEMP:

====================

C:\Users\User\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-02-11 18:31
 

==================== End Of Log ============================

--- --- ---

Sieht ziemlich gut aus, schätze ich.

Danke und Gruß,
Sven

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Das artet ja in Arbeit aus :lach:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=7faf1a76b1dbc04db2c45cf02aab8332

# engine=17048

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-02-13 12:12:27

# local_time=2014-02-13 01:12:27 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=3592 16777213 100 91 746254 142912843 0 0

# compatibility_mode=5893 16776574 100 94 18761597 143880197 0 0

# scanned=484794

# found=1

# cleaned=0

# scan_time=9122

sh=051E5F82B5255051482679E7649694E91756E149 ft=1 fh=def890bc247c5a4e vn="Win32/Adware.Gator.Trickler application" ac=I fn="G:\Miro DC30\DIVx5\DivXPro5.exe"

Tja, die Datei ist zwar ewig nicht (nie) in Nutzung gewesen, nun aber gekillt.

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 01

Ran by User (administrator) on DESKTOP on 13-02-2014 01:30:26

Running from C:\Users\User\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(brother) C:\Program Files (x86)\Brownie\brstsw64.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Adobe\Shockwave 12\SwHelper_1203133.exe

(Microsoft Corporation) C:\Windows\splwow64.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)

HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-07-16] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)

HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-07-16] ()

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [975800 2012-07-16] (Samsung)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-08-16] (Hewlett-Packard Company)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-28] (AMD)

HKU\S-1-5-21-1671235655-2325290886-3288282889-1000\...\RunOnce: [BrStsW64.exe] - C:\Program Files (x86)\Brownie\BrStsW64.exe [3695928 2009-08-19] (brother)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6356EC21A8ECCC01

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - {62A06542-6440-4735-8DA3-A8EBA56D87ED} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kh1a56dz.default

FF Homepage: hxxp://www.t-online.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-13]
 

==================== Services (Whitelisted) =================
 

S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3606008 2014-01-24] (devolo AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] ()
 

==================== Drivers (Whitelisted) ====================
 

S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)

R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)

S3 gwiopm; C:\Program Files (x86)\Slotman\gwiopm.sys [3904 1998-06-03] ()

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140211.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140212.002\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140212.002\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2014-01-24] (CACE Technologies)

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()

S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)

S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)

S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)

R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)

S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [X]

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 TRIXX; \??\C:\Users\User\AppData\Local\Temp\TRIXX.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-13 01:16 - 2014-02-13 01:16 - 00987425 _____ () C:\Users\User\Downloads\SecurityCheck.exe

2014-02-12 22:35 - 2014-02-12 22:35 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe

2014-02-12 21:40 - 2014-02-12 21:40 - 00000000 ____D () C:\Users\User\AppData\Local\{2A2827B6-4134-498B-BA90-B5240C2FABC9}

2014-02-12 09:39 - 2014-02-12 09:39 - 00000000 ____D () C:\Users\User\AppData\Local\{E5960D7D-C6F1-4276-9061-87AA84DED3CD}

2014-02-12 02:57 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-12 02:57 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-02-12 02:55 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-12 02:55 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-12 02:55 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-02-12 02:55 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-12 02:55 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-12 02:55 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-02-12 02:55 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-12 02:55 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-12 02:55 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-12 02:55 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-12 02:55 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-02-12 02:55 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-02-12 02:55 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-12 02:55 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-12 02:55 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-12 02:55 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-12 02:55 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-12 02:55 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-12 02:55 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-12 02:55 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-12 02:55 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-12 02:55 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-12 02:55 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-12 02:55 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-12 02:55 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-12 02:55 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-02-12 02:55 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-02-12 02:55 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-12 02:55 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-12 02:55 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-12 02:55 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-12 02:55 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-12 02:55 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-02-12 02:55 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-12 02:55 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-12 02:55 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-12 02:55 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-02-12 02:55 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-12 02:55 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-02-12 00:54 - 2014-02-12 01:04 - 00000000 ____D () C:\Users\User\Documents\Euro Truck Simulator

2014-02-12 00:51 - 2014-02-12 00:51 - 00001172 _____ () C:\Users\Public\Desktop\Euro Truck Simulator.lnk

2014-02-12 00:51 - 2014-02-12 00:51 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator

2014-02-11 22:26 - 2014-02-11 22:26 - 00000966 _____ () C:\Users\User\Desktop\JRT.txt

2014-02-11 22:07 - 2014-02-11 22:07 - 00001218 _____ () C:\Users\User\Desktop\AdwCleaner[S3].txt

2014-02-11 21:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-02-11 21:31 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-02-11 21:31 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-11 21:31 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-02-11 21:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-02-11 21:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-02-11 21:30 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-02-11 21:30 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-02-11 21:30 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-02-11 21:30 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-02-11 21:30 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-02-11 21:30 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-02-11 21:30 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-02-11 21:30 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-02-11 21:30 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-11 21:30 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-02-11 21:30 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-02-11 21:30 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-02-11 21:30 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-02-11 21:30 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-02-11 21:30 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-02-11 21:30 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-02-11 21:30 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-02-11 21:30 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-11 21:28 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-02-11 21:28 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-02-11 21:28 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-02-11 21:28 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-02-11 21:12 - 2014-02-11 21:11 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT(1).exe

2014-02-11 21:10 - 2014-02-11 21:11 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT(1).exe

2014-02-11 21:07 - 2014-02-10 20:23 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner(2).exe

2014-02-11 21:06 - 2014-02-11 21:06 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-11 21:06 - 2014-02-11 21:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-11 21:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-11 21:01 - 2014-02-13 01:30 - 02152448 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe

2014-02-11 21:01 - 2014-02-13 01:30 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion

2014-02-10 23:02 - 2014-02-10 23:02 - 00093244 _____ () C:\ComboFix.txt

2014-02-10 22:37 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-02-10 22:37 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-02-10 22:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe

2014-02-10 22:37 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe

2014-02-10 22:36 - 2014-02-10 23:02 - 00000000 ____D () C:\Qoobox

2014-02-10 22:36 - 2014-02-10 23:01 - 00000000 ____D () C:\Windows\erdnt

2014-02-10 22:36 - 2014-02-10 22:36 - 05180173 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe

2014-02-10 22:35 - 2014-02-10 22:36 - 05180173 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe

2014-02-10 21:47 - 2014-02-11 22:30 - 00024567 _____ () C:\Users\User\Desktop\Addition.txt

2014-02-10 21:45 - 2014-02-13 01:30 - 00017569 _____ () C:\Users\User\Desktop\FRST.txt

2014-02-10 21:44 - 2014-02-10 21:44 - 02150400 _____ (Farbar) C:\Users\User\Downloads\FRST64(2).exe

2014-02-10 21:20 - 2014-02-10 21:32 - 00000000 ____D () C:\Users\User\AppData\Local\NPE

2014-02-10 21:18 - 2014-02-10 21:18 - 03057128 ____N (Symantec Corporation) C:\Users\User\Downloads\NPE.exe

2014-02-10 20:50 - 2014-02-10 20:50 - 00001918 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-02-10 20:50 - 2014-02-10 20:50 - 00000000 ____D () C:\Program Files\HitmanPro

2014-02-10 20:49 - 2014-02-10 20:54 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-02-10 20:45 - 2014-02-10 20:45 - 10820032 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64.exe

2014-02-10 20:37 - 2014-02-10 20:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300(1).exe

2014-02-10 20:36 - 2014-02-10 20:36 - 00000000 ____D () C:\Windows\ERUNT

2014-02-10 20:35 - 2014-02-10 20:35 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe

2014-02-10 20:23 - 2014-02-10 20:23 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(2).exe

2014-02-10 09:40 - 2014-02-12 18:39 - 00000000 ____D () C:\Users\User\AppData\Local\SAdK

2014-02-10 09:40 - 2014-02-10 09:40 - 00000000 ____D () C:\Users\User\Documents\SAdK

2014-02-10 09:39 - 2014-02-10 09:39 - 00001330 _____ () C:\Windows\DIFx.log

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\User\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\Admin\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2014-02-10 09:37 - 2014-02-10 09:37 - 00000000 ____D () C:\Program Files (x86)\Ubisoft

2014-02-09 14:38 - 2014-02-09 14:38 - 13255324 _____ () C:\Users\User\Downloads\de752oc.zip

2014-02-09 14:35 - 2014-02-09 14:35 - 08556299 _____ () C:\Users\User\Downloads\b753desc.zip

2014-02-09 13:33 - 2014-02-09 14:34 - 25660442 _____ () C:\Users\User\Downloads\a380_lufthansa_d-aimi.zip

2014-02-09 13:29 - 2014-02-09 13:30 - 29049929 _____ () C:\Users\User\Downloads\berlinb72era.zip

2014-02-05 22:41 - 2014-02-06 00:58 - 00020866 _____ () C:\Users\User\Desktop\Beitragsordnung_20140205.odt

2014-02-05 22:02 - 2014-02-05 22:28 - 00023755 _____ () C:\Users\User\Desktop\20140205 - Entwurf einer Satzung des Queen Lui Slotracing Berlin e.V. (o. Kommentare).odt

2014-02-04 22:42 - 2014-02-04 22:42 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(1).exe

2014-02-04 22:42 - 2014-02-04 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-04 22:27 - 2014-02-11 22:04 - 00000000 ____D () C:\AdwCleaner

2014-02-04 22:26 - 2014-02-04 22:26 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner.exe

2014-02-04 22:20 - 2014-02-04 22:20 - 02080256 _____ (Farbar) C:\Users\User\Downloads\FRST64(1).exe

2014-02-04 20:53 - 2014-02-04 20:54 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-04 19:59 - 2014-02-04 20:05 - 153481200 _____ () C:\Users\User\Downloads\47pfl6877k_12_fus_deu(1).zip

2014-02-04 19:56 - 2014-02-10 20:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-04 19:54 - 2014-02-10 20:24 - 00000000 ____D () C:\Users\User\Desktop\mbar

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1009.exe

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Desktop\mbar-1.07.0.1009.exe

2014-02-04 02:06 - 2014-02-04 02:06 - 02707816 _____ (Georg Wächter ) C:\Users\User\Downloads\Trackplanner.exe

2014-02-04 02:06 - 2014-02-04 02:06 - 00000000 ____D () C:\Program Files (x86)\Trackplanner

2014-02-04 02:06 - 2010-01-24 15:13 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00244024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll

2014-02-04 02:06 - 2010-01-24 15:13 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00137728 _____ (Intel Corporation) C:\Windows\SysWOW64\ijl10.dll

2014-02-04 02:06 - 2010-01-24 15:13 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6de.dll

2014-02-04 02:06 - 2010-01-24 15:13 - 00108336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx

2014-02-04 02:06 - 2010-01-24 15:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Cmdlgde.dll

2014-02-04 00:42 - 2014-02-04 00:43 - 22948790 _____ () C:\Users\User\Downloads\vlc-2.0.6-win32.exe

2014-02-03 22:27 - 2014-02-03 22:27 - 00002116 _____ () C:\Users\Public\Desktop\devolo Cockpit.lnk

2014-02-03 22:27 - 2014-01-24 10:19 - 00221184 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopcap.dll

2014-02-03 22:27 - 2014-01-24 10:19 - 00081920 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopacket.dll

2014-02-03 22:27 - 2014-01-24 10:19 - 00034048 _____ (CACE Technologies) C:\Windows\SysWOW64\Drivers\npf_devolo.sys

2014-01-31 15:14 - 2014-01-31 15:15 - 06447511 _____ () C:\Users\User\Downloads\Mig-19_HuAF.zip

2014-01-25 18:38 - 2014-01-25 18:38 - 00002408 _____ () C:\Users\User\Downloads\Bank(1)

2014-01-25 18:37 - 2014-01-25 18:37 - 00002408 _____ () C:\Users\User\Downloads\Bank

2014-01-19 22:13 - 2014-01-19 22:13 - 00000519 _____ () C:\Users\User\Desktop\Unbenannt 1.csv

2014-01-16 20:08 - 2014-01-16 20:08 - 00032334 _____ () C:\Users\User\Downloads\Addition.txt

2014-01-16 20:07 - 2014-02-13 01:30 - 00000000 ____D () C:\FRST

2014-01-16 20:07 - 2014-02-04 22:24 - 00040076 _____ () C:\Users\User\Downloads\FRST.txt

2014-01-16 20:06 - 2014-01-16 20:07 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-01-16 20:02 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-16 20:02 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-16 20:02 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-16 20:02 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-16 20:01 - 2014-01-16 20:02 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-16 19:58 - 2014-01-16 19:58 - 00000000 ____D () C:\ProgramData\McAfee

2014-01-15 22:21 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 22:21 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 22:21 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-01-15 22:21 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 

==================== One Month Modified Files and Folders =======
 

2014-02-13 01:30 - 2014-02-11 21:01 - 02152448 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe

2014-02-13 01:30 - 2014-02-11 21:01 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion

2014-02-13 01:30 - 2014-02-10 21:45 - 00017569 _____ () C:\Users\User\Desktop\FRST.txt

2014-02-13 01:30 - 2014-01-16 20:07 - 00000000 ____D () C:\FRST

2014-02-13 01:29 - 2012-04-02 07:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-13 01:29 - 2012-02-20 01:52 - 00000265 _____ () C:\Windows\Brownie.ini

2014-02-13 01:16 - 2014-02-13 01:16 - 00987425 _____ () C:\Users\User\Downloads\SecurityCheck.exe

2014-02-13 01:05 - 2009-07-14 05:51 - 23876764 _____ () C:\Windows\setupact.log

2014-02-13 00:35 - 2012-11-09 09:05 - 01839804 _____ () C:\Windows\WindowsUpdate.log

2014-02-12 22:35 - 2014-02-12 22:35 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe

2014-02-12 21:40 - 2014-02-12 21:40 - 00000000 ____D () C:\Users\User\AppData\Local\{2A2827B6-4134-498B-BA90-B5240C2FABC9}

2014-02-12 18:39 - 2014-02-10 09:40 - 00000000 ____D () C:\Users\User\AppData\Local\SAdK

2014-02-12 14:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-02-12 09:39 - 2014-02-12 09:39 - 00000000 ____D () C:\Users\User\AppData\Local\{E5960D7D-C6F1-4276-9061-87AA84DED3CD}

2014-02-12 09:36 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-12 09:36 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-12 09:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-12 03:13 - 2011-04-12 08:43 - 00654150 _____ () C:\Windows\system32\perfh007.dat

2014-02-12 03:13 - 2011-04-12 08:43 - 00130022 _____ () C:\Windows\system32\perfc007.dat

2014-02-12 03:13 - 2009-07-14 06:13 - 01519798 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-12 01:04 - 2014-02-12 00:54 - 00000000 ____D () C:\Users\User\Documents\Euro Truck Simulator

2014-02-12 00:51 - 2014-02-12 00:51 - 00001172 _____ () C:\Users\Public\Desktop\Euro Truck Simulator.lnk

2014-02-12 00:51 - 2014-02-12 00:51 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator

2014-02-12 00:38 - 2012-02-18 22:36 - 05654528 _____ () C:\Users\User\Documents\SvenSchulz Sicherungskopie.mny

2014-02-12 00:38 - 2012-02-18 14:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Money

2014-02-11 22:30 - 2014-02-10 21:47 - 00024567 _____ () C:\Users\User\Desktop\Addition.txt

2014-02-11 22:26 - 2014-02-11 22:26 - 00000966 _____ () C:\Users\User\Desktop\JRT.txt

2014-02-11 22:07 - 2014-02-11 22:07 - 00001218 _____ () C:\Users\User\Desktop\AdwCleaner[S3].txt

2014-02-11 22:04 - 2014-02-04 22:27 - 00000000 ____D () C:\AdwCleaner

2014-02-11 21:11 - 2014-02-11 21:12 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT(1).exe

2014-02-11 21:11 - 2014-02-11 21:10 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT(1).exe

2014-02-11 21:06 - 2014-02-11 21:06 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-11 21:06 - 2014-02-11 21:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-11 18:37 - 2012-11-10 16:19 - 00071408 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT

2014-02-11 18:37 - 2012-11-10 16:19 - 00001434 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-02-10 23:02 - 2014-02-10 23:02 - 00093244 _____ () C:\ComboFix.txt

2014-02-10 23:02 - 2014-02-10 22:36 - 00000000 ____D () C:\Qoobox

2014-02-10 23:02 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default

2014-02-10 23:01 - 2014-02-10 22:36 - 00000000 ____D () C:\Windows\erdnt

2014-02-10 22:58 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-02-10 22:56 - 2010-11-21 04:47 - 00094648 _____ () C:\Windows\PFRO.log

2014-02-10 22:56 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-02-10 22:36 - 2014-02-10 22:36 - 05180173 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe

2014-02-10 22:36 - 2014-02-10 22:35 - 05180173 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe

2014-02-10 21:44 - 2014-02-10 21:44 - 02150400 _____ (Farbar) C:\Users\User\Downloads\FRST64(2).exe

2014-02-10 21:32 - 2014-02-10 21:20 - 00000000 ____D () C:\Users\User\AppData\Local\NPE

2014-02-10 21:20 - 2012-02-13 12:36 - 00000000 ____D () C:\ProgramData\Norton

2014-02-10 21:18 - 2014-02-10 21:18 - 03057128 ____N (Symantec Corporation) C:\Users\User\Downloads\NPE.exe

2014-02-10 20:54 - 2014-02-10 20:49 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-02-10 20:50 - 2014-02-10 20:50 - 00001918 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-02-10 20:50 - 2014-02-10 20:50 - 00000000 ____D () C:\Program Files\HitmanPro

2014-02-10 20:45 - 2014-02-10 20:45 - 10820032 _____ (SurfRight B.V.) C:\Users\User\Downloads\HitmanPro_x64.exe

2014-02-10 20:37 - 2014-02-10 20:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300(1).exe

2014-02-10 20:36 - 2014-02-10 20:36 - 00000000 ____D () C:\Windows\ERUNT

2014-02-10 20:35 - 2014-02-10 20:35 - 01037530 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe

2014-02-10 20:24 - 2014-02-04 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-10 20:24 - 2014-02-04 19:54 - 00000000 ____D () C:\Users\User\Desktop\mbar

2014-02-10 20:23 - 2014-02-11 21:07 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner(2).exe

2014-02-10 20:23 - 2014-02-10 20:23 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(2).exe

2014-02-10 09:40 - 2014-02-10 09:40 - 00000000 ____D () C:\Users\User\Documents\SAdK

2014-02-10 09:39 - 2014-02-10 09:39 - 00001330 _____ () C:\Windows\DIFx.log

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA

2014-02-10 09:39 - 2014-02-10 09:39 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\User\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00002345 _____ () C:\Users\Admin\Desktop\Die Siedler - Aufbruch der Kulturen.lnk

2014-02-10 09:38 - 2014-02-10 09:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2014-02-10 09:37 - 2014-02-10 09:37 - 00000000 ____D () C:\Program Files (x86)\Ubisoft

2014-02-10 00:03 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

2014-02-09 18:29 - 2012-07-19 17:12 - 00000000 ____D () C:\Users\User\Documents\Flight Simulator-Dateien

2014-02-09 14:38 - 2014-02-09 14:38 - 13255324 _____ () C:\Users\User\Downloads\de752oc.zip

2014-02-09 14:35 - 2014-02-09 14:35 - 08556299 _____ () C:\Users\User\Downloads\b753desc.zip

2014-02-09 14:34 - 2014-02-09 13:33 - 25660442 _____ () C:\Users\User\Downloads\a380_lufthansa_d-aimi.zip

2014-02-09 13:30 - 2014-02-09 13:29 - 29049929 _____ () C:\Users\User\Downloads\berlinb72era.zip

2014-02-09 10:31 - 2012-03-10 02:15 - 00000000 _____ () C:\Users\User\AppData\Roaming\FileOut.cns

2014-02-09 10:31 - 2012-03-10 02:15 - 00000000 _____ () C:\Users\User\AppData\Roaming\FileIn.cns

2014-02-06 13:16 - 2014-02-12 02:55 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-06 12:30 - 2014-02-12 02:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-06 12:30 - 2014-02-12 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-02-06 12:12 - 2014-02-12 02:55 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-06 12:07 - 2014-02-12 02:55 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-06 12:06 - 2014-02-12 02:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-02-06 11:57 - 2014-02-12 02:55 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-06 11:56 - 2014-02-12 02:55 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-06 11:52 - 2014-02-12 02:55 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-06 11:49 - 2014-02-12 02:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-06 11:48 - 2014-02-12 02:55 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-02-06 11:48 - 2014-02-12 02:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-02-06 11:38 - 2014-02-12 02:55 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-06 11:32 - 2014-02-12 02:55 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-06 11:20 - 2014-02-12 02:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-06 11:17 - 2014-02-12 02:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-06 11:11 - 2014-02-12 02:55 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-06 11:01 - 2014-02-12 02:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-06 11:00 - 2014-02-12 02:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-06 10:57 - 2014-02-12 02:55 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-06 10:57 - 2014-02-12 02:55 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-06 10:52 - 2014-02-12 02:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-06 10:52 - 2014-02-12 02:55 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-06 10:50 - 2014-02-12 02:55 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-06 10:49 - 2014-02-12 02:55 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-06 10:47 - 2014-02-12 02:55 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-02-06 10:46 - 2014-02-12 02:55 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-02-06 10:25 - 2014-02-12 02:55 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-06 10:25 - 2014-02-12 02:55 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-06 10:24 - 2014-02-12 02:55 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-06 10:22 - 2014-02-12 02:55 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-06 10:13 - 2014-02-12 02:55 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-06 10:09 - 2014-02-12 02:55 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-02-06 10:03 - 2014-02-12 02:55 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-06 09:55 - 2014-02-12 02:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-06 09:41 - 2014-02-12 02:55 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-06 09:40 - 2014-02-12 02:55 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-02-06 09:36 - 2014-02-12 02:55 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-06 09:34 - 2014-02-12 02:55 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-02-06 01:40 - 2012-02-18 19:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\MediaMonkey

2014-02-06 00:58 - 2014-02-05 22:41 - 00020866 _____ () C:\Users\User\Desktop\Beitragsordnung_20140205.odt

2014-02-05 22:28 - 2014-02-05 22:02 - 00023755 _____ () C:\Users\User\Desktop\20140205 - Entwurf einer Satzung des Queen Lui Slotracing Berlin e.V. (o. Kommentare).odt

2014-02-05 10:48 - 2012-04-02 07:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-05 10:48 - 2012-02-16 11:54 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe

2014-02-05 10:47 - 2012-04-02 07:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-02-05 10:47 - 2012-02-27 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-05 02:07 - 2012-02-18 22:32 - 00000000 ____D () C:\Users\User\Documents\Bank

2014-02-04 22:48 - 2013-06-22 22:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-04 22:42 - 2014-02-04 22:42 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner(1).exe

2014-02-04 22:42 - 2014-02-04 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-04 22:32 - 2013-06-09 17:51 - 00001534 _____ () C:\ProgramData\ss.ini

2014-02-04 22:26 - 2014-02-04 22:26 - 01166132 _____ () C:\Users\User\Downloads\adwcleaner.exe

2014-02-04 22:24 - 2014-01-16 20:07 - 00040076 _____ () C:\Users\User\Downloads\FRST.txt

2014-02-04 22:20 - 2014-02-04 22:20 - 02080256 _____ (Farbar) C:\Users\User\Downloads\FRST64(1).exe

2014-02-04 20:54 - 2014-02-04 20:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-04 20:05 - 2014-02-04 19:59 - 153481200 _____ () C:\Users\User\Downloads\47pfl6877k_12_fus_deu(1).zip

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1009.exe

2014-02-04 19:54 - 2014-02-04 19:54 - 12589848 _____ (Malwarebytes Corp.) C:\Users\User\Desktop\mbar-1.07.0.1009.exe

2014-02-04 02:34 - 2013-08-19 20:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\SumatraPDF

2014-02-04 02:06 - 2014-02-04 02:06 - 02707816 _____ (Georg Wächter ) C:\Users\User\Downloads\Trackplanner.exe

2014-02-04 02:06 - 2014-02-04 02:06 - 00000000 ____D () C:\Program Files (x86)\Trackplanner

2014-02-04 00:43 - 2014-02-04 00:42 - 22948790 _____ () C:\Users\User\Downloads\vlc-2.0.6-win32.exe

2014-02-03 22:27 - 2014-02-03 22:27 - 00002116 _____ () C:\Users\Public\Desktop\devolo Cockpit.lnk

2014-02-03 22:27 - 2013-03-15 12:31 - 00000000 ____D () C:\Program Files (x86)\devolo

2014-01-31 15:15 - 2014-01-31 15:14 - 06447511 _____ () C:\Users\User\Downloads\Mig-19_HuAF.zip

2014-01-29 15:28 - 2013-09-18 09:16 - 00000000 ____D () C:\Users\User\Desktop\autos

2014-01-27 12:05 - 2012-02-20 01:54 - 00000432 _____ () C:\Windows\BRWMARK.INI

2014-01-25 18:38 - 2014-01-25 18:38 - 00002408 _____ () C:\Users\User\Downloads\Bank(1)

2014-01-25 18:37 - 2014-01-25 18:37 - 00002408 _____ () C:\Users\User\Downloads\Bank

2014-01-24 10:19 - 2014-02-03 22:27 - 00221184 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopcap.dll

2014-01-24 10:19 - 2014-02-03 22:27 - 00081920 _____ (CACE Technologies) C:\Windows\SysWOW64\devolopacket.dll

2014-01-24 10:19 - 2014-02-03 22:27 - 00034048 _____ (CACE Technologies) C:\Windows\SysWOW64\Drivers\npf_devolo.sys

2014-01-23 13:28 - 2012-02-18 22:32 - 00000000 ____D () C:\Users\User\Documents\Carrera

2014-01-19 22:13 - 2014-01-19 22:13 - 00000519 _____ () C:\Users\User\Desktop\Unbenannt 1.csv

2014-01-19 15:46 - 2012-02-20 02:22 - 00000000 ____D () C:\Users\User\AppData\Local\FRITZ!

2014-01-16 20:08 - 2014-01-16 20:08 - 00032334 _____ () C:\Users\User\Downloads\Addition.txt

2014-01-16 20:07 - 2014-01-16 20:06 - 02076160 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-01-16 20:02 - 2014-01-16 20:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-16 20:02 - 2013-10-30 08:21 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-16 20:02 - 2013-06-23 08:15 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-16 19:58 - 2014-01-16 19:58 - 00000000 ____D () C:\ProgramData\McAfee

2014-01-16 19:52 - 2009-07-14 05:45 - 00311800 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-01-16 02:39 - 2013-08-10 01:46 - 00000000 ____D () C:\Windows\system32\MRT

2014-01-16 02:37 - 2012-11-09 09:51 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 

Some content of TEMP:

====================

C:\Users\User\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-02-11 18:31
 

==================== End Of Log ============================

--- --- ---

Ansonsten habe ich seit zwei Tagen keine Werbefenster mehr gesehen.
Allerdings waren mir meine Microsoft Money Arbeitsdateien abhanden gekommen.

Zitat:

Allerdings waren mir meine Microsoft Money Arbeitsdateien abhanden gekommen.

wie abhanden gekommen?

Am 10.02.2014 habe ich die Daten zuletzt bearbeitet und da
war dann auzch die Sicherheitskopie der Datei noch vorhanden.
Und als ich am 12.02. Money geöffnet habe konnte keine Arbeitsdatei
gefunden werden. Ich gehe also davon aus, dass die im Laufe
der Bereinigungen gekillt wurden. Gesehen habe ich in den Logs
dazu aber nichts. Money Dateien haben die Endung .mny
Weitere Dateien vermisse ich bisher nicht.

Gruß,
Sven

Ich seh auch nix in den Logs. Aber die Tools löschen nix was sie nicht auch loggen. Komisch.

Fertig :)

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.