| |
| |||||||
Log-Analyse und Auswertung: Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.01.2012, 11:36
| #1 |
 |  Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Hallo zusammen, ich habe heute morgen eine Virenmeldung durch Anti Vir von Avira bekommen. Daraufhin habe ich einen Fullscan machen lassen und 4 weitere Funde gemeldet bekommen. das Defogger output: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:03 on 28/01/2012 (MAXMUSTERMANN)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Already disabled
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 28.01.2012 11:05:33 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = d:\Eigene Dateien\Desktop 64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 63,74% Memory free 5,25 Gb Paging File | 2,68 Gb Available in Paging File | 50,94% Paging File free Paging file location(s): d:\pagefile.sys 200 6141 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 46,58 Gb Total Space | 1,48 Gb Free Space | 3,17% Space Free | Partition Type: NTFS Drive D: | 419,18 Gb Total Space | 13,37 Gb Free Space | 3,19% Space Free | Partition Type: NTFS Drive G: | 465,76 Gb Total Space | 179,30 Gb Free Space | 38,50% Space Free | Partition Type: NTFS Computer Name: MAXMUSTERMANN | User Name: MAXMUSTERMANN | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - d:\Eigene Dateien\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation) PRC - C:\Programme\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe () PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) PRC - C:\Program Files (x86)\ASUS\Six Engine\SixEngine.exe () PRC - C:\Programme\ASUS\Ai Suite\AiNap\AiNap.exe () PRC - C:\Program Files (x86)\ASUS\AASP\1.00.63\aaCenter.exe () PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) PRC - C:\Program Files (x86)\ASUS\AI Direct Link\AsShare.exe () PRC - C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe () PRC - C:\Program Files (x86)\FRITZ!DSL\StCenter.exe (AVM Berlin) PRC - C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe (AVM Berlin) PRC - C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) PRC - C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe () PRC - C:\Windows\SysWOW64\WTClient.exe (Tablet Driver) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\WinTab32.dll () MOD - C:\Program Files (x86)\ASUS\Six Engine\SixEngine.exe () MOD - C:\Programme\ASUS\Ai Suite\AiNap\AiNap.exe () MOD - C:\Program Files (x86)\Unlocker\UnlockerCOM.dll () MOD - C:\Program Files (x86)\ASUS\AASP\1.00.63\aaCenter.exe () MOD - C:\Program Files (x86)\ASUS\Six Engine\AsSpindownTimeout.dll () MOD - C:\Programme\ASUS\Ai Suite\AiNap\AiNap.dll () MOD - C:\Program Files (x86)\ASUS\AASP\1.00.63\cpuutil.dll () MOD - C:\Program Files (x86)\ASUS\AI Direct Link\AsShare.exe () MOD - C:\Program Files (x86)\ASUS\AI Direct Link\AsNetlib.dll () MOD - C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe () MOD - C:\Programme\ASUS\Ai Suite\AiNap\vvc.dll () MOD - C:\Windows\SysWOW64\AsIO.dll () MOD - C:\Program Files (x86)\ASUS\AASP\1.00.63\PowerDll.dll () MOD - C:\Program Files (x86)\ASUS\Six Engine\pngio.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (mi-raysat_3dsmax2010_64) -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe () SRV:64bit: - (WinTabService) -- C:\Windows\SysNative\Drivers\WTSRV.EXE (Tablet Driver) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (Autodesk Licensing Service) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (DCPFLICS) -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe () SRV - (IGDCTRL) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) ========== Driver Services (SafeList) ========== DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\DRIVERS\VBoxNetAdp.sys (Sun Microsystems, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\DRIVERS\AF15BDA.sys (AfaTech ) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (tdrpman147) Acronis Try&Decide and Restore Points filter (build 147) -- C:\Windows\SysNative\DRIVERS\tdrpm147.sys (Acronis) DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis) DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis) DRV:64bit: - (snapman380) Acronis Snapshots Manager (Build 380) -- C:\Windows\SysNative\DRIVERS\snman380.sys (Acronis) DRV:64bit: - (UCTblHid) -- C:\Windows\SysNative\DRIVERS\UCTblHid.sys (Tablet Driver) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\DRIVERS\mv61xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell) DRV:64bit: - (PTSimBus) -- C:\Windows\SysNative\DRIVERS\PTSimBus.sys (PenTablet Driver) DRV:64bit: - (camfilt2) -- C:\Windows\SysNative\Drivers\camfilt2.sys (Guillemot Corporation) DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys () DRV:64bit: - (PTSimHid) -- C:\Windows\SysNative\DRIVERS\PTSimHid.sys (PenTablet Driver) DRV:64bit: - (TClass2k) -- C:\Windows\SysNative\DRIVERS\TClass2k.sys (Tablet Driver) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (Hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://facebook.com/" FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.6 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\MAXMUSTERMANN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.11 08:58:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.15 11:19:45 | 000,000,000 | ---D | M] [2008.12.16 17:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\mozilla\Extensions [2011.12.21 21:42:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\mozilla\Firefox\Profiles\htm99lj7.default\extensions [2009.07.15 10:07:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\mozilla\Firefox\Profiles\htm99lj7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.01.15 11:26:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.01.15 11:26:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} () (No name found) -- C:\USERS\MAXMUSTERMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HTM99LJ7.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI () (No name found) -- C:\USERS\MAXMUSTERMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HTM99LJ7.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI [2012.01.11 08:58:07 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2009.12.21 06:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.01.11 08:58:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.11 08:58:04 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.01.11 08:58:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.01.11 08:58:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.11 08:58:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.11 08:58:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2011.09.10 00:50:13 | 000,438,235 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15075 more lines... O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [C-Media Speaker Configuration] D:\Download\nightingale_vista32_drv\nightingale\vista32\Setup.exe /SPEAKER File not found O4 - HKLM..\Run: [Cpu Level Up help] C:\Programme\ASUS\Ai Suite\CpuLevelUpHelp.exe () O4 - HKLM..\Run: [Launch As Cmd Runner] C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe () O4 - HKLM..\Run: [Launch Direct Link] C:\Program Files (x86)\ASUS\AI Direct Link\AsShare.exe () O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe () O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) O4 - HKLM..\Run: [SpybotSnD] C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited) O4 - HKLM..\Run: [StartCCC] D:\CCC\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe (AVM Berlin) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range37 ([*] in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range38 ([http] in Vertrauenswürdige Sites) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://192.168.178.83/codebase/DVM_IPCam2.ocx (DVM_IPCam2 Control) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC40F562-54FB-432B-82B8-3DBCDF6A1368}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\Shell - "" = AutoRun O33 - MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\Shell\AutoRun\command - "" = F:\MI.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {0F3D411D-E3CD-391D-67AA-1A1773E923BF} - Themes Setup ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {33672187-3497-0A1E-B45C-D58E68672255} - Microsoft Windows Media Player ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {81E0F555-48A4-BBE8-7C73-D4917A8D760F} - Browser Customizations ActiveX:64bit: {845D8F83-D803-3070-79A0-98EB9782E556} - Internet Explorer ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {975339DF-08D6-BFC3-B51A-8D9680496A65} - Browser Customizations ActiveX:64bit: {BBF6E2C1-691B-5EFA-49F4-69D1E2ADA09E} - Themes Setup ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX:64bit: {DA4F6A32-B40F-79AD-C874-797934375EF6} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: {089500F8-A5FA-84C6-7573-9C77AEB82653} - Microsoft Windows Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {11471407-9E94-AB01-6C96-FDB44176CE82} - Internet Explorer ActiveX: {22BE1965-362C-8DCE-4609-40A3B833161B} - Internet Explorer ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {29A7CABD-DE6E-3F2B-D47C-D40718F4CA26} - Microsoft Windows Media Player ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {51D1E6E2-486F-B6EF-1A95-19433B8D310F} - Java (Sun) ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8B3EDE41-AED6-9C42-B4B4-A689EF1585DE} - Microsoft Windows Media Player ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9DC970B9-2D0A-3604-3746-836513687F4D} - Themes Setup ActiveX: {A767363E-F147-CE43-E5BF-925228848EAF} - DirectX ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start 3DxWare.lnk - C:\Programme\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe - (3Dconnexion, INC) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - C:\PROGRA~2\WinZip\WZQKPICK.EXE - (WinZip Computing, S.L.) MsConfig:64bit - StartUpFolder: C:^Users^MAXMUSTERMANN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Warkeys Update.lnk - - File not found MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: CamserviceDP - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - File not found MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - File not found MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig:64bit - StartUpReg: Messenger (Yahoo!) - hkey= - key= - File not found MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - D:\Quicktime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: Steam - hkey= - key= - File not found MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - File not found MsConfig:64bit - StartUpReg: WTClient - hkey= - key= - C:\Windows\SysWow64\WTClient.exe (Tablet Driver) MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.01.28 04:10:13 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{4961CA44-647E-4E68-8359-EB396DC91C8F} [2012.01.28 04:10:03 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E5A9C003-C1FD-4811-8D56-3ED159F6662A} [2012.01.27 16:09:48 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{99408346-17FC-42F6-B25A-2CC1C103BA32} [2012.01.27 16:09:13 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{93824692-F293-4B39-B8D8-6C324B3E538F} [2012.01.26 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{5391DC52-9F13-47E8-B39C-420C4E9FF306} [2012.01.26 19:08:44 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C170F35B-BF7B-4719-ABB9-2D5B56DCEE49} [2012.01.25 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{0B387339-13FE-4A10-9981-61254108EFFF} [2012.01.25 17:49:07 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3320290F-F0B1-4736-A160-E8C9CD79EA60} [2012.01.24 11:18:14 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E3A2D356-ADEB-4902-8FFC-3877F517227A} [2012.01.24 11:17:40 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{00127FC0-DF64-4057-8C76-82297127E747} [2012.01.23 23:17:15 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{4FDA74B0-920E-4055-BE4A-3438D44E9822} [2012.01.23 23:16:41 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{AF966B51-3092-4918-BFB5-8AC4AF71FC60} [2012.01.23 11:16:16 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C4D0A299-E3D5-426C-BD9F-2293E60224E8} [2012.01.23 11:15:39 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{323A2C74-0B7A-4E15-AC36-92FD6FAEBB53} [2012.01.22 23:15:12 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D7CE88C3-3BF2-4521-8E1D-98C08347FF74} [2012.01.22 23:14:38 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{14B953CB-62F6-4752-ADFF-749C273F761B} [2012.01.22 11:14:26 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C928C74D-8E4E-4D86-ACAB-87D64ED6A0E8} [2012.01.22 11:13:53 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{A049E8A8-DED2-4478-8E1C-044BDD85977D} [2012.01.21 10:07:28 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{622EF95D-8C1E-4BF5-96E6-743996CC1D03} [2012.01.21 10:06:52 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3ABD30EC-2748-4208-AD26-D65757371B69} [2012.01.20 17:05:27 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{06DF64C8-434A-477F-AABB-D564BAD6117B} [2012.01.20 17:04:52 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C9178B52-BA88-4B44-94CD-122AFFBB2EB3} [2012.01.20 05:04:24 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{60288773-5F52-440A-B887-EA073E9C0BC9} [2012.01.20 05:03:51 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{A239DFC5-D70C-4272-A799-0B0B4975F6F9} [2012.01.19 19:44:22 | 002,322,184 | ---- | C] (ESET) -- d:\Eigene Dateien\Desktop\esetsmartinstaller_enu.exe [2012.01.19 17:03:27 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{70CDEB3B-5B63-45A4-BD24-897DA2E28328} [2012.01.19 17:02:53 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C11B45C4-88D9-46C9-B364-D203CD8413D6} [2012.01.18 22:42:44 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- d:\Eigene Dateien\Desktop\mbam-setup-1.60.0.1800.exe [2012.01.18 16:53:12 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DF0F3529-EFD1-4D01-AF51-C72C33ECAC81} [2012.01.18 16:52:38 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{1055D3BE-8192-4007-BC00-F77251F3FBCB} [2012.01.17 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{FB31DC49-D01B-4204-BAFD-4DE294D3C7CB} [2012.01.17 18:20:45 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E90366DE-C3D5-416A-B989-B04FD50B0F0A} [2012.01.16 17:52:14 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{FCB34620-F9B3-4846-B07F-D36588F70897} [2012.01.16 17:51:45 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{8BBA7174-BD85-4607-ACF7-2342A9090D91} [2012.01.15 11:26:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.01.15 11:15:37 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E9076F2B-9C52-40DE-8296-3FB95F7A2A17} [2012.01.15 11:15:02 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{90FBD97E-9C25-47BD-A5C9-3D25D2DE444A} [2012.01.15 02:45:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- d:\Eigene Dateien\Desktop\OTL.exe [2012.01.14 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{EA32AC92-CD08-4789-8053-5D15D8906A82} [2012.01.14 22:51:00 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C29600CB-84B2-4390-BC51-3B8F78EA5E09} [2012.01.14 10:50:48 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E3DB4485-187E-422B-BD3D-539DE7558B9C} [2012.01.14 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3CAE1F38-0F03-4214-ACE7-EFED8231AC99} [2012.01.13 22:49:49 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{53E44D42-CA46-42D3-AB4A-826F4BD684E3} [2012.01.13 22:49:15 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{60BF75DB-7C3F-4FD1-9B3F-F71233449555} [2012.01.13 10:49:03 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{1E0DBECA-6148-485B-932B-0F51DD35ACD8} [2012.01.13 10:48:31 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{24CBAEDF-60FF-4028-9FE3-1967C4FDF93B} [2012.01.12 22:48:04 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{2A0F829A-B204-4720-AA8C-5907E0BA4B06} [2012.01.12 22:47:10 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{64A2494C-0044-49E9-A0DE-93E10C9055BF} [2012.01.12 10:46:56 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{650BDF14-DB92-4326-96B1-75E0BD056AE4} [2012.01.12 10:46:21 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{76D9438E-EC0A-49B0-A561-68BFD580C69B} [2012.01.12 09:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2012.01.11 22:45:54 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{1480D2EE-CBE6-431E-9013-3BB039315BE3} [2012.01.11 22:45:20 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3F6247BB-7925-4446-8092-0792E440475A} [2012.01.11 10:45:08 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{0B54546D-952C-48A2-87F6-7E1BADD463C1} [2012.01.11 10:44:34 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{96B6AEBB-36E1-4BA7-8620-E6B5C2CF90E5} [2012.01.10 22:44:09 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{B45C6B0D-9185-432D-80B7-631E62D13944} [2012.01.10 22:43:35 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D375A42F-EDE9-47E0-A449-9B2D42D441D9} [2012.01.10 10:43:20 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{662C4810-428B-4BB3-9AD6-718071B61066} [2012.01.10 10:42:46 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{70071163-D2A3-47FA-8443-9DBAFD3EC8DA} [2012.01.09 22:42:19 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D85471DA-AC97-4960-B824-FFC4B11D76F6} [2012.01.09 22:41:46 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{7293E0B6-D55E-4034-BEA9-D4651C0607B7} [2012.01.09 10:41:33 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{F5283861-3209-45B8-A57D-8CC2EF4EF494} [2012.01.09 10:41:00 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{B59A345C-ECDC-4DB7-B1D6-C5470168C28B} [2012.01.08 15:42:34 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DF592C24-12AF-4300-9501-B0D92C183E34} [2012.01.08 15:42:00 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{BE2A6CD9-4F73-4B77-B47A-949F6A0B41D6} [2012.01.06 16:08:24 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{405C5412-9605-4501-B881-37363FAF0864} [2012.01.06 16:08:11 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{200B54CE-D8C6-4D66-94DD-AB89376346CC} [2012.01.05 17:01:38 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{B45C0236-7633-452B-BD4B-CE0BD8D4F799} [2012.01.05 17:01:05 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{0554432A-E7B1-4BD6-81CA-CF9035F92D7F} [2012.01.04 17:07:17 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E765364E-D7C7-4371-A12E-C94F975C0B9D} [2012.01.04 17:07:06 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{4AF746BA-6BB2-4727-A93A-B938E46EBEA3} [2012.01.03 16:56:32 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{F3A14DAF-A842-47D4-A20B-8F7522C797AD} [2012.01.03 16:55:58 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D0713F25-4FA0-48EE-816A-217E3BE538FB} [2012.01.02 17:02:17 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{24D96077-C348-4446-8D1C-14006B143326} [2012.01.02 17:01:43 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{20685B10-A979-4806-B9FE-8D3B157210C3} [2012.01.01 21:22:52 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{08B8D898-9626-4421-B955-743E737FC16C} [2012.01.01 21:22:30 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3764E4F9-376F-4435-AB0C-2901E44EA131} [2011.12.31 11:16:53 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{9EEF26D3-1672-4025-84D4-857B15D3093B} [2011.12.31 11:16:19 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{A0C02C3E-76BE-4755-8DB5-8E16D6D2A26E} [2011.12.30 23:15:49 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DD482FBC-3F50-4994-A445-FBE6B34D2AB7} [2011.12.30 23:15:25 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{904FE9D1-8FC0-423C-8AE1-B8DE55B37E4D} [2011.12.30 10:16:51 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3C050E27-FFD9-4302-8CAF-517936153C51} [2011.12.30 10:16:17 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{43E67CEE-5A49-424F-94DB-A78388BD63A8} [2011.12.29 22:11:09 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{938B6213-1DB2-43B2-ABA1-08E1548F37B6} [2011.12.29 22:10:09 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DA28D0A0-73A4-47BA-A486-6BAAA2EA9D5E} [2009.01.27 14:43:35 | 000,167,936 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll [22 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [10 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.01.28 10:05:42 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.28 10:05:42 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.27 21:25:34 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{978E09A9-0F47-4184-8B35-D34606FD7885}.job [2012.01.27 18:31:10 | 000,003,584 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.27 16:12:20 | 004,917,742 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.27 16:12:19 | 014,640,052 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.27 16:12:19 | 004,251,288 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.27 16:12:18 | 004,659,114 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.27 16:12:18 | 000,005,604 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.27 16:05:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.23 23:37:10 | 000,447,538 | ---- | M] () -- d:\Eigene Dateien\Desktop\lamborghini_aventador_WEB.jpg [2012.01.19 19:44:25 | 002,322,184 | ---- | M] (ESET) -- d:\Eigene Dateien\Desktop\esetsmartinstaller_enu.exe [2012.01.18 22:43:02 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- d:\Eigene Dateien\Desktop\mbam-setup-1.60.0.1800.exe [2012.01.18 19:03:06 | 000,000,840 | ---- | M] () -- C:\Users\MAXMUSTERMANN\SciTE.session [2012.01.15 21:21:40 | 000,002,467 | ---- | M] () -- d:\Eigene Dateien\Desktop\ZBrush3.exe.lnk [2012.01.15 11:17:34 | 000,001,356 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d9caps.dat [2012.01.15 03:59:51 | 000,054,794 | ---- | M] () -- d:\Eigene Dateien\Desktop\anatomy.jpg [2012.01.15 03:17:29 | 000,001,205 | ---- | M] () -- d:\Eigene Dateien\Desktop\FixNCR.reg [2012.01.15 03:12:31 | 000,000,155 | ---- | M] () -- C:\Windows\wininit.ini [2012.01.15 03:03:21 | 000,018,772 | ---- | M] () -- d:\Eigene Dateien\Desktop\Extras.zip [2012.01.15 02:45:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- d:\Eigene Dateien\Desktop\OTL.exe [2012.01.15 02:44:49 | 000,050,477 | ---- | M] () -- d:\Eigene Dateien\Desktop\Defogger.exe [2012.01.15 02:26:38 | 000,006,637 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\e4d42e6 [2012.01.15 02:26:38 | 000,006,606 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Local\a38b6a13 [2012.01.15 02:26:37 | 000,006,695 | ---- | M] () -- C:\ProgramData\b4087b46 [2012.01.12 20:25:26 | 000,034,324 | ---- | M] () -- d:\Eigene Dateien\Desktop\390545_2782062600262_1519118754_2802599_2090416052.jpg [2012.01.12 20:23:39 | 000,069,633 | ---- | M] () -- d:\Eigene Dateien\Desktop\388724_2782061440233_1519118754_2802598_36483764_n.jpg [2012.01.12 20:23:37 | 000,072,787 | ---- | M] () -- d:\Eigene Dateien\Desktop\390545_2782062600262_1519118754_2802599_2090416052_n.jpg [2012.01.12 09:13:45 | 000,001,679 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [22 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [10 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.15 03:17:29 | 000,001,205 | ---- | C] () -- d:\Eigene Dateien\Desktop\FixNCR.reg [2012.01.15 03:03:21 | 000,018,772 | ---- | C] () -- d:\Eigene Dateien\Desktop\Extras.zip [2012.01.15 02:57:54 | 000,000,155 | ---- | C] () -- C:\Windows\wininit.ini [2012.01.15 02:44:47 | 000,050,477 | ---- | C] () -- d:\Eigene Dateien\Desktop\Defogger.exe [2012.01.15 01:47:44 | 000,006,695 | ---- | C] () -- C:\ProgramData\b4087b46 [2012.01.15 01:47:44 | 000,006,637 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\e4d42e6 [2012.01.15 01:47:44 | 000,006,606 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\a38b6a13 [2012.01.12 20:25:26 | 000,034,324 | ---- | C] () -- d:\Eigene Dateien\Desktop\390545_2782062600262_1519118754_2802599_2090416052.jpg [2012.01.12 20:23:38 | 000,069,633 | ---- | C] () -- d:\Eigene Dateien\Desktop\388724_2782061440233_1519118754_2802598_36483764_n.jpg [2012.01.12 20:23:21 | 000,072,787 | ---- | C] () -- d:\Eigene Dateien\Desktop\390545_2782062600262_1519118754_2802599_2090416052_n.jpg [2012.01.12 09:13:45 | 000,001,679 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2012.01.12 09:13:43 | 000,001,679 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.01.12 09:13:43 | 000,001,664 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.01.12 09:13:43 | 000,001,649 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.01.06 16:17:32 | 000,000,928 | ---- | C] () -- d:\Eigene Dateien\Desktop\Porsche_Daten.fdf [2012.01.06 16:08:16 | 000,175,226 | ---- | C] () -- d:\Eigene Dateien\Desktop\Porsche.pdf [2010.06.15 23:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.04.17 19:47:13 | 000,335,872 | ---- | C] () -- C:\Windows\SetupX32.EXE [2010.03.28 14:28:25 | 000,000,466 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.03.28 13:55:51 | 000,000,030 | ---- | C] () -- C:\Windows\Iedit.INI [2010.02.16 12:20:28 | 000,042,496 | ---- | C] () -- C:\Windows\SysWow64\spwini.dll [2009.10.14 22:45:23 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009.09.24 10:07:11 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.09.24 10:06:49 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2009.09.24 10:06:25 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.08.15 12:26:40 | 000,000,600 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\winscp.rnd [2009.07.25 11:30:33 | 002,729,472 | ---- | C] () -- C:\Windows\SysWow64\fun_avcodec.dll [2009.05.24 18:52:02 | 000,003,830 | ---- | C] () -- C:\Windows\Tablet8000x6000.ini [2009.05.24 18:42:14 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\WinTab32.dll [2009.05.24 18:42:14 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lhtool.exe [2009.05.05 21:58:19 | 000,860,211 | --S- | C] () -- C:\Windows\SysWow64\XSIFtk-3.6.2.1.dll [2009.04.21 17:46:05 | 000,000,126 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin [2009.04.19 16:35:04 | 000,126,976 | ---- | C] () -- C:\Windows\gdf.dll [2009.01.27 14:43:47 | 003,600,384 | ---- | C] () -- C:\Windows\ffmpeg.exe [2009.01.27 14:43:35 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2008.12.31 12:33:42 | 000,001,100 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d8caps.dat [2008.12.27 15:13:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.12.18 00:13:48 | 000,003,584 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.12.17 10:50:02 | 000,001,356 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d9caps.dat [2008.12.16 22:53:37 | 000,035,450 | ---- | C] () -- C:\Windows\Ascd_log.ini [2008.12.16 22:53:23 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2008.12.16 22:53:23 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2008.12.16 22:53:22 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2008.12.16 22:53:22 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2008.12.16 22:49:09 | 000,035,412 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2008.12.16 22:22:08 | 000,000,092 | ---- | C] () -- C:\Windows\CMISETUP.INI [2008.12.16 22:22:08 | 000,000,026 | ---- | C] () -- C:\Windows\CMCDPLAY.INI [2008.12.16 21:40:33 | 000,004,185 | ---- | C] () -- C:\Windows\ULEAD32.INI [2008.12.16 21:31:39 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2008.12.16 21:05:32 | 000,001,460 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d9caps64.dat [2008.12.16 19:27:41 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2008.12.16 18:53:11 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2008.12.16 17:42:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008.12.16 16:19:18 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat [2008.01.21 03:48:25 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2007.12.28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2007.06.27 17:13:51 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll [2007.01.10 07:44:26 | 001,457,024 | R--- | C] () -- C:\Windows\SysWow64\SSCProt.dll [2006.11.02 16:34:20 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin ========== LOP Check ========== [2010.04.18 09:37:07 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\3Dconnexion [2008.12.23 13:02:40 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Acronis [2008.12.23 16:08:25 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Autodesk [2008.12.16 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools [2010.01.05 10:59:36 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools Lite [2008.12.16 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools Pro [2009.01.06 17:44:38 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\e-on software [2010.07.22 09:58:21 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Foxit Software [2010.11.27 09:23:06 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\FRITZ! [2011.04.30 14:01:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\GrabPro [2010.01.13 00:51:11 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\NCH Swift Sound [2011.01.27 19:56:32 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Notepad++ [2011.07.16 02:33:22 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Orbit [2010.03.13 11:22:18 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\PACE Anti-Piracy [2011.04.30 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\ProgSense [2010.06.07 20:04:04 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\SWiSH Max3 DEU [2009.04.23 18:14:50 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TeamViewer [2009.01.06 17:08:18 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Thinstall [2008.12.16 22:51:57 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TMP [2008.12.23 12:50:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TrueCrypt [2011.05.30 22:22:14 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TS3Client [2010.03.13 11:22:41 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Unity [2010.05.07 18:15:14 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\WordToPDF [2012.01.26 21:52:03 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.01.27 21:25:34 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{978E09A9-0F47-4184-8B35-D34606FD7885}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2008.12.16 21:05:49 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2010.08.18 16:46:55 | 000,000,000 | R--D | M] -- C:\32788R22FWJFW [2009.08.09 09:47:47 | 000,000,000 | ---D | M] -- C:\ATI [2009.09.28 08:24:52 | 000,000,000 | -HSD | M] -- C:\Boot [2012.01.16 17:45:57 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2006.11.02 16:39:21 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2008.12.16 21:03:42 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.04.30 13:49:36 | 000,000,000 | ---D | M] -- C:\Downloads [2010.06.25 13:01:41 | 000,000,000 | ---D | M] -- C:\FLEXLM [2008.12.16 22:49:44 | 000,000,000 | ---D | M] -- C:\Intel [2010.04.22 16:56:30 | 000,000,000 | ---D | M] -- C:\MoTemp [2008.01.21 04:03:12 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.10.17 22:23:22 | 000,000,000 | R--D | M] -- C:\Program Files [2012.01.20 14:38:19 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.01.15 01:47:44 | 000,000,000 | -H-D | M] -- C:\ProgramData [2008.12.16 21:03:42 | 000,000,000 | -HSD | M] -- C:\Programme [2010.01.23 03:45:48 | 000,000,000 | ---D | M] -- C:\SwarmCache [2012.01.28 11:08:37 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2010.01.23 15:33:19 | 000,000,000 | ---D | M] -- C:\Temp [2008.12.16 21:05:30 | 000,000,000 | R--D | M] -- C:\Users [2012.01.19 19:39:26 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: AFD.SYS > [2011.04.21 15:20:24 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=0CC146C4ADDEA45791B18B1E2659F4A9 -- C:\Windows\SysNative\drivers\afd.sys [2011.04.21 15:20:24 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=0CC146C4ADDEA45791B18B1E2659F4A9 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_35be4fb214130ed1\afd.sys [2009.04.11 06:44:24 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=12415CCFD3E7CEC55B5184E67B039FE4 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_35f2572213ec5bd2\afd.sys [2011.04.21 14:54:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=7B8E5F3A0626CA83B706F0738830845F -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_366a5ebb2d168a9d\afd.sys [2011.04.21 14:42:48 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=9BB97042FA331A0FB4BDD98B9280A50A -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_33ef7c5016dab752\afd.sys [2011.04.21 14:47:41 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=B53144D2EBB0843DD0436F5EA6953F65 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_34958b832fe3983b\afd.sys [2008.01.21 03:46:37 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=DB37041AB857ABC7E179E856D8E1582C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_3406de1616ca9086\afd.sys < MD5 for: EXPLORER.EXE > [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe [2008.10.29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe [2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe [2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe [2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe [2008.10.28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe [2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe [2008.10.30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe [2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe [2008.01.21 03:47:02 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe [2008.01.21 03:47:42 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe < MD5 for: REGEDIT.EXE > [2008.01.21 03:48:09 | 000,161,792 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe [2008.01.21 03:48:50 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\SysWOW64\regedit.exe [2008.01.21 03:48:50 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_5aa1fb3ac896d9c8\regedit.exe [2008.01.21 03:48:09 | 000,161,792 | ---- | M] (Microsoft Corporation) MD5=5DFBCE56E689D90AE9E2FB278F80058E -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe < MD5 for: USERINIT.EXE > [2008.01.21 03:48:55 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe [2008.01.21 03:48:55 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2008.01.21 03:48:04 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe [2008.01.21 03:48:04 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 03:46:19 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe [2008.01.21 03:46:19 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2008.01.21 03:48:42 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe [2008.01.21 03:48:42 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe [2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008.01.21 03:48:05 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.01.21 03:48:57 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < > < End of report > Code:
ATTFilter
Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Samstag, 28. Januar 2012 08:12
Es wird nach 3323985 Virenstämmen gesucht.
Lizenznehmer : Avira Free Antivirus
Seriennummer : XXXXXXXXXXXXXXXXXXXX
Plattform : Windows Vista 64 Bit
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : MAXMUSTERMANN
Computername : MAXMUSTERMANN
Versionsinformationen:
BUILD.DAT : 9.0.0.429 21701 Bytes 06.10.2010 09:59:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 19.11.2009 15:47:37
AVSCAN.DLL : 9.0.3.0 49409 Bytes 13.02.2009 11:04:10
LUKE.DLL : 9.0.3.2 209665 Bytes 20.02.2009 10:35:44
LUKERES.DLL : 9.0.2.0 13569 Bytes 26.01.2009 09:41:59
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 15:47:37
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 17:03:18
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 17:41:43
VBASE003.VDF : 7.11.19.171 2048 Bytes 20.12.2011 17:41:43
VBASE004.VDF : 7.11.19.172 2048 Bytes 20.12.2011 17:41:43
VBASE005.VDF : 7.11.19.173 2048 Bytes 20.12.2011 17:41:43
VBASE006.VDF : 7.11.19.174 2048 Bytes 20.12.2011 17:41:44
VBASE007.VDF : 7.11.19.175 2048 Bytes 20.12.2011 17:41:44
VBASE008.VDF : 7.11.19.176 2048 Bytes 20.12.2011 17:41:44
VBASE009.VDF : 7.11.19.177 2048 Bytes 20.12.2011 17:41:44
VBASE010.VDF : 7.11.19.178 2048 Bytes 20.12.2011 17:41:44
VBASE011.VDF : 7.11.19.179 2048 Bytes 20.12.2011 17:41:44
VBASE012.VDF : 7.11.19.180 2048 Bytes 20.12.2011 17:41:44
VBASE013.VDF : 7.11.19.217 182784 Bytes 22.12.2011 16:33:05
VBASE014.VDF : 7.11.19.255 148480 Bytes 24.12.2011 11:23:42
VBASE015.VDF : 7.11.20.29 164352 Bytes 27.12.2011 08:58:53
VBASE016.VDF : 7.11.20.70 180224 Bytes 29.12.2011 09:15:46
VBASE017.VDF : 7.11.20.102 240640 Bytes 02.01.2012 20:22:19
VBASE018.VDF : 7.11.20.139 164864 Bytes 04.01.2012 20:22:20
VBASE019.VDF : 7.11.20.178 167424 Bytes 06.01.2012 14:40:37
VBASE020.VDF : 7.11.20.207 230400 Bytes 10.01.2012 16:06:31
VBASE021.VDF : 7.11.20.236 150528 Bytes 11.01.2012 08:08:29
VBASE022.VDF : 7.11.21.13 135168 Bytes 13.01.2012 16:06:18
VBASE023.VDF : 7.11.21.40 163840 Bytes 16.01.2012 16:48:36
VBASE024.VDF : 7.11.21.65 1001472 Bytes 17.01.2012 17:12:47
VBASE025.VDF : 7.11.21.98 487424 Bytes 19.01.2012 17:12:32
VBASE026.VDF : 7.11.21.156 1010688 Bytes 25.01.2012 19:30:44
VBASE027.VDF : 7.11.21.176 600576 Bytes 26.01.2012 19:30:08
VBASE028.VDF : 7.11.21.177 2048 Bytes 26.01.2012 19:30:08
VBASE029.VDF : 7.11.21.178 2048 Bytes 26.01.2012 19:30:08
VBASE030.VDF : 7.11.21.179 2048 Bytes 26.01.2012 19:30:08
VBASE031.VDF : 7.11.21.198 142848 Bytes 27.01.2012 19:31:17
Engineversion : 8.2.8.44
AEVDF.DLL : 8.1.2.2 106868 Bytes 29.10.2011 06:04:25
AESCRIPT.DLL : 8.1.4.2 434553 Bytes 27.01.2012 19:32:33
AESCN.DLL : 8.1.8.2 131444 Bytes 27.01.2012 19:32:28
AESBX.DLL : 8.2.4.5 434549 Bytes 02.12.2011 18:19:21
AERDL.DLL : 8.1.9.15 639348 Bytes 09.09.2011 16:48:09
AEPACK.DLL : 8.2.16.2 799095 Bytes 27.01.2012 19:32:25
AEOFFICE.DLL : 8.1.2.25 201084 Bytes 30.12.2011 09:15:53
AEHEUR.DLL : 8.1.3.23 4333943 Bytes 27.01.2012 19:32:13
AEHELP.DLL : 8.1.19.0 254327 Bytes 20.01.2012 13:45:29
AEGEN.DLL : 8.1.5.18 409973 Bytes 27.01.2012 19:31:24
AEEMU.DLL : 8.1.3.0 393589 Bytes 22.11.2010 17:45:27
AECORE.DLL : 8.1.25.3 201079 Bytes 27.01.2012 19:31:20
AEBB.DLL : 8.1.1.0 53618 Bytes 23.04.2010 15:36:52
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12.12.2008 07:47:56
AVPREF.DLL : 9.0.3.0 44289 Bytes 08.09.2009 19:38:15
AVREP.DLL : 10.0.0.9 174120 Bytes 04.03.2011 17:44:56
AVREG.DLL : 9.0.0.0 36609 Bytes 07.11.2008 14:25:04
AVARKT.DLL : 9.0.0.3 292609 Bytes 24.03.2009 14:05:37
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30.01.2009 09:37:04
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28.01.2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02.02.2009 07:21:28
NETNT.DLL : 9.0.0.0 11521 Bytes 07.11.2008 14:41:21
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 30.07.2009 20:48:38
RCTEXT.DLL : 9.0.73.0 87297 Bytes 19.11.2009 15:47:37
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: reparieren
Sekundäre Aktion......................: quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, G:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: mittel
Beginn des Suchlaufs: Samstag, 28. Januar 2012 08:12
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Treiber konnte nicht initialisiert werden.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'smax4pnp.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrueImageMonitor.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TimounterMonitor.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wlcomm.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WmiPrvSE.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'AiNap.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SoundTray.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsShare.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FwebProt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'StCenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeaTimer.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'msnmsgr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'schedhlp.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSASCui.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsCmd.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SixEngine.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'explorer.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'aaCenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WTClient.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVCM.EXE' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWinSec.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WTSrv.exe' - '1' Modul(e) wurden durchsucht
Modul ist OK -> 'C:\Windows\System32\Drivers\WTSRV.EXE'
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'IGDCTRL.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'hamachi-2.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'DCPFLICS.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdskScSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AEADISRV.EXE' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'schedul2.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'audiodg.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '0' Modul(e) wurden durchsucht
Es wurden '31' Prozesse mit '31' Modulen durchsucht
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'G:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '46' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <System>
Beginne mit der Suche in 'D:\' <Daten>
D:\pagefile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
[HINWEIS] Bei dieser Datei handelt es sich um eine Windows Systemdatei.
[HINWEIS] Es ist in Ordnung, dass diese Datei für die Suche nicht geöffnet werden kann.
D:\Download\FumeFX.rar
[0] Archivtyp: RAR
--> FumeFX 1.2d Trial for 3dsmax2009\install.exe
[FUND] Ist das Trojanische Pferd TR/Minggy.3.30
--> FumeFX 1.2d Trial for 3dsmax2010\install.exe
[FUND] Ist das Trojanische Pferd TR/Minggy.3.30
--> FumeFX 1.2d Trial for 3dsmax2008\install.exe
[FUND] Ist das Trojanische Pferd TR/Minggy.3.30
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4f90af49.qua' verschoben!
D:\Download\R4V1.5.7z.001
[WARNUNG] Die Datei konnte nicht gelesen werden!
D:\Download\Vol_31_-_Bitki.part02.rar
[0] Archivtyp: RAR
--> Vol 31 - Bitki\024.max
[WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen.
[WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen.
D:\Download\PLUGINS\LUMONIX_PUPPETSHOT_TRIALV3.41.rar
[0] Archivtyp: RAR
--> LUMONIX_PUPPETSHOT_TRIALV3.41\ps341.zip
[1] Archivtyp: ZIP
--> puppet341.rar
[2] Archivtyp: RAR
--> LPSHOP_install.exe
[FUND] Ist das Trojanische Pferd TR/Offend.6866684
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4f70b561.qua' verschoben!
Beginne mit der Suche in 'G:\' <Daten II>
Ende des Suchlaufs: Samstag, 28. Januar 2012 10:44
Benötigte Zeit: 2:32:03 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
53819 Verzeichnisse wurden überprüft
1655304 Dateien wurden geprüft
4 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
2 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
2 Dateien konnten nicht durchsucht werden
1655298 Dateien ohne Befall
13978 Archive wurden durchsucht
5 Warnungen
3 Hinweise
Bitte um Hilfe, ich danke vielmals im Voraus. Wünsche euch ein schönes Wochenende |
|
29.01.2012, 19:55
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30Zitat:
__________________ |
|
30.01.2012, 17:32
| #3 |
| | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Hallo,
__________________Code:
ATTFilter --> FumeFX 1.2d Trial for 3dsmax2009\install.exe
Code:
ATTFilter --> D:\Download\R4V1.5.7z.001
Code:
ATTFilter --> D:\Download\PLUGINS\LUMONIX_PUPPETSHOT_TRIALV3.41.rar
|
|
30.01.2012, 21:55
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.02.2012, 05:35
| #5 |
| | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 malware scan Code:
ATTFilter Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.30.04 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 7.0.6002.18005 MAXMUSTERMANN :: MAXMUSTERMANN [Administrator] 30.01.2012 22:08:28 mbam-log-2012-01-31 (05-35-46).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 628635 Laufzeit: 1 Stunde(n), 50 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Program Files (x86)\gs\gs7.04\bin\gswin32.exe (Trojan.Agent) -> Keine Aktion durchgeführt. C:\Program Files (x86)\gs\gs7.04\bin\gswin32c.exe (Trojan.Agent) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1ffe0d4d0abf1f4f84bdb1dd51b5db24
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-01 12:26:15
# local_time=2012-02-01 01:26:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 100 211994 103548342 77606 0
# compatibility_mode=5892 16776573 100 56 4218 165557059 0 0
# compatibility_mode=8192 67108863 100 0 3717 3717 0 0
# scanned=456956
# found=0
# cleaned=0
# scan_time=22939
|
|
01.02.2012, 09:02
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30Zitat:
__________________ --> Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 |
|
01.02.2012, 18:49
| #7 |
| | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Hallo, guten Abend ich habe es damals gebraucht (das war dann die aktuellste Version) seitdem aber nicht mehr angefasst. Sollte ich das aufjedenfall upgraden? welche weiteren Schritte schlagen Sie vor? Vielen Dank im Voraus. |
|
02.02.2012, 13:25
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Ja upgraden wär nicht schlecht, aber später Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.02.2012, 08:32
| #9 |
| | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Guten Morgen. Hier ist das Ergebnis des Scans Code:
ATTFilter OTL logfile created on: 05.02.2012 08:09:33 - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = D:\Eigene Dateien\Desktop 64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 50,65% Memory free 4,12 Gb Paging File | 1,76 Gb Available in Paging File | 42,73% Paging File free Paging file location(s): d:\pagefile.sys 200 6141 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 46,58 Gb Total Space | 1,04 Gb Free Space | 2,24% Space Free | Partition Type: NTFS Drive D: | 419,18 Gb Total Space | 14,58 Gb Free Space | 3,48% Space Free | Partition Type: NTFS Drive G: | 465,76 Gb Total Space | 179,30 Gb Free Space | 38,50% Space Free | Partition Type: NTFS Computer Name: MAXMUSTERMANN-PC | User Name: MAXMUSTERMANN | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - D:\Eigene Dateien\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe () PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) PRC - C:\Program Files (x86)\ASUS\Six Engine\SixEngine.exe () PRC - C:\Programme\ASUS\Ai Suite\AiNap\AiNap.exe () PRC - C:\Program Files (x86)\ASUS\AASP\1.00.63\aaCenter.exe () PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) PRC - C:\Program Files (x86)\ASUS\AI Direct Link\AsShare.exe () PRC - C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe () PRC - C:\Program Files (x86)\FRITZ!DSL\StCenter.exe (AVM Berlin) PRC - C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe (AVM Berlin) PRC - C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) PRC - C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe () PRC - C:\Windows\SysWOW64\WTClient.exe (Tablet Driver) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Windows\SysWOW64\WinTab32.dll () MOD - C:\Program Files (x86)\ASUS\Six Engine\SixEngine.exe () MOD - C:\Programme\ASUS\Ai Suite\AiNap\AiNap.exe () MOD - C:\Program Files (x86)\ASUS\AASP\1.00.63\aaCenter.exe () MOD - C:\Program Files (x86)\ASUS\Six Engine\AsSpindownTimeout.dll () MOD - C:\Programme\ASUS\Ai Suite\AiNap\AiNap.dll () MOD - C:\Program Files (x86)\ASUS\AASP\1.00.63\cpuutil.dll () MOD - C:\Program Files (x86)\ASUS\AI Direct Link\AsShare.exe () MOD - C:\Program Files (x86)\ASUS\AI Direct Link\AsNetlib.dll () MOD - C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe () MOD - C:\Programme\ASUS\Ai Suite\AiNap\vvc.dll () MOD - C:\Windows\SysWOW64\AsIO.dll () MOD - C:\Program Files (x86)\ASUS\AASP\1.00.63\PowerDll.dll () MOD - C:\Program Files (x86)\ASUS\Six Engine\pngio.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (mi-raysat_3dsmax2010_64) -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe () SRV:64bit: - (WinTabService) -- C:\Windows\SysNative\Drivers\WTSRV.EXE (Tablet Driver) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (Autodesk Licensing Service) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (DCPFLICS) -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe () SRV - (IGDCTRL) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) ========== Driver Services (SafeList) ========== DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\DRIVERS\VBoxNetAdp.sys (Sun Microsystems, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\DRIVERS\AF15BDA.sys (AfaTech ) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (tdrpman147) Acronis Try&Decide and Restore Points filter (build 147) -- C:\Windows\SysNative\DRIVERS\tdrpm147.sys (Acronis) DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis) DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis) DRV:64bit: - (snapman380) Acronis Snapshots Manager (Build 380) -- C:\Windows\SysNative\DRIVERS\snman380.sys (Acronis) DRV:64bit: - (UCTblHid) -- C:\Windows\SysNative\DRIVERS\UCTblHid.sys (Tablet Driver) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\DRIVERS\mv61xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell) DRV:64bit: - (PTSimBus) -- C:\Windows\SysNative\DRIVERS\PTSimBus.sys (PenTablet Driver) DRV:64bit: - (camfilt2) -- C:\Windows\SysNative\Drivers\camfilt2.sys (Guillemot Corporation) DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys () DRV:64bit: - (PTSimHid) -- C:\Windows\SysNative\DRIVERS\PTSimHid.sys (PenTablet Driver) DRV:64bit: - (TClass2k) -- C:\Windows\SysNative\DRIVERS\TClass2k.sys (Tablet Driver) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (Hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://facebook.com/" FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.6 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\MAXMUSTERMANN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.01 18:47:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.15 11:19:45 | 000,000,000 | ---D | M] [2008.12.16 17:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\mozilla\Extensions [2012.02.01 19:24:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\mozilla\Firefox\Profiles\htm99lj7.default\extensions [2012.02.01 18:47:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\MAXMUSTERMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HTM99LJ7.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI () (No name found) -- C:\USERS\MAXMUSTERMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HTM99LJ7.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI [2012.02.01 18:47:15 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2009.12.21 06:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.01.11 08:58:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.11 08:58:04 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.01.11 08:58:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.01.11 08:58:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.11 08:58:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.11 08:58:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2011.09.10 00:50:13 | 000,438,235 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15075 more lines... O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [C-Media Speaker Configuration] D:\Download\nightingale_vista32_drv\nightingale\vista32\Setup.exe /SPEAKER File not found O4 - HKLM..\Run: [Cpu Level Up help] C:\Programme\ASUS\Ai Suite\CpuLevelUpHelp.exe () O4 - HKLM..\Run: [Launch As Cmd Runner] C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe () O4 - HKLM..\Run: [Launch Direct Link] C:\Program Files (x86)\ASUS\AI Direct Link\AsShare.exe () O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe () O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) O4 - HKLM..\Run: [SpybotSnD] C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited) O4 - HKLM..\Run: [StartCCC] D:\CCC\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe (AVM Berlin) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range37 ([*] in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range38 ([http] in Vertrauenswürdige Sites) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://192.168.178.83/codebase/DVM_IPCam2.ocx (DVM_IPCam2 Control) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC40F562-54FB-432B-82B8-3DBCDF6A1368}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\Shell - "" = AutoRun O33 - MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\Shell\AutoRun\command - "" = F:\MI.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start 3DxWare.lnk - C:\Programme\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe - (3Dconnexion, INC) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk - C:\PROGRA~2\WinZip\WZQKPICK.EXE - (WinZip Computing, S.L.) MsConfig:64bit - StartUpFolder: C:^Users^MAXMUSTERMANN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Warkeys Update.lnk - - File not found MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: CamserviceDP - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - File not found MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - File not found MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig:64bit - StartUpReg: Messenger (Yahoo!) - hkey= - key= - File not found MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - D:\Quicktime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: Steam - hkey= - key= - File not found MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - File not found MsConfig:64bit - StartUpReg: WTClient - hkey= - key= - C:\Windows\SysWow64\WTClient.exe (Tablet Driver) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PEVSystemStart - Service SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: procexp90.Sys - Driver SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PEVSystemStart - Service SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: procexp90.Sys - Driver SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: WudfPf - Driver SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {0F3D411D-E3CD-391D-67AA-1A1773E923BF} - Themes Setup ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {33672187-3497-0A1E-B45C-D58E68672255} - Microsoft Windows Media Player ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {81E0F555-48A4-BBE8-7C73-D4917A8D760F} - Browser Customizations ActiveX:64bit: {845D8F83-D803-3070-79A0-98EB9782E556} - Internet Explorer ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {975339DF-08D6-BFC3-B51A-8D9680496A65} - Browser Customizations ActiveX:64bit: {BBF6E2C1-691B-5EFA-49F4-69D1E2ADA09E} - Themes Setup ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX:64bit: {DA4F6A32-B40F-79AD-C874-797934375EF6} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: {089500F8-A5FA-84C6-7573-9C77AEB82653} - Microsoft Windows Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {11471407-9E94-AB01-6C96-FDB44176CE82} - Internet Explorer ActiveX: {22BE1965-362C-8DCE-4609-40A3B833161B} - Internet Explorer ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {29A7CABD-DE6E-3F2B-D47C-D40718F4CA26} - Microsoft Windows Media Player ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {51D1E6E2-486F-B6EF-1A95-19433B8D310F} - Java (Sun) ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8B3EDE41-AED6-9C42-B4B4-A689EF1585DE} - Microsoft Windows Media Player ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9DC970B9-2D0A-3604-3746-836513687F4D} - Themes Setup ActiveX: {A767363E-F147-CE43-E5BF-925228848EAF} - DirectX ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (hxxp://www.mp3dev.org/) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation) Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.02.05 08:08:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- d:\Eigene Dateien\Desktop\OTL.exe [2012.02.05 08:07:56 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{0A6AA7A7-F7D7-472D-9CAA-7000CB5FFC29} [2012.02.05 08:07:21 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D9B2CB79-54EF-4D37-8086-773F001CD863} [2012.02.03 16:41:51 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D9B5444A-96F6-4BA7-B41A-7CFADD69F1C2} [2012.02.03 16:41:16 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{21BD26A9-73E2-4709-AB47-860AD863FF4C} [2012.02.02 17:04:01 | 000,000,000 | ---D | C] -- d:\Eigene Dateien\Desktop\Rungholt [2012.02.02 16:01:18 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{14A60983-EF2F-4E01-8F22-EE7928D6BE9A} [2012.02.02 16:00:45 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DE68DCDC-56A4-45A3-894C-5C88D1B6C9C9} [2012.02.01 18:48:31 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{827EAFD0-E231-45CE-B3C9-184AAE59460C} [2012.02.01 18:47:59 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{11C76F3E-9CA2-49B9-A7C5-09E641C9F5D3} [2012.01.31 19:01:06 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{5A7EFBE3-5E56-4881-8562-D589F4C1C7A1} [2012.01.31 19:00:51 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{1D5FCFE8-96B2-49F5-9866-9E47ABFAD494} [2012.01.30 17:18:31 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{66EDA744-5AA6-4E95-98B0-7D41A80FDCE5} [2012.01.30 17:17:56 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DD31F6CF-6CBA-44B4-A711-08398903597C} [2012.01.29 21:14:27 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{5B6764AA-CA89-472D-B924-E0EB244A0200} [2012.01.29 21:13:53 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{169C8D47-B06D-4456-ABB3-738CB53E1E99} [2012.01.29 09:13:41 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{16DEBCEE-961A-419F-9F2E-B5FFD479472D} [2012.01.29 09:13:07 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{F627DD01-0256-4A86-9C3D-D7567F71EAB1} [2012.01.28 16:11:34 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{89A9D715-5F49-4371-9114-F5718B730799} [2012.01.28 16:11:01 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{5A3F7A38-A60A-4C6D-BB66-3ABA9BFEAC87} [2012.01.28 04:10:13 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{4961CA44-647E-4E68-8359-EB396DC91C8F} [2012.01.28 04:10:03 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E5A9C003-C1FD-4811-8D56-3ED159F6662A} [2012.01.27 16:09:48 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{99408346-17FC-42F6-B25A-2CC1C103BA32} [2012.01.27 16:09:13 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{93824692-F293-4B39-B8D8-6C324B3E538F} [2012.01.26 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{5391DC52-9F13-47E8-B39C-420C4E9FF306} [2012.01.26 19:08:44 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C170F35B-BF7B-4719-ABB9-2D5B56DCEE49} [2012.01.25 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{0B387339-13FE-4A10-9981-61254108EFFF} [2012.01.25 17:49:07 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3320290F-F0B1-4736-A160-E8C9CD79EA60} [2012.01.24 11:18:14 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E3A2D356-ADEB-4902-8FFC-3877F517227A} [2012.01.24 11:17:40 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{00127FC0-DF64-4057-8C76-82297127E747} [2012.01.23 23:17:15 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{4FDA74B0-920E-4055-BE4A-3438D44E9822} [2012.01.23 23:16:41 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{AF966B51-3092-4918-BFB5-8AC4AF71FC60} [2012.01.23 11:16:16 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C4D0A299-E3D5-426C-BD9F-2293E60224E8} [2012.01.23 11:15:39 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{323A2C74-0B7A-4E15-AC36-92FD6FAEBB53} [2012.01.22 23:15:12 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D7CE88C3-3BF2-4521-8E1D-98C08347FF74} [2012.01.22 23:14:38 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{14B953CB-62F6-4752-ADFF-749C273F761B} [2012.01.22 11:14:26 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C928C74D-8E4E-4D86-ACAB-87D64ED6A0E8} [2012.01.22 11:13:53 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{A049E8A8-DED2-4478-8E1C-044BDD85977D} [2012.01.21 10:07:28 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{622EF95D-8C1E-4BF5-96E6-743996CC1D03} [2012.01.21 10:06:52 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3ABD30EC-2748-4208-AD26-D65757371B69} [2012.01.20 17:05:27 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{06DF64C8-434A-477F-AABB-D564BAD6117B} [2012.01.20 17:04:52 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C9178B52-BA88-4B44-94CD-122AFFBB2EB3} [2012.01.20 05:04:24 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{60288773-5F52-440A-B887-EA073E9C0BC9} [2012.01.20 05:03:51 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{A239DFC5-D70C-4272-A799-0B0B4975F6F9} [2012.01.19 17:03:27 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{70CDEB3B-5B63-45A4-BD24-897DA2E28328} [2012.01.19 17:02:53 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C11B45C4-88D9-46C9-B364-D203CD8413D6} [2012.01.18 16:53:12 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DF0F3529-EFD1-4D01-AF51-C72C33ECAC81} [2012.01.18 16:52:38 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{1055D3BE-8192-4007-BC00-F77251F3FBCB} [2012.01.17 18:21:20 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{FB31DC49-D01B-4204-BAFD-4DE294D3C7CB} [2012.01.17 18:20:45 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E90366DE-C3D5-416A-B989-B04FD50B0F0A} [2012.01.16 17:52:14 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{FCB34620-F9B3-4846-B07F-D36588F70897} [2012.01.16 17:51:45 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{8BBA7174-BD85-4607-ACF7-2342A9090D91} [2012.01.15 11:26:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.01.15 11:15:37 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E9076F2B-9C52-40DE-8296-3FB95F7A2A17} [2012.01.15 11:15:02 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{90FBD97E-9C25-47BD-A5C9-3D25D2DE444A} [2012.01.14 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{EA32AC92-CD08-4789-8053-5D15D8906A82} [2012.01.14 22:51:00 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{C29600CB-84B2-4390-BC51-3B8F78EA5E09} [2012.01.14 10:50:48 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{E3DB4485-187E-422B-BD3D-539DE7558B9C} [2012.01.14 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3CAE1F38-0F03-4214-ACE7-EFED8231AC99} [2012.01.13 22:49:49 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{53E44D42-CA46-42D3-AB4A-826F4BD684E3} [2012.01.13 22:49:15 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{60BF75DB-7C3F-4FD1-9B3F-F71233449555} [2012.01.13 10:49:03 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{1E0DBECA-6148-485B-932B-0F51DD35ACD8} [2012.01.13 10:48:31 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{24CBAEDF-60FF-4028-9FE3-1967C4FDF93B} [2012.01.12 22:48:04 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{2A0F829A-B204-4720-AA8C-5907E0BA4B06} [2012.01.12 22:47:10 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{64A2494C-0044-49E9-A0DE-93E10C9055BF} [2012.01.12 10:46:56 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{650BDF14-DB92-4326-96B1-75E0BD056AE4} [2012.01.12 10:46:21 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{76D9438E-EC0A-49B0-A561-68BFD580C69B} [2012.01.12 09:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2012.01.11 22:45:54 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{1480D2EE-CBE6-431E-9013-3BB039315BE3} [2012.01.11 22:45:20 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{3F6247BB-7925-4446-8092-0792E440475A} [2012.01.11 10:45:08 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{0B54546D-952C-48A2-87F6-7E1BADD463C1} [2012.01.11 10:44:34 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{96B6AEBB-36E1-4BA7-8620-E6B5C2CF90E5} [2012.01.10 22:44:09 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{B45C6B0D-9185-432D-80B7-631E62D13944} [2012.01.10 22:43:35 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D375A42F-EDE9-47E0-A449-9B2D42D441D9} [2012.01.10 10:43:20 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{662C4810-428B-4BB3-9AD6-718071B61066} [2012.01.10 10:42:46 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{70071163-D2A3-47FA-8443-9DBAFD3EC8DA} [2012.01.09 22:42:19 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{D85471DA-AC97-4960-B824-FFC4B11D76F6} [2012.01.09 22:41:46 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{7293E0B6-D55E-4034-BEA9-D4651C0607B7} [2012.01.09 10:41:33 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{F5283861-3209-45B8-A57D-8CC2EF4EF494} [2012.01.09 10:41:00 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{B59A345C-ECDC-4DB7-B1D6-C5470168C28B} [2012.01.08 15:42:34 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{DF592C24-12AF-4300-9501-B0D92C183E34} [2012.01.08 15:42:00 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{BE2A6CD9-4F73-4B77-B47A-949F6A0B41D6} [2012.01.06 16:08:24 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{405C5412-9605-4501-B881-37363FAF0864} [2012.01.06 16:08:11 | 000,000,000 | ---D | C] -- C:\Users\MAXMUSTERMANN\AppData\Local\{200B54CE-D8C6-4D66-94DD-AB89376346CC} [2009.01.27 14:43:35 | 000,167,936 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll [22 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [10 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.05 08:10:24 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{978E09A9-0F47-4184-8B35-D34606FD7885}.job [2012.02.05 08:09:52 | 014,764,244 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.02.05 08:09:52 | 004,956,654 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.02.05 08:09:52 | 004,288,664 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.02.05 08:09:51 | 004,699,882 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.02.05 08:09:51 | 000,005,604 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.02.05 08:08:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- d:\Eigene Dateien\Desktop\OTL.exe [2012.02.05 08:03:18 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.05 08:03:18 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.05 08:03:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.30 22:25:35 | 000,019,968 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.29 20:47:34 | 000,034,070 | ---- | M] () -- C:\Users\MAXMUSTERMANN\.TransferManager.db [2012.01.18 19:03:06 | 000,000,840 | ---- | M] () -- C:\Users\MAXMUSTERMANN\SciTE.session [2012.01.15 11:17:34 | 000,001,356 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d9caps.dat [2012.01.15 03:12:31 | 000,000,155 | ---- | M] () -- C:\Windows\wininit.ini [2012.01.15 03:03:21 | 000,018,772 | ---- | M] () -- d:\Eigene Dateien\Desktop\Extras.zip [2012.01.15 02:26:38 | 000,006,637 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\e4d42e6 [2012.01.15 02:26:38 | 000,006,606 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Local\a38b6a13 [2012.01.15 02:26:37 | 000,006,695 | ---- | M] () -- C:\ProgramData\b4087b46 [22 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [10 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.29 20:47:34 | 000,034,070 | ---- | C] () -- C:\Users\MAXMUSTERMANN\.TransferManager.db [2012.01.15 03:03:21 | 000,018,772 | ---- | C] () -- d:\Eigene Dateien\Desktop\Extras.zip [2012.01.15 02:57:54 | 000,000,155 | ---- | C] () -- C:\Windows\wininit.ini [2012.01.15 01:47:44 | 000,006,695 | ---- | C] () -- C:\ProgramData\b4087b46 [2012.01.15 01:47:44 | 000,006,637 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\e4d42e6 [2012.01.15 01:47:44 | 000,006,606 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\a38b6a13 [2010.06.15 23:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.04.17 19:47:13 | 000,335,872 | ---- | C] () -- C:\Windows\SetupX32.EXE [2010.03.28 14:28:25 | 000,000,466 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.03.28 13:55:51 | 000,000,030 | ---- | C] () -- C:\Windows\Iedit.INI [2010.02.16 12:20:28 | 000,042,496 | ---- | C] () -- C:\Windows\SysWow64\spwini.dll [2009.10.14 22:45:23 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009.09.24 10:07:11 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.09.24 10:06:49 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2009.09.24 10:06:25 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.08.15 12:26:40 | 000,000,600 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\winscp.rnd [2009.07.25 11:30:33 | 002,729,472 | ---- | C] () -- C:\Windows\SysWow64\fun_avcodec.dll [2009.05.24 18:52:02 | 000,003,830 | ---- | C] () -- C:\Windows\Tablet8000x6000.ini [2009.05.24 18:42:14 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\WinTab32.dll [2009.05.24 18:42:14 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lhtool.exe [2009.05.05 21:58:19 | 000,860,211 | --S- | C] () -- C:\Windows\SysWow64\XSIFtk-3.6.2.1.dll [2009.04.21 17:46:05 | 000,000,126 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin [2009.04.19 16:35:04 | 000,126,976 | ---- | C] () -- C:\Windows\gdf.dll [2009.01.27 14:43:47 | 003,600,384 | ---- | C] () -- C:\Windows\ffmpeg.exe [2009.01.27 14:43:35 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2008.12.31 12:33:42 | 000,001,100 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d8caps.dat [2008.12.27 15:13:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.12.18 00:13:48 | 000,019,968 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.12.17 10:50:02 | 000,001,356 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d9caps.dat [2008.12.16 22:53:37 | 000,035,450 | ---- | C] () -- C:\Windows\Ascd_log.ini [2008.12.16 22:53:23 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2008.12.16 22:53:23 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2008.12.16 22:53:22 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2008.12.16 22:53:22 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2008.12.16 22:49:09 | 000,035,412 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2008.12.16 22:22:08 | 000,000,092 | ---- | C] () -- C:\Windows\CMISETUP.INI [2008.12.16 22:22:08 | 000,000,026 | ---- | C] () -- C:\Windows\CMCDPLAY.INI [2008.12.16 21:40:33 | 000,004,185 | ---- | C] () -- C:\Windows\ULEAD32.INI [2008.12.16 21:31:39 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2008.12.16 21:05:32 | 000,001,460 | ---- | C] () -- C:\Users\MAXMUSTERMANN\AppData\Local\d3d9caps64.dat [2008.12.16 19:27:41 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2008.12.16 18:53:11 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2008.12.16 17:42:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008.12.16 16:19:18 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat [2008.01.21 03:48:25 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2007.12.28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2007.06.27 17:13:51 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll [2007.01.10 07:44:26 | 001,457,024 | R--- | C] () -- C:\Windows\SysWow64\SSCProt.dll [2006.11.02 16:34:20 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin ========== LOP Check ========== [2010.04.18 09:37:07 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\3Dconnexion [2008.12.23 13:02:40 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Acronis [2008.12.23 16:08:25 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Autodesk [2008.12.16 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools [2010.01.05 10:59:36 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools Lite [2008.12.16 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools Pro [2009.01.06 17:44:38 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\e-on software [2010.07.22 09:58:21 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Foxit Software [2010.11.27 09:23:06 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\FRITZ! [2011.04.30 14:01:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\GrabPro [2010.01.13 00:51:11 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\NCH Swift Sound [2011.01.27 19:56:32 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Notepad++ [2011.07.16 02:33:22 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Orbit [2010.03.13 11:22:18 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\PACE Anti-Piracy [2011.04.30 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\ProgSense [2010.06.07 20:04:04 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\SWiSH Max3 DEU [2009.04.23 18:14:50 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TeamViewer [2009.01.06 17:08:18 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Thinstall [2008.12.16 22:51:57 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TMP [2008.12.23 12:50:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TrueCrypt [2011.05.30 22:22:14 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TS3Client [2010.03.13 11:22:41 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Unity [2010.05.07 18:15:14 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\WordToPDF [2012.02.03 17:36:35 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.02.05 08:10:24 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{978E09A9-0F47-4184-8B35-D34606FD7885}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.04.18 09:37:07 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\3Dconnexion [2008.12.23 13:02:40 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Acronis [2012.01.06 16:16:00 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Adobe [2009.10.05 17:21:25 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Apple Computer [2008.12.16 17:43:38 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\ATI [2008.12.23 16:08:25 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Autodesk [2008.12.16 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools [2010.01.05 10:59:36 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools Lite [2008.12.16 18:29:16 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DAEMON Tools Pro [2010.05.03 16:42:09 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\DivX [2011.10.31 18:44:31 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\dvdcss [2009.01.06 17:44:38 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\e-on software [2010.07.22 09:58:21 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Foxit Software [2010.11.27 09:23:06 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\FRITZ! [2011.04.30 14:01:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\GrabPro [2010.01.23 15:53:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Hamachi [2008.12.16 21:05:37 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Identities [2008.12.16 22:50:57 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\InstallShield [2008.12.16 17:52:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Macromedia [2010.07.16 18:49:01 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Malwarebytes [2009.01.22 20:37:07 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Media Player Classic [2012.01.06 16:16:00 | 000,000,000 | --SD | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft [2008.12.16 17:52:03 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Mozilla [2010.01.13 00:51:44 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\NCH Software [2010.01.13 00:51:11 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\NCH Swift Sound [2009.06.06 15:54:49 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Nero [2011.01.27 19:56:32 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Notepad++ [2011.07.16 02:33:22 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Orbit [2010.03.13 11:22:18 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\PACE Anti-Piracy [2011.04.30 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\ProgSense [2009.01.22 20:37:56 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Real [2012.01.28 19:25:46 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Skype [2011.10.31 19:45:33 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\skypePM [2010.06.07 20:04:04 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\SWiSH Max3 DEU [2010.06.29 14:14:21 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\teamspeak2 [2009.04.23 18:14:50 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TeamViewer [2009.01.06 17:08:18 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Thinstall [2008.12.16 22:51:57 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TMP [2008.12.23 12:50:39 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TrueCrypt [2011.05.30 22:22:14 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\TS3Client [2009.03.29 19:42:11 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\U3 [2010.03.13 11:22:41 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Unity [2010.03.10 21:35:51 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Ventrilo [2008.12.31 13:48:54 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\vlc [2010.01.04 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Winamp [2010.03.28 11:54:18 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\WinRAR [2010.05.07 18:15:14 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\WordToPDF [2010.02.11 02:01:40 | 000,000,000 | ---D | M] -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Yahoo! < %APPDATA%\*.exe /s > [2009.04.16 17:50:24 | 000,010,134 | R--- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Installer\{6084D038-3401-4C9D-A216-86E6EEA25AFB}\ARPPRODUCTICON.exe [2009.04.16 17:49:20 | 000,008,854 | R--- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Installer\{6084D038-3401-4C9D-A216-86E6EEA25AFB}\UNINST_Uninstall_Z_6084D03834014C9DA21686E6EEA25AFB.exe [2009.04.16 17:50:24 | 000,008,854 | R--- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Installer\{6084D038-3401-4C9D-A216-86E6EEA25AFB}\UNINST_Uninstall_Z_9FB06B5081B842C4B398D85CD33F7F86.exe [2009.04.16 17:50:24 | 000,069,632 | R--- | M] (Macrovision Corporation) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Installer\{6084D038-3401-4C9D-A216-86E6EEA25AFB}\ZBrush3.exe1_6084D03834014C9DA21686E6EEA25AFB.exe [2009.04.16 17:50:24 | 000,069,632 | R--- | M] (Macrovision Corporation) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Installer\{6084D038-3401-4C9D-A216-86E6EEA25AFB}\ZBrush3.exe_6084D03834014C9DA21686E6EEA25AFB.exe [2007.08.29 15:36:00 | 000,110,592 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe [2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\U3\341143190082C84A\cleanup.exe [2008.05.02 10:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\U3\341143190082C84A\Launchpad Removal.exe [2008.05.04 16:02:26 | 004,603,904 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\U3\341143190082C84A\LaunchPad.exe [2007.10.23 09:44:48 | 000,054,584 | ---- | M] () -- C:\Users\MAXMUSTERMANN\AppData\Roaming\U3\341143190082C84A\U3AccessGrant.exe [2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\MAXMUSTERMANN\AppData\Roaming\U3\temp\Launchpad Removal.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 03:45:05 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys [2008.01.21 03:45:05 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008.01.21 03:45:05 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys < MD5 for: ATAPI.SYS > [2008.01.21 03:45:04 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys [2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll [2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008.01.21 03:45:13 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys [2008.01.21 03:45:13 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys < MD5 for: NETLOGON.DLL > [2008.01.21 03:49:23 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll [2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll [2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll [2008.01.21 03:46:46 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll < MD5 for: NVSTOR.SYS > [2008.01.21 03:45:08 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys [2008.01.21 03:45:08 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 03:48:49 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll [2008.01.21 03:48:07 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll [2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll [2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 03:46:48 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll [2008.01.21 03:47:33 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll [2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll [2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll [2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=F3F5549E69AE8509342E67E4F972CA1C -- C:\Windows\SysNative\user32.dll [2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=F3F5549E69AE8509342E67E4F972CA1C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 03:48:55 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe [2008.01.21 03:48:55 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2008.01.21 03:48:04 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe [2008.01.21 03:48:04 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 03:46:19 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe [2008.01.21 03:46:19 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2008.01.21 03:48:42 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe [2008.01.21 03:48:42 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe [2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008.01.21 03:48:05 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.01.21 03:48:57 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 03:47:58 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2008.01.21 03:47:58 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > |
|
05.02.2012, 20:02
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Editierte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\Shell - "" = AutoRun
O33 - MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\Shell\AutoRun\command - "" = F:\MI.exe
:Files
C:\Users\MAXMUSTERMANN\AppData\Local\{*
C:\Users\MAXMUSTERMANN\AppData\Roaming\e4d42e6
C:\Users\MAXMUSTERMANN\AppData\Local\a38b6a13
C:\ProgramData\b4087b46
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.02.2012, 20:15
| #11 |
| | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Guten Abend, hier ist das Logfile nach dem Ausführen des Fix: Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73207095-8399-11df-8b26-0022155a9914}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73207095-8399-11df-8b26-0022155a9914}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73207095-8399-11df-8b26-0022155a9914}\ not found.
File F:\MI.exe not found.
========== FILES ==========
C:\Users\MAXMUSTERMANN\AppData\Local\{00127FC0-DF64-4057-8C76-82297127E747} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{00DA6FF0-5BEC-4876-8FA1-B1980264A2FD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{00EDDE51-55D8-40B7-B95F-40E298EBF9F8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{01740039-F3B0-497B-866B-664A01141AE0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0176D3AE-B0AC-44B4-AEE6-D3EDE5B57FF5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{017FADE6-DDE2-4775-A989-BAA78170E27A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{01FE5053-6EC2-45C3-AAD4-4B7E6A9DD564} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0218DB54-1C57-4F82-86E2-795D1A23DF04} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{02BC7C5A-55CA-4901-9E54-4ADD688E6971} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{02DF5471-90D9-4C7E-BB84-BD11865620C7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{03179D1C-BBCC-45BC-846A-57B3D0E700EA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{03496813-A915-4669-8BEB-D0A31B696B5E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0361ACDC-2F83-4898-9A62-F2D945897045} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{037CE9AF-5A83-4473-9904-7ABCEE3335B4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{04AFF070-8E11-4CD1-BAA8-4A6455EF9366} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{053E4C8C-275C-4436-9ABD-8BC74E7B67FE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0554432A-E7B1-4BD6-81CA-CF9035F92D7F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{055FFC63-EDF7-4825-A83B-D3B69B7DFA1E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{05AA213D-0F93-4DDE-A3B1-BEE3341EF6D2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{05F616F5-434F-4053-AB57-129AD0492918} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{060B3241-EB31-4FE9-9BCF-9D0A082FA571} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{06833015-1148-4424-B88C-BA4895D4C4AD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{06AA00CF-03E1-48F0-9287-15A90FF149D1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{06BD63DC-873A-456E-9607-BD1E60E78B60} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{06DF64C8-434A-477F-AABB-D564BAD6117B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{072C6A5F-8843-487C-9DD8-F40B81DF2384} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{08B8D898-9626-4421-B955-743E737FC16C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{08D32D5A-7EE6-4CA2-AEA0-0965B8A109C4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{093AB135-90D1-48C9-AECC-91EF36E57967} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{09507EDE-D3B6-48E7-AA54-2F675CE0E72F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{099D04D8-3CC1-4ADE-8EFA-EA94BCF927FD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{09BA7D68-BA27-4D87-A7D1-6781C92816AA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0A139CF8-0C56-4C1C-9053-84BDFD2D19CA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0A29E218-2345-4954-BA04-66DE68146998} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0A6AA7A7-F7D7-472D-9CAA-7000CB5FFC29} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0A806E45-43E3-46D0-B11A-B74E1150A7D4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0AA0E8D8-FFD3-4BBF-922A-71F4F67040C1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0AAA8930-657F-449D-AC86-206A73941DF0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0AB00C21-D3A9-4E54-B700-4B10A05CE85A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0AF71CF5-8AD0-48DC-84EC-876A428AD758} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0B387339-13FE-4A10-9981-61254108EFFF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0B536C86-1C17-4C63-9DFA-18CC11DF7B62} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0B54546D-952C-48A2-87F6-7E1BADD463C1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0C3151D3-2988-44FF-AA95-8FD8B2F5756C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0C5DA91D-27E4-4C9D-A712-21B02BE0235F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0C86522B-6A54-41FE-9A59-802B50D4DA43} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0D0B9716-99AC-4C49-9684-B90EF22D5F9F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0D225B33-8CBD-4C2F-9364-1826E195B6CA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0DC48808-FD01-497E-A910-6DA71BC1F42B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0DD8045A-026F-4B5E-A45A-26E819ADAF78} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0DE87CF0-8C00-41BA-BFF8-68C6E40C859A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0E053113-EEAD-4488-A896-AEF71DD06FD2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0E28BC1B-7DAA-4917-BC2A-D4CAE1FBC0BD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0E8A2428-8BE2-466C-8DF5-39981198C91D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{0F5030D1-6CF2-40F2-BF8F-D9A325934777} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1003D3DC-345A-4BE2-BD5A-843A56086DC4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1055D3BE-8192-4007-BC00-F77251F3FBCB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1197BD26-2AD1-49A4-A625-8A236D75FDD1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{11C76F3E-9CA2-49B9-A7C5-09E641C9F5D3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{12068021-0100-4E0A-8981-0F2393F67CAE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1208738C-36DA-446A-B110-85D46ABC0461} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{12EF3E12-665F-4837-8073-2E13DB3A1D59} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{13426337-B475-4A4C-8770-2A890CC2FB32} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{13876987-C04D-471D-A1C0-8A06F0FBFB87} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{13F110FC-857C-4F79-AE37-A4416EF71F52} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1418D7FD-57F1-4780-840B-BBEA563EB9F4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1460D94E-D703-4CAC-97DF-40316D496CF5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1480D2EE-CBE6-431E-9013-3BB039315BE3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{14841A83-51E5-420F-8DFE-D9B1DCB4D9FF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{14A60983-EF2F-4E01-8F22-EE7928D6BE9A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{14B953CB-62F6-4752-ADFF-749C273F761B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1592C03F-5306-40AC-8C5A-9D915642CCB4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{160D5819-F572-4B17-865A-C76A3844C8A4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{169C8D47-B06D-4456-ABB3-738CB53E1E99} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{16B0C27D-5FD2-442C-8F5D-133413838A57} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{16DEBCEE-961A-419F-9F2E-B5FFD479472D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{17208160-AF01-482B-BC8C-E74443CAB322} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{18021326-6339-476B-9296-51CF4ED86DE6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{183011D2-A26A-4546-8FE4-760EFFCC6789} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1844213F-D99D-407B-B0E9-EEBAA22872D8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{185094B1-2760-4C1E-BBDA-0BA4D92BDF2D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1911236E-459D-4AB4-967F-31837450FC90} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1A424E72-0F0A-44B6-9BB5-45A18A477890} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1A5B901F-0D02-4CF7-934A-0B03B0C429E5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1A992EA4-8B41-453F-B474-1D72230C76E9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1B247D0D-8B17-4A0E-B337-4FF6B21F3F2C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1BAA8066-3EBE-4C5B-84B2-2157361BD9FE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1BC6F2CA-26E6-45EE-9FCE-DAAA2CAC242E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1D10FAFC-5723-4CF7-9EEB-F6C0C13FF5AD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1D377E22-8F39-4170-8DA7-03D884E20E0A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1D56EB15-7A62-435A-81B7-2D29BF79CF1E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1D5FCFE8-96B2-49F5-9866-9E47ABFAD494} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1E0DBECA-6148-485B-932B-0F51DD35ACD8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1ECCBADF-356F-474B-83F6-6FA696B5237E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1EFAB640-1391-4943-B099-6039BEDA71FA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1EFF67BA-62F3-4937-9406-FCF291A7E53D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1F229A8A-7BA0-4414-B5FC-8620B50ABE77} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1F23435F-9EE4-4AD5-899A-2354FE8E3C22} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{1F9E53CF-DCD8-4FFE-81D3-33479B3DF869} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{200B54CE-D8C6-4D66-94DD-AB89376346CC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{20685B10-A979-4806-B9FE-8D3B157210C3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2127C6DF-6758-4466-B5A6-73C8F383B910} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2193AFAB-C7B6-4665-BBC5-6F48FC78E3F1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{21BD26A9-73E2-4709-AB47-860AD863FF4C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{21C358C3-81C1-4379-AAC6-09847C9E7F3D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{21E17C81-6126-4109-AB5F-CD7AE9C97D37} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2215D7E4-DB60-4FEF-A2EE-419AEA4F88F2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{233ACC58-95E1-4128-86D7-98BA390D4FBC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{23DE348A-9989-49FA-B46A-D563BE341AF2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{24006314-5917-43F2-A26F-CC80D23F7955} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{246702B5-55B1-4EFD-B259-B39027F08FE2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2489E8CD-87B5-466E-8EC2-1D8AC34E2995} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{249BCD70-3B51-4CDE-A86B-9561F26E8E25} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{24C841DA-81BD-402A-9762-4FF87EFF91AC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{24CBAEDF-60FF-4028-9FE3-1967C4FDF93B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{24CECF03-436B-46A1-A075-A230F2391F4C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{24D96077-C348-4446-8D1C-14006B143326} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2609D9E2-83ED-4CFC-B72C-E74451CFAB26} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2638B25D-A82F-4A3F-B3E1-8B3D1D9F18CC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{26BD9090-5F69-45E4-950D-593268B9C94B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2710F33A-BC37-456E-8135-F853AD1027FA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{27870728-ABA7-43EF-9D8C-7D21853740EE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2860C593-ACD6-4CE8-9900-01A51EFB874D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{28E026CD-0493-45B7-A3FC-E8183B7E1749} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{28EFA388-1DEB-43D1-90EF-1404BA85B7B1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2919BBC9-1202-41C3-B77D-7726C279434D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2A0F829A-B204-4720-AA8C-5907E0BA4B06} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2A40C956-9D2D-4421-8497-9846098E4186} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2A6428F4-5AD2-4064-82D5-5A05314E842F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2A67E583-5250-4A1F-AD2E-131DA791C1EF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2B74830A-2287-427C-A1CE-3F55FA057A65} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2BE91586-2F16-4610-B427-80785F4DF27C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2C691AEF-2DA3-4B64-98C1-08E13EA2B6F7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2D715567-E940-4CED-AA15-3FC284B2543F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2DBCE7BE-408A-4E79-AD34-73735C80A97B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2E35491A-8B23-4B81-B530-03F66D0789CA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{2FC10797-8335-4BAD-AF54-A3842BA4D612} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{304A9365-2AA4-4C9D-B722-AFF79A0E6483} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{31665C7C-5E88-4C09-BC9F-92FBF578AEE0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{31A05942-9260-43B5-9BBF-38F93A46CA12} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{31DE9F2C-1B17-4D7F-8349-88FDC257F5D9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{323A2C74-0B7A-4E15-AC36-92FD6FAEBB53} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{32C4887D-3F36-4096-AA5B-0E5722F26396} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3320290F-F0B1-4736-A160-E8C9CD79EA60} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{338D81EB-31FA-4BE1-A435-E348C087A81A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{33C8D2B6-77A8-4D15-81D1-2BC50E7BDF29} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{33E9AE7C-0FDE-4587-B48B-549BF20F34CF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{34FA8AC7-FA89-41DF-A6E4-CD935C1E687F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3553C3D2-1601-419B-9B66-859F82DB461A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{35B84676-AAA2-44FC-A399-A59DF15BC170} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{35F9AB3D-902B-43B2-8609-78FCC535A135} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{371F5FEC-544D-481A-9AB7-139A7EBD89D3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3764E4F9-376F-4435-AB0C-2901E44EA131} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{37F2972D-15AC-4A84-A467-098BFCB1E95E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{38016C32-A478-4A9C-B7A1-837B8E209A23} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{384A5FC0-20E5-497E-8D32-EB0AE651DBB7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3887A13D-1DCB-4665-8A5B-37A407AC8A16} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3956B63D-84F0-4F48-B452-C07099FF59C5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{39A07074-0BE7-4A3F-B0A7-11821F105FD0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{39A46FA4-9DC8-4A24-822C-840007E14072} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{39D3E8B2-13B4-4FB7-B81E-1DCF03A8CABD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3A7CCAFB-ECC2-493F-9129-7E113C07858A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3A976339-FBA6-4C3D-A932-7B0106BE47B3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3ABD30EC-2748-4208-AD26-D65757371B69} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3B46DA91-493C-4127-9E7A-8506978D330D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3BB90B2E-5571-40AE-9BF3-3BAB3A4D0950} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3BC5BB9B-5C7E-4402-BBB1-9CE26B786705} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3BD7EC4F-4198-4EAB-87EF-5D97CC40B7B6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3C050E27-FFD9-4302-8CAF-517936153C51} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3CAE1F38-0F03-4214-ACE7-EFED8231AC99} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3CB9F9FE-549A-48BA-9F5F-EDCA0D5D599C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3D978555-E533-413B-9E00-77BBF06484CC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3DA163FA-CF95-470F-9804-7D9C2B91E4BB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3DB35BD4-D220-4F98-A29D-410C29B194D4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3EF36E21-981F-4AD9-8B87-D196F574D411} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3F6137FD-92FA-400C-8F1A-946906CD9449} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3F6247BB-7925-4446-8092-0792E440475A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3F9A6714-4266-40B5-9A31-29B5C3C0952E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3FDEDE4E-2B3C-4C69-B653-FAE8A97155F4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{3FEEEFD1-83C2-46C5-A429-B8E4696B2C5C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{405C5412-9605-4501-B881-37363FAF0864} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{40C43931-F8F8-4FE6-AD6E-62B221DFE4CB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{4152913B-6F15-4067-836D-D6AD1A04C947} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{41749623-273C-40C7-8BD8-3A84CC85F8B6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{419F1D32-4DD0-4633-8A2A-698C9756640C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{42D487CD-DD71-493F-BF6D-A5E4D8BCF739} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{42DA63AE-7EC1-4461-9FC1-93D257C2AE49} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{43347121-9041-44F7-9E30-5D766087EE8F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{43381C0E-605F-4D72-BC32-F93FB733AEBF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{433CBC48-82AB-427D-9B32-AED961EF4C32} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{4387EF48-F08C-4F35-9D2A-D7F124452C65} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{43E67CEE-5A49-424F-94DB-A78388BD63A8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{44A0A49F-0D2C-4B51-A172-CCFE9EF352E6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{44C1C79B-0A87-40A2-9402-F5352C00E006} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{44D8E29B-00CA-4861-BD5C-D53F635A4482} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{44F20451-C1E1-4E2A-9E14-521C2ADC4248} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{44FCB222-0D24-4DBE-B48E-D93BC1DFFE87} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{450ECE69-F5B7-4D3C-AD24-4D384EC5A333} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{451B35B0-F152-4F83-9FCB-A890D7E5BCA1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{452CB696-F82E-4150-81C5-BF518C22A0DF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{45333BF9-BF43-4B4F-83F7-8687C1D3D1E5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{4553CD62-D767-465E-AFF9-B614370519E4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{458F8FE3-38C3-466D-B4B5-F430D5489D7D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{45DA71BD-A822-4088-9656-CD5B451EA150} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{475B7508-E491-40E0-B95B-5D32B306FB2F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{47623B4A-3E2E-4E11-B6CC-1941F95E4D1A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{47D9A9AB-AC26-43DE-B39A-86B61E0A5433} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{494608FE-54CA-42B2-996F-3FF77B3456C9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{4961CA44-647E-4E68-8359-EB396DC91C8F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{49AA723A-FEF3-4A5F-82EB-F8CA92D0C362} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{4AF746BA-6BB2-4727-A93A-B938E46EBEA3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{4CE8A4C7-D09C-48C1-8D72-F7F7B266B26B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{4FDA74B0-920E-4055-BE4A-3438D44E9822} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5369A0D8-2D28-4DB9-B0BB-E455FFF516B9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5391DC52-9F13-47E8-B39C-420C4E9FF306} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{53BED8CE-CF31-480C-91E2-46C4727C8826} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{53BEEF2B-BDB9-4F8B-BC22-1044C26CD2C8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{53CA4386-CE5E-4A2B-AD69-5C8AA63A2248} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{53E44D42-CA46-42D3-AB4A-826F4BD684E3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{53E47F5F-319A-4ECE-AD5F-E3A78FA88A3D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{53F28824-03AA-4A97-B013-EA3DCD9782B2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{557DE81E-5CC3-4AE1-9B11-3367FDC9611F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{55CAEEB4-E7EE-4FBB-8D36-2214754B7BEF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5673249A-5F6C-4523-93F7-B77707AF9D63} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{56BCEC47-AC8C-458A-BA21-0B0D89349699} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{56F7A9E6-8D88-4C8D-9C57-A03A697EC03C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{58A4DDB1-B2C8-44DB-A3AE-0B479C288CCE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{59239360-4076-4A2D-B5C9-C6DA4FDEC7F5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5A3F7A38-A60A-4C6D-BB66-3ABA9BFEAC87} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5A7AE6BE-F92E-4188-806F-9CB55FD2826B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5A7EFBE3-5E56-4881-8562-D589F4C1C7A1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5AECF0E8-FB58-4B64-9097-3D4D650DEE90} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5AFEF4F3-F4FE-444D-ADA5-AA07093FD536} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5B1B2A5B-6E31-46C2-831F-2597C193B2BF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5B4E84E8-D94A-4A6B-B022-D0384A668F9E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5B6764AA-CA89-472D-B924-E0EB244A0200} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5B7C422B-E3D9-49A2-A524-1B89D5A9313A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5C330894-AE15-4789-B545-BAE31DDA87F7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5C5EBB3C-7B1C-408E-BAE6-E524F3E52DA2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5C9ED45C-B3A8-40C9-9F4B-F3AF22FC7504} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5D5D8FF9-F703-49D9-BAD6-5C021ACB7D77} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5D614E25-B9A5-40E1-A14F-CF2D06B84028} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5D783970-4F37-4407-9286-AC613AE7BD24} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5D7873BE-0432-4343-A820-30DF716ED3B2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5DBAC788-2918-4A25-981C-DB62D5DDE6A9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5DE4A9C4-7A80-4C06-8389-7DF3ED998C9E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5E009D78-A231-427E-BD7D-29C1DC7E241C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5E2ADCC1-2FED-490C-85E9-F4E6A7508664} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5E34E1C2-712F-4E63-9F4A-F0209511AEB7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5E6427A7-DF5E-42EB-8BD4-00EA1F3E2712} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5E72B533-1C31-4126-B9E3-8881D7BEC1AF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5E96202B-CC47-4593-92F5-F055734E8D54} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{5F52E7E9-A9EA-48CB-AA49-D2568835126B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{60288773-5F52-440A-B887-EA073E9C0BC9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{605074D4-F64B-4F12-BA8D-D73539E595C8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6050C93D-DF60-4003-A661-6B00C92AD13B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{605606DF-99ED-4B63-AF8B-AD2AFAB5387D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{60701533-BAE9-4488-938F-7A2189DC0673} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{60BF75DB-7C3F-4FD1-9B3F-F71233449555} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{60F99B39-F6B7-4037-BE98-C73E0D1488DD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{61605510-7607-42AC-B6F9-71D01FB17960} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{61637F0C-3D63-411D-9C27-47DE4312A341} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6165017B-8D90-425E-BA56-76D56C445DDB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{621CE83A-1703-47DF-AAE4-76FA46ECFA19} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{622EF95D-8C1E-4BF5-96E6-743996CC1D03} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6270C2F0-CB5A-4AA8-A0DC-25A1BA171F6D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{62B3EF0A-2DDF-4208-8ED2-18F49CB3F04F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{62C8D514-9995-413B-9C2B-F030F8D4F049} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{630A36B7-00B8-4041-AD05-1EF952D0B93B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{63D9EEF3-3DD2-4DAF-AAD1-2952D0C7C7A1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{645C9B48-B6ED-438E-A47A-7AB82E5D2BDF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6478E1DD-90E1-422F-8634-D84F225FFC99} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{64A2494C-0044-49E9-A0DE-93E10C9055BF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{64CA0A08-5AEC-41DA-B268-BE22F0EA363F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{650BDF14-DB92-4326-96B1-75E0BD056AE4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{65285E08-ABF1-4300-9B2A-6F5DDECC1F67} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{655EE426-2DA6-4378-843B-762EF67BEE6D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{662C4810-428B-4BB3-9AD6-718071B61066} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{663CA395-C001-4982-97F1-F2436E70E075} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{66610FC6-CAB9-4663-B3B8-79638A4309A4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{66CE922F-7580-4A2F-9812-97C260FA87BE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{66EDA744-5AA6-4E95-98B0-7D41A80FDCE5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{670FD107-A4F0-4C30-8F8A-8A96ECA6DDC7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{678E3BE6-7F6D-4C61-97A1-FBF1006BE549} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{686DB63C-C9B7-41C2-BD42-81A599B71F06} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{68C95632-BE36-4621-AA21-2C66A1A87D70} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{691DB6F2-45DD-4904-B428-99D64CC4F146} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{693C43E2-5534-45F5-8294-0706A8336BEF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{698375E6-8269-4C82-A761-58ADF925897E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{69846D86-7A5D-4CDF-9611-6500AEBC9883} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6B20923B-3BE6-456E-8922-B827631BCF7C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6D496790-FA74-4BDF-8287-96B6E1F8209F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6D7CDF8D-496E-4A13-A2E9-595F7A88D54E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6E746188-EE4F-493E-9A86-6D6ADCF22410} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6EAC46B9-170D-43A8-BDD9-0865BBC87F6F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6F10F65E-28C1-4F5C-87CD-77F01947F853} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6F2E5318-9449-4ED9-9D1C-108D06F04214} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{6FF5CCA2-3E76-4202-809F-973B26819F4C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{70071163-D2A3-47FA-8443-9DBAFD3EC8DA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7018EC61-E8DD-48C5-8F3C-856B11A38593} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{70567929-41E8-4D0C-93BD-AD5F67A4F16F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{706E32BD-E3F5-41D6-A8FD-D0E77CD17215} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{706EF22A-49C9-4B6B-A842-EE9B15127270} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{70CDEB3B-5B63-45A4-BD24-897DA2E28328} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{70D200A3-4A4F-4281-9CDC-6511D08CEBD1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7152E032-954E-4702-AC22-058FE71F8306} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{71AE4135-0D54-487F-9614-CC3D451AFF70} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{71D3C37C-B647-4B24-B33F-680BE8BB1C08} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{720E9A95-A9C3-4777-935D-1EE0C6AE74B9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{721DA079-2F6C-4D2A-874A-82524B4257F1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7293E0B6-D55E-4034-BEA9-D4651C0607B7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{72D39687-8F8C-423E-B3A6-96D85E5A8C14} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{733C8FA3-1277-4824-BB98-75A6A7508A42} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7414252C-B125-4155-950D-40A36CED3B2A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7418CB1C-A0E7-46FD-BBFF-D2B165CCBA97} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{748BDB5C-AC3B-492E-BF0B-39666017C94C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{75BDDBC0-3AEE-4036-A3E5-B362EF01538E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7613C452-A72E-4855-A2AA-E400DF25B5C0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{76D9438E-EC0A-49B0-A561-68BFD580C69B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{77185CF3-9AFB-4E1E-979B-25ED58130636} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7773CA36-EF58-4E77-A7C0-E7BF3105A6E5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7788DC00-18D4-4904-BCB8-ABD7100737C7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{77DB8352-4E82-4836-9AA6-CDB0B889EF44} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{77DCAE36-93F0-4F16-950E-F5A8DD9E3E97} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{78680FAF-36D9-4B02-B415-FDF4FE19B6C4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{79050698-DE39-4430-84D1-908884EDF7BD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{798E08D1-EA84-436F-B232-71438CDD60C1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7A0B09C5-F714-482E-9A46-EE1A9C615481} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7A7264BB-C226-40DC-89E7-88F2AFB71B49} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7A82D7EC-9A62-4856-B776-B64DA88FDF34} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7AAEA387-E671-43F1-8D3E-5D8ACBE5A9E7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7BED66A4-79AE-46BF-987D-181E12E46266} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7C8C0BAC-F8D6-4F51-9ECD-AE6DFC69BAB9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7CEC2101-DC76-431E-ACCF-ECC471F352B5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7CF341E6-F9D6-4BCD-964C-8804757F0C67} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7E4F3D21-DB5B-44EB-B3E7-F201C747598E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7E9AC2B9-E6C6-4E3A-B7E9-ECCFE06E9971} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7FA90D54-03C9-449C-A741-E89B14E2BBF2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{7FEA5128-CBC1-4299-B626-125BC480BC2B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8085A342-CACF-4186-AB1B-04F65CF1BC9A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{80CCA5BB-783F-4006-BF0E-45BC3B28BADE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{80D64511-5273-4103-8529-417BA290767B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{81427C67-DA94-4D31-B734-5CA141094F89} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{823D670D-0E67-43F1-B783-A78804A56CE6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8261D1B1-BB31-433B-A59C-96331B1D11B4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{827EAFD0-E231-45CE-B3C9-184AAE59460C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{829A81A8-80C7-4244-85E2-C855428C7C3E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{82A86C80-93DE-4888-BADD-7AE2688AE749} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{82E34EE6-B6AD-4C7F-AF97-44C7B8EEDBBB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{82F85AD8-9605-402F-9DAC-00C00EDE8E52} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{83800313-C188-45FA-BC52-89E38DF2C7A0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{840A10F2-A16D-44F2-9B38-B1EC0442C1AE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{849976FE-BDDA-4ACC-B86E-A5E985247A72} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{84A533FD-62CC-4401-8858-4FE4532C0C71} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{85307B93-5366-4AA0-A96E-F39711DAA691} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{854A4C20-B632-4AE3-BE61-0D7A952A428F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{85C7C60B-F61B-416E-AFE9-D2114EB0D867} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{860A9FB6-4DDB-4044-9426-88035D8A87F2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{86BF43F9-2781-481B-A553-441670009A41} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{886E33D2-8697-4911-8DB0-8A1106B6E288} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{88F25A01-1238-4ED8-8643-18C91AA70A42} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{890B948C-84B6-432C-9052-444DB0585774} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{891F6505-98D7-48AC-90FF-96F7D8879E07} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8937CD84-95BB-4F75-A898-B8F456937D42} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{89A9D715-5F49-4371-9114-F5718B730799} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{89BF25E8-3DEA-4735-A222-D1A90E7B534E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{89C2807B-F86C-4E86-A7A0-2982734CF485} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8A1D694E-FC24-4FEE-AA09-BA340E432E5D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8A876FB6-DCB7-444B-A484-9A329FACE43D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8A9C1533-BA4F-4797-9E3A-E93C2195A69E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8AC07D7D-4039-4644-B42A-8BD8202013CC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8B1DE9E0-978A-40E3-A3A2-40EC01C383CD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8B3A5FA9-0FEE-4F8A-813E-EFA7FB31D4EC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8BBA7174-BD85-4607-ACF7-2342A9090D91} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8C7A8985-8479-4D30-8F85-FFB5A8E6B17D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8D0326E2-AB4F-4BC7-8420-7948F1124FF0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8D09FF1D-3F2F-49F9-BE23-5660D955B7B7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8D9A4CD1-D97F-46B9-BD5C-DE2E9B970C97} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8E211A07-3B94-4B5E-AD59-C9CFA170AAA2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8EBBDFC7-B46B-4F97-A75F-FE068B5123C9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8F0AEEC1-8B65-4582-80C8-A599570A1042} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8F940009-DFBB-473F-BC4B-3D088049BC7C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{8FAD93A7-B500-4E93-98CB-AD20E9B1B351} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{900C39AD-2B3C-4D11-BF2A-DDB450CA353D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{902E080D-B9C3-426B-8924-AD1E89DECFFD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{904FE9D1-8FC0-423C-8AE1-B8DE55B37E4D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9056B805-120F-450D-9F82-E1CB4DF94A8E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{90EA6C4D-93A0-4D5D-826F-D30427F95780} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{90FBD97E-9C25-47BD-A5C9-3D25D2DE444A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{918B7C5D-8E1D-46E6-8DFC-561761A7EC62} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{91E63870-C6C3-4C13-8D3B-E3538A7A8496} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{92ECD376-92ED-4376-B54C-E76AE33FCCB4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{935968AC-35BA-4D4E-90FD-8AC349BD2D75} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{937A6532-4AFB-4151-942F-6453DFAE86A4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{93824692-F293-4B39-B8D8-6C324B3E538F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{93825B1B-4E40-4B1E-8431-8387AB25278A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{938B6213-1DB2-43B2-ABA1-08E1548F37B6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{942962E2-06C8-4975-B4FB-34ABC8617152} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{942B9B3A-36AC-40EC-AB8B-6A9736AB47BE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9434CE76-59AB-4780-B1BA-B9BDEF6BFD30} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{95C1FDBE-14F9-498E-A01C-7DC657EBF72B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{95E04B30-C66F-4701-BB34-620F6D9A46BD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{95F59AF5-9E25-4E3A-B435-B3A649BE68DD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{95FD8F7F-4730-46DE-B91B-82B42688CFB5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{96B6AEBB-36E1-4BA7-8620-E6B5C2CF90E5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9700D0C4-6B3C-4605-BFD4-427477ED006F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{97FA80C3-F12A-4588-BC6D-8BC6B9C035A5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{981FA95D-21D8-4FB3-8A47-DC697C2A6FD6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9824A2A7-E6BB-41D2-B394-C78C30D5D2C0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{986239F0-DE65-4CD2-9D00-6F8660CBD672} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{99408346-17FC-42F6-B25A-2CC1C103BA32} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{99DE66D4-0E95-4A05-AAC1-AD1A0307B2D7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9A165E5A-EA3F-4618-B06C-D31AACF9C10E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9A795D7F-3A61-4AE6-98C8-E6EFF5AB1DB9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9AC0AB16-1CCB-4DA6-AC54-015B4C30D08B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9BDB5563-68F9-4FEA-A82F-BB68207E10FE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9CC49612-06DB-4F1F-8BB5-BB2F045BA8CE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9CE395DA-450E-47FE-AC52-65E6D64EE8C5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9CF65835-2D44-41E9-AF7A-42BC654935FF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9D321D61-52C6-47E5-B7FD-33B4491BAA3C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9D5E8218-FD7B-4029-898B-898D530C7447} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9D8BB0C9-5507-4267-868A-9200AE21BEA3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9DB0A8D2-2BB6-472F-87A3-4635AC77DD7F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9E0C9576-5505-43A7-B5EA-54523830D52F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9EEAA42D-4C0E-4231-A906-004BB8843547} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{9EEF26D3-1672-4025-84D4-857B15D3093B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A049E8A8-DED2-4478-8E1C-044BDD85977D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A0843A9C-4093-4DEC-9116-406C21E02113} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A0C02C3E-76BE-4755-8DB5-8E16D6D2A26E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A0D48E7D-D364-41CD-9428-B5A7EFE1F70F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A1BE2148-6941-4EBE-8FE3-BA44162CAC12} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A1FE53A5-241D-4F2E-B4E0-CFE8838370D0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A22084A0-6C35-4776-9FEB-A66CA2F466B1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A227FDFE-5004-4DFD-8634-2B9E9BB816C3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A239DFC5-D70C-4272-A799-0B0B4975F6F9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A2ADE4E9-2C08-4F92-8AD2-408631933E5D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A2CD2EA5-B78A-4B43-A243-19CF44903652} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A3083964-3BC9-432A-95AB-2F11FBFD3A93} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A44DB72E-3292-431E-9F39-869DE9AC7A39} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A4836E92-315C-4B1D-ABC9-1D4C34271569} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A5AC0156-8B8B-4063-BC56-75A7194BCF7E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A6299A26-E88F-4F63-876E-71E1F153B7A2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A63BDD72-A2EC-4D6B-9F95-8FE49B93AE72} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A6671ED5-37CD-4335-9C1B-220D7E6E5F1B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A6C55BFE-B13E-4E55-B36D-61127AE779CB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A6CECBF7-22F0-4C23-9A1B-C75A8364234B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A6F3F27D-D869-4391-B8D7-C41D6606C49B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A7D0C2D8-7FA6-48BA-9184-514F493650E1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A7D308EE-2CE3-423A-AE80-D8969CA27EB0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A7D6D6F6-CC89-46CA-9E0E-B936B8FF71C2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A8C0DE32-330C-4837-91DB-FE332F80DFAE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A8F364CE-FB81-4A61-AF3D-C2564912D805} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{A9A4DF6B-68EC-47AA-83F2-CB5E8FA89D8D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AC03CAA1-56AA-4AEE-93CD-BAAC055DF9F1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AC64D5CC-8F18-4A35-B05A-4A46C6C00F2A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AD442DD0-0557-4105-B514-D3F4A0975CD4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AE0E83B7-8AA5-407B-8BA2-38DC2D819FB3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AE21FF90-A6C5-4583-9D5B-EAB1F5CCA3BC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AE472BCF-D69D-4A33-B404-29E716EA2732} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AF966B51-3092-4918-BFB5-8AC4AF71FC60} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AFC98B42-7D10-47C2-93E3-EF0929E4BA6B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{AFEB966E-49C5-41A4-AD74-AFF5EA1D3A03} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B0064ACD-AA35-4486-94E5-B80835010E58} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B0DF2D4C-D607-4938-92FC-5C245B22903A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B18FB4B3-92AD-447F-86F0-B55B6C3B92A9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B19C9CEA-E415-42F8-8F1C-1E422B2BC928} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B23AC199-30FC-4BFE-A86F-BD333022A80A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B23FDCF9-C75C-48E7-A054-38E1D8418DAF} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B2B963C0-75A6-4106-9ABE-BA3E74547067} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B2CEE482-9030-48A5-8DE6-F184E920B65A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B2D4D52C-0842-44DE-91EC-B37C7A055B77} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B30464C1-70B1-4051-A5D9-AFF5336817AB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B319DFD8-1047-4522-8553-8117B340CC81} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B35B74F3-F5C1-4AFD-8BD8-4180F1EDEA95} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B45C0236-7633-452B-BD4B-CE0BD8D4F799} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B45C6B0D-9185-432D-80B7-631E62D13944} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B472312C-B370-4C73-8D5A-B2B7C60801F7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B5401993-9DD9-4BF2-A9A0-05AA0FC0FBA0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B59A345C-ECDC-4DB7-B1D6-C5470168C28B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B5E6ECD7-3242-47B9-B966-7C2ED774D829} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B623BD5C-86F4-4FC8-AA76-63319F983DD2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B6D0834A-7664-43F8-A103-3F16312AC98D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B7F07317-0C2A-4CCB-AEDB-33A12515A035} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{B966D930-40C1-4F13-A1A2-6FE47C123D5B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BA65DCBD-EA09-4099-A7E3-A4022748E011} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BB337D2F-0D2B-4DAF-BA19-41B265B8E63F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BBD36798-64D4-43BD-B65F-AD5A57975CB3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BCC0F9AD-FBBE-4817-8406-72797DF82CAB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BD28CF69-29D8-4823-AEFE-F543E8541983} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BDA861EB-06EA-433F-8F21-58251586D570} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BE20A6A1-1DE3-4CF7-9EEC-327C5FCAA5B4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BE2A6CD9-4F73-4B77-B47A-949F6A0B41D6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BE5FB951-9CE6-4A6E-8066-578EA2658D53} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{BF430817-1A81-4269-8861-25460012D471} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C0806B10-F10C-43BE-8CEA-9EFD25542F02} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C0A7D42B-1639-4B56-B9BA-3ACD334EEBE3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C0DB12AF-6D8E-40D1-B621-9E1EE55380AD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C11B45C4-88D9-46C9-B364-D203CD8413D6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C1578E9E-46B6-4B99-9CDD-BDD55BE5A059} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C170F35B-BF7B-4719-ABB9-2D5B56DCEE49} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C2051838-3B04-4AB7-BCD0-6E715C46345D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C29600CB-84B2-4390-BC51-3B8F78EA5E09} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C2E0C280-63C5-47C1-A084-5F01BCA78E44} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C37687DA-E9CF-4598-AAB4-7F1E8DE38D1D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C37B743C-0429-412E-9F3E-CE21A4C810BD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C3A3B5E6-DAA1-4997-9578-7FEA2B92FB36} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C42F38F6-4187-41FA-8AAD-736E791FD063} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C4435D05-86D4-43F6-817A-DDE5128B6C40} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C4D0A299-E3D5-426C-BD9F-2293E60224E8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C51C48EA-45F7-4E6D-967B-E04ADD86173E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C523FFFF-91C4-4504-8D9C-5AD15F200902} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C57473AF-1855-4C9B-AC9A-8CE6BB0FCF3E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C5903D05-8468-4824-B3A7-A38BA4AD606E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C68224A6-BD2B-4E88-8C57-535D7407C1D3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C7328B6F-479C-45D5-9E19-AC919180F4DC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C741A3DC-652D-493C-ACD2-11673ABA190C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C761B31E-2170-4030-AAA3-ABBFB9DFBF15} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C8312FF5-5D51-42C6-B5B4-8A811D9D2E5E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C855CFF3-ED38-42A5-955E-827A266DEAF3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C8E5B628-B01A-43AD-A0B8-62E02DC73397} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C9178B52-BA88-4B44-94CD-122AFFBB2EB3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C928C74D-8E4E-4D86-ACAB-87D64ED6A0E8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C97FA8C8-4E8E-4FD4-9B27-412F8F077C4E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C9D90A9A-82FD-4B7B-9A56-799C31FE468A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{C9E102F8-BF35-4F4E-9132-35E302620AB6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CAFA0784-27EC-4D66-A84B-A488BEBEBE67} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CAFC3871-D61F-4A8D-8381-47B225C8979F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CBF86B6D-7081-4010-A734-24BE812CE2A6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CC482399-1DCF-4148-938D-834247B881D2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CC843C89-58E6-4DAE-A951-E2A86366C18E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CD79C8B5-226F-4F1E-9E29-7361F61E39AA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CDEDEDC9-3D73-44A6-911E-3BA4731CF058} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CE2DCD76-7ADF-4E1E-86D3-E7F8E70E2310} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CE76A3BC-FCA7-4722-8067-87D97CF8E1E0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{CF42E6E8-EF1E-410E-9DF4-29ED956757AA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D02F5750-611F-408B-8AB9-613A3AE23D11} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D067713F-67D8-4E55-AA33-338E6D09A470} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D0713F25-4FA0-48EE-816A-217E3BE538FB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D0A4DA21-8104-41AC-86E5-2D93EEF247C8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D0B94D5B-6EBE-4E6C-8DBD-67C128B68F94} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D0D7D50B-F5B7-4C38-86CB-1F7DB0352787} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D10B6156-3F30-43A5-BF2A-A043E6606FA9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D16A549E-D0F8-4DDA-B7D5-BD92A320808C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D1DDC1B5-E7E9-4DF3-984E-3D0C6B0F9DDA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D25F0097-DB6E-4681-B2C1-D978E5FA2902} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D26BBFD3-91BA-4095-BD1A-FE51D797CB0A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D26DF85C-0365-43AC-B266-F6C75ACBE0E6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D2ADC281-5570-4245-92D8-4B833D38224D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D2C1681D-337F-4BC3-A9E4-85D3F0265ECD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D375A42F-EDE9-47E0-A449-9B2D42D441D9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D3B1F238-FB55-42E2-B0C9-91AD5407D102} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D3C8E1DB-34A6-4CFC-95F0-750D23CE9B98} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D49CCE7E-19AF-41F8-9E61-B879B70C2892} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D4F018C7-AD79-4099-B9F7-104A7B1B5F0D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D54E71AF-35D5-4F9A-BD3C-C7E3845755CC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D5F3E853-F847-4B98-8642-96C8386FF1BB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D6F3D4A6-9F29-479E-92F7-E166B55EC51A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D77BBA13-C0DF-4CB1-8EA8-89FD6E5020B4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D7A5F1FB-72DE-434D-A99B-644D8677223F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D7CE88C3-3BF2-4521-8E1D-98C08347FF74} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D800769F-9ED9-42A1-B9E3-8FE49B1B95DC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D85471DA-AC97-4960-B824-FFC4B11D76F6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D887821B-90B6-4FB8-8BB6-644287807966} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D9114ABB-E895-40BF-9947-6F10C7025396} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D99B644C-31A7-4360-9381-0A7BB3AF8864} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D9B2CB79-54EF-4D37-8086-773F001CD863} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{D9B5444A-96F6-4BA7-B41A-7CFADD69F1C2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DA28D0A0-73A4-47BA-A486-6BAAA2EA9D5E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DA814A07-8B2C-4355-BC72-780AD13435F9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DAACEC8A-7DB5-485C-A6AF-E55917E2A61B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DAB12295-4A2D-4B2B-8464-5A4045D405E2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DB313E8A-3722-49A2-B3EB-336609EF6A6F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DB323848-3A51-41BF-A968-B2F012550F9A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DB35DEFF-5F3B-44ED-BD4D-D49E56AA0112} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DB718328-C681-47EB-96C7-2845210733CD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DC7072A1-A6AF-4610-A242-B18906FF7256} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DD31F6CF-6CBA-44B4-A711-08398903597C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DD482FBC-3F50-4994-A445-FBE6B34D2AB7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DDD0C059-6F13-4B2E-B03B-B1EF2B77755A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DE6353A8-C350-4368-8304-D327C3CB6B7A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DE68DCDC-56A4-45A3-894C-5C88D1B6C9C9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DEBD0704-3D2E-4F41-A40E-62C8BA781790} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DF0F3529-EFD1-4D01-AF51-C72C33ECAC81} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DF592C24-12AF-4300-9501-B0D92C183E34} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{DFADFD3B-3399-45A1-B158-7CFE16FC4B44} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E0282FD6-ABCC-425B-A92A-6ABD010D9B4E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E02A3D21-470A-46CB-B514-B25B6E06ABBB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E03C70A9-28FD-4FAE-B8A1-BC4743AAED16} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E052CF7F-F32E-4BFB-99EA-D584F486AEA3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E19CD913-09DB-4D8F-BC6B-D9E4ABA198B0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E255E6F4-7763-4FBE-9A31-EA259CAAB45E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E26FB349-E1A4-4EDF-8DB5-1FBC5786A980} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E2BD7D85-C73B-4868-9922-282346F6A29E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E316CE43-029E-4D47-BE8C-E8DC3CB82522} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E331D9B9-5B23-4DB4-9ADB-B61CBE5E9400} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E3A2D356-ADEB-4902-8FFC-3877F517227A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E3DB4485-187E-422B-BD3D-539DE7558B9C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E3E09FE2-DB3C-4FA7-9571-D7BCC2841756} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E4661596-25CA-4C69-BBF9-4270D121958B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E469830E-B6D0-45F6-81F2-145F475F7F7B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E4A68AA0-0B96-4537-A9FD-8D328F9C88BD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E556BEC8-AF80-49DD-8672-0662C5CFF004} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E56A6A62-679B-4D23-9E37-BBF91EBC55CD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E574849E-579F-4C3D-88BD-C6081CB8EB04} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E5A9C003-C1FD-4811-8D56-3ED159F6662A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E6672733-DF9E-4294-9656-A26AFBD4F0D3} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E6F26EB5-96E7-4C65-95D8-1D54EF638B09} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E765364E-D7C7-4371-A12E-C94F975C0B9D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E8814CC3-7E8B-47EE-871D-6D0DCFA79FD6} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E90366DE-C3D5-416A-B989-B04FD50B0F0A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E9076F2B-9C52-40DE-8296-3FB95F7A2A17} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E92525CE-2E92-4B8B-A96D-0C86FC3A384E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E959572B-7DD3-4228-9764-12DE2A70629F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{E9730AB4-0C99-4912-A234-FC943C045EB0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EA32AC92-CD08-4789-8053-5D15D8906A82} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EA514290-7CC5-4501-9CB2-C29985672694} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EA60BBA9-8B83-456E-B6D5-435552985D25} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EA6B5D8E-D59C-4C7D-841F-349119DF41E2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EA81D39C-22DA-46B5-84EA-5F3A79CB19B1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EA9DAF36-A392-4C82-B647-ED579888A4C5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EBC880B5-9F9E-45B5-985E-636A0B72C93A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EC088DB6-2A06-4D60-8FFC-E7B1BFF5D0AB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{ECCDA0C3-899A-4592-A4F1-4C15B7B4DD2D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{ED401FF9-0DBA-4462-ABF2-E544F63BC857} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EDD4179B-7AF7-47A6-945F-7626B0046C26} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EE2268E8-B7B8-4F2B-ADBA-72F2E6A08003} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EE617D64-956A-42C6-85FD-D9F6F4F3C6F0} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EEBEB805-54E9-4F75-BEDB-F6EBB627941C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EEBF9435-553C-448D-B791-D7863ACA31BC} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EED8AD97-9137-4F78-9029-CDEA77DE7126} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EF95ED9F-89AD-4A39-BECA-D93527BB87C5} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{EFAB5956-7ECB-4DF5-ADB9-07FB6F02FA35} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F06E293D-F5CC-434C-87B2-95F82CC005E8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F0990BDF-7F34-4BE7-BA17-FF0A6E55FB60} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F17ED022-19EF-4068-B30E-097DCDC3B2E8} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F1DDC644-56A8-41B2-A832-BF8AB30F91BA} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F239327F-1378-43CD-8EDA-8B0CB45E331C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F24FF433-26CA-4814-82FA-CD7ADEEEB9B7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F28E223E-EC54-4EFE-B675-A4D8620DDE49} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F2D2BAB5-7E38-465B-96B0-B317FCBBF669} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F2E27C72-4B8F-4FA0-A52C-60FCA5C733DB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F2E41EEB-3C05-4F6F-9690-9AAA3C4DB34C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F3A14DAF-A842-47D4-A20B-8F7522C797AD} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F4195E7E-54FD-4FAD-A685-B30F7D6AE76E} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F5283861-3209-45B8-A57D-8CC2EF4EF494} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F5D21E2E-F967-4890-A376-FF46A16D0860} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F614D382-449E-4DE1-BBBD-A88039908EAB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F627DD01-0256-4A86-9C3D-D7567F71EAB1} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F6738DBD-7F9D-45C5-BCFB-E3B5B4B9DD4A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F6BE5680-A807-4A51-A6D7-C6FC7A1C4756} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F6D0371B-58DD-4D35-92EF-09C75FCA1AB2} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F75A259B-64A7-4E47-9B27-A7D613222E5D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F75C74C2-33BC-43B1-85C1-478F6A63FF5D} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F7A2758B-8027-45C7-BD91-4C0823D9681B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F8691205-8A5A-4527-B716-0B47A6D31528} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F96D50C2-4276-4554-AAF8-460986082AA4} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F97AC67C-3285-4CDC-A026-EC9235A4011C} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F97C0349-7C11-4184-A6F8-FA22BA8ACC78} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F9943D14-DB87-45E6-BCF0-C2C42921BE52} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F9B8873E-B08B-4130-B8DA-04AC05D6C957} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{F9E7414D-0D9C-4092-AC19-48B09DAF901A} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FA57024D-C0F0-463C-992B-65456A336291} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FA6B93DA-24DC-4E9A-81B5-FD43037E2C39} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FA887718-EFBB-4C68-AD4E-31FBEEF79910} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FA94BF97-1EDD-4874-AD49-3ACE7F14777F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FB31DC49-D01B-4204-BAFD-4DE294D3C7CB} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FB731DA9-F0B1-467D-A015-B32D63746A96} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FBDF26DC-5835-428D-8FF0-117C3A982273} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FBF050AF-4D26-4947-B0AB-A61F98E17D73} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FC3079EC-1F47-4342-9DB3-B0180CF418C7} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FC5359C6-5791-48D3-8951-E5C9EBC84C5B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FCB34620-F9B3-4846-B07F-D36588F70897} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FD90FECF-4C8F-4114-A9AE-672C31ADE025} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FDF2692C-24AE-4BEA-986F-714C7F71284B} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FE1BFF1C-3F31-489A-8A50-F6D3D0992A53} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FE2B505E-F544-4B72-9418-D2D9F2080D51} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FE87D01E-9230-4886-A08D-15D66F7B0495} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FED2E672-923D-41AC-A041-7D0F0D072D1F} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FEFF2999-74BF-436E-AD58-D906D86951DE} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FF73EB99-6630-4D29-900A-744A0CDD6232} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FFB81794-96A6-4073-B74D-0A34E88BC030} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\{FFBCBC58-8FFE-4E06-9278-5A6184FDE0E9} folder moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Roaming\e4d42e6 moved successfully.
C:\Users\MAXMUSTERMANN\AppData\Local\a38b6a13 moved successfully.
C:\ProgramData\b4087b46 moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
User: MAXMUSTERMANN
->Temp folder emptied: 0 bytes
->Java cache emptied: 891033 bytes
->FireFox cache emptied: 286388382 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 7171 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 998363 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7536 bytes
Session Manager Temp folder emptied: 170894048 bytes
Session Manager Tmp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 438,00 mb
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 02052012_200905
Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\ST~2417.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~2418.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~2429.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~2439.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~243A.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~248B.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~248C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~24BC.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~24BD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~24DE.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~24EE.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E19E.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E1BF.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E20E.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E22E.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E22F.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E28E.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E28F.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E2D0.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E2D1.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E2E1.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\ST~E302.tmp scheduled to be moved on reboot.
D:\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
05.02.2012, 20:27
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.02.2012, 18:52
| #13 |
| | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Guten Abend, hier ist das Log vom scan: Code:
ATTFilter 18:49:06.0337 5784 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
18:49:06.0493 5784 ============================================================
18:49:06.0493 5784 Current date / time: 2012/02/06 18:49:06.0493
18:49:06.0493 5784 SystemInfo:
18:49:06.0493 5784
18:49:06.0493 5784 OS Version: 6.0.6002 ServicePack: 2.0
18:49:06.0493 5784 Product type: Workstation
18:49:06.0493 5784 ComputerName: MAXMUSTERMANN-PC
18:49:06.0493 5784 UserName: MAXMUSTERMANN
18:49:06.0493 5784 Windows directory: C:\Windows
18:49:06.0493 5784 System windows directory: C:\Windows
18:49:06.0493 5784 Running under WOW64
18:49:06.0493 5784 Processor architecture: Intel x64
18:49:06.0493 5784 Number of processors: 4
18:49:06.0493 5784 Page size: 0x1000
18:49:06.0493 5784 Boot type: Normal boot
18:49:06.0493 5784 ============================================================
18:49:07.0491 5784 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:49:07.0507 5784 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:49:07.0507 5784 \Device\Harddisk0\DR0:
18:49:07.0507 5784 MBR used
18:49:07.0507 5784 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5D26781
18:49:07.0507 5784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x5D27000, BlocksNum 0x3465E7F0
18:49:07.0507 5784 \Device\Harddisk1\DR1:
18:49:07.0507 5784 MBR used
18:49:07.0507 5784 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A3847F0
18:49:07.0788 5784 Initialize success
18:49:07.0788 5784 ============================================================
18:49:39.0549 5800 ============================================================
18:49:39.0549 5800 Scan started
18:49:39.0549 5800 Mode: Manual; SigCheck; TDLFS;
18:49:39.0549 5800 ============================================================
18:49:40.0548 5800 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
18:49:40.0641 5800 ACPI - ok
18:49:40.0719 5800 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
18:49:40.0782 5800 adfs - ok
18:49:40.0844 5800 ADIHdAudAddService (4a30fa79f8253134d398251db614e3c9) C:\Windows\system32\drivers\ADIHdAud.sys
18:49:40.0938 5800 ADIHdAudAddService - ok
18:49:40.0984 5800 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
18:49:41.0016 5800 adp94xx - ok
18:49:41.0047 5800 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
18:49:41.0078 5800 adpahci - ok
18:49:41.0125 5800 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
18:49:41.0125 5800 adpu160m - ok
18:49:41.0156 5800 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
18:49:41.0172 5800 adpu320 - ok
18:49:41.0234 5800 AF15BDA (57bef5f550a57e96ffd89f3e88a65eb3) C:\Windows\system32\DRIVERS\AF15BDA.sys
18:49:41.0312 5800 AF15BDA - ok
18:49:41.0390 5800 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
18:49:41.0468 5800 AFD - ok
18:49:41.0530 5800 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
18:49:41.0546 5800 agp440 - ok
18:49:41.0608 5800 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
18:49:41.0608 5800 aic78xx - ok
18:49:41.0640 5800 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
18:49:41.0655 5800 aliide - ok
18:49:41.0686 5800 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
18:49:41.0702 5800 amdide - ok
18:49:41.0718 5800 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
18:49:41.0858 5800 AmdK8 - ok
18:49:42.0014 5800 amdkmdag (3d07f9c090c7a1d76d624972a5384471) C:\Windows\system32\DRIVERS\atikmdag.sys
18:49:42.0654 5800 amdkmdag - ok
18:49:42.0778 5800 amdkmdap (99ab7e4b24c80155dc4296f657faf3c7) C:\Windows\system32\DRIVERS\atikmpag.sys
18:49:42.0825 5800 amdkmdap - ok
18:49:42.0903 5800 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
18:49:42.0919 5800 arc - ok
18:49:42.0934 5800 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
18:49:42.0950 5800 arcsas - ok
18:49:42.0950 5800 AsIO - ok
18:49:42.0981 5800 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
18:49:43.0012 5800 AsyncMac - ok
18:49:43.0044 5800 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
18:49:43.0059 5800 atapi - ok
18:49:43.0090 5800 AtiHdmiService - ok
18:49:43.0246 5800 atikmdag (3d07f9c090c7a1d76d624972a5384471) C:\Windows\system32\DRIVERS\atikmdag.sys
18:49:43.0824 5800 atikmdag - ok
18:49:43.0933 5800 avgntflt (c30b5fc0adcdfba7668e99baf0cbf58e) C:\Windows\system32\DRIVERS\avgntflt.sys
18:49:43.0964 5800 avgntflt - ok
18:49:44.0042 5800 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
18:49:44.0167 5800 blbdrive - ok
18:49:44.0245 5800 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
18:49:44.0292 5800 bowser - ok
18:49:44.0323 5800 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
18:49:44.0432 5800 BrFiltLo - ok
18:49:44.0463 5800 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
18:49:44.0494 5800 BrFiltUp - ok
18:49:44.0526 5800 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
18:49:44.0682 5800 Brserid - ok
18:49:44.0713 5800 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
18:49:44.0760 5800 BrSerWdm - ok
18:49:44.0791 5800 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
18:49:44.0853 5800 BrUsbMdm - ok
18:49:44.0884 5800 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
18:49:44.0931 5800 BrUsbSer - ok
18:49:44.0978 5800 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
18:49:45.0040 5800 BTHMODEM - ok
18:49:45.0087 5800 camfilt2 (4779181f1a93dfa48730d7c162b78aec) C:\Windows\system32\Drivers\camfilt2.sys
18:49:45.0118 5800 camfilt2 - ok
18:49:45.0150 5800 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
18:49:45.0196 5800 cdfs - ok
18:49:45.0228 5800 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
18:49:45.0274 5800 cdrom - ok
18:49:45.0306 5800 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
18:49:45.0368 5800 circlass - ok
18:49:45.0399 5800 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
18:49:45.0415 5800 CLFS - ok
18:49:45.0477 5800 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
18:49:45.0493 5800 cmdide - ok
18:49:45.0508 5800 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
18:49:45.0524 5800 Compbatt - ok
18:49:45.0540 5800 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
18:49:45.0555 5800 crcdisk - ok
18:49:45.0602 5800 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
18:49:45.0664 5800 CSC - ok
18:49:45.0742 5800 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
18:49:45.0789 5800 DfsC - ok
18:49:45.0836 5800 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
18:49:45.0852 5800 disk - ok
18:49:45.0883 5800 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
18:49:45.0914 5800 drmkaud - ok
18:49:45.0961 5800 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
18:49:46.0008 5800 DXGKrnl - ok
18:49:46.0054 5800 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
18:49:46.0101 5800 E1G60 - ok
18:49:46.0148 5800 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
18:49:46.0164 5800 Ecache - ok
18:49:46.0195 5800 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
18:49:46.0257 5800 elxstor - ok
18:49:46.0288 5800 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
18:49:46.0382 5800 ErrDev - ok
18:49:46.0413 5800 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
18:49:46.0476 5800 exfat - ok
18:49:46.0507 5800 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
18:49:46.0554 5800 fastfat - ok
18:49:46.0585 5800 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
18:49:46.0632 5800 fdc - ok
18:49:46.0663 5800 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
18:49:46.0678 5800 FileInfo - ok
18:49:46.0710 5800 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
18:49:46.0772 5800 Filetrace - ok
18:49:46.0803 5800 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:49:46.0834 5800 flpydisk - ok
18:49:46.0881 5800 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
18:49:46.0928 5800 FltMgr - ok
18:49:46.0975 5800 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
18:49:47.0022 5800 Fs_Rec - ok
18:49:47.0053 5800 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
18:49:47.0068 5800 gagp30kx - ok
18:49:47.0100 5800 GEARAspiWDM (d279181e1cf2d85d31cdcffd56b16795) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:49:47.0131 5800 GEARAspiWDM - ok
18:49:47.0193 5800 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
18:49:47.0193 5800 hamachi - ok
18:49:47.0271 5800 Hardlock (091582da724f54830012e3faaf2f1d1a) C:\Windows\system32\drivers\hardlock.sys
18:49:47.0302 5800 Hardlock ( UnsignedFile.Multi.Generic ) - warning
18:49:47.0302 5800 Hardlock - detected UnsignedFile.Multi.Generic (1)
18:49:47.0349 5800 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
18:49:47.0443 5800 HdAudAddService - ok
18:49:47.0599 5800 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:49:47.0755 5800 HDAudBus - ok
18:49:47.0817 5800 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
18:49:47.0880 5800 HidBth - ok
18:49:47.0895 5800 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
18:49:47.0958 5800 HidIr - ok
18:49:47.0989 5800 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
18:49:48.0020 5800 HidUsb - ok
18:49:48.0067 5800 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
18:49:48.0067 5800 HpCISSs - ok
18:49:48.0114 5800 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
18:49:48.0207 5800 HTTP - ok
18:49:48.0223 5800 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
18:49:48.0238 5800 i2omp - ok
18:49:48.0270 5800 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
18:49:48.0316 5800 i8042prt - ok
18:49:48.0348 5800 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
18:49:48.0363 5800 iaStorV - ok
18:49:48.0441 5800 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
18:49:48.0457 5800 iirsp - ok
18:49:48.0488 5800 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
18:49:48.0504 5800 intelide - ok
18:49:48.0519 5800 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
18:49:48.0566 5800 intelppm - ok
18:49:48.0613 5800 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:49:48.0644 5800 IpFilterDriver - ok
18:49:48.0691 5800 IpInIp - ok
18:49:48.0706 5800 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
18:49:48.0753 5800 IPMIDRV - ok
18:49:48.0784 5800 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
18:49:48.0831 5800 IPNAT - ok
18:49:48.0847 5800 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
18:49:48.0894 5800 IRENUM - ok
18:49:48.0925 5800 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
18:49:48.0940 5800 isapnp - ok
18:49:48.0987 5800 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
18:49:48.0987 5800 iScsiPrt - ok
18:49:49.0018 5800 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
18:49:49.0034 5800 iteatapi - ok
18:49:49.0065 5800 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
18:49:49.0081 5800 iteraid - ok
18:49:49.0096 5800 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
18:49:49.0112 5800 kbdclass - ok
18:49:49.0128 5800 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
18:49:49.0159 5800 kbdhid - ok
18:49:49.0221 5800 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
18:49:49.0252 5800 KSecDD - ok
18:49:49.0284 5800 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
18:49:49.0315 5800 ksthunk - ok
18:49:49.0346 5800 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
18:49:49.0377 5800 lltdio - ok
18:49:49.0408 5800 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
18:49:49.0424 5800 LSI_FC - ok
18:49:49.0455 5800 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
18:49:49.0471 5800 LSI_SAS - ok
18:49:49.0486 5800 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
18:49:49.0502 5800 LSI_SCSI - ok
18:49:49.0533 5800 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
18:49:49.0564 5800 luafv - ok
18:49:49.0596 5800 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
18:49:49.0596 5800 megasas - ok
18:49:49.0642 5800 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
18:49:49.0658 5800 MegaSR - ok
18:49:49.0720 5800 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
18:49:49.0767 5800 Modem - ok
18:49:49.0798 5800 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
18:49:49.0814 5800 monitor - ok
18:49:49.0830 5800 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
18:49:49.0845 5800 mouclass - ok
18:49:49.0876 5800 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
18:49:49.0954 5800 mouhid - ok
18:49:49.0970 5800 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
18:49:49.0986 5800 MountMgr - ok
18:49:50.0017 5800 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
18:49:50.0032 5800 mpio - ok
18:49:50.0064 5800 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
18:49:50.0095 5800 mpsdrv - ok
18:49:50.0126 5800 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
18:49:50.0142 5800 Mraid35x - ok
18:49:50.0173 5800 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
18:49:50.0235 5800 MRxDAV - ok
18:49:50.0266 5800 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:49:50.0329 5800 mrxsmb - ok
18:49:50.0344 5800 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:49:50.0376 5800 mrxsmb10 - ok
18:49:50.0407 5800 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:49:50.0422 5800 mrxsmb20 - ok
18:49:50.0438 5800 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
18:49:50.0454 5800 msahci - ok
18:49:50.0485 5800 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
18:49:50.0500 5800 msdsm - ok
18:49:50.0547 5800 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
18:49:50.0594 5800 Msfs - ok
18:49:50.0625 5800 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
18:49:50.0641 5800 msisadrv - ok
18:49:50.0688 5800 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
18:49:50.0703 5800 MSKSSRV - ok
18:49:50.0750 5800 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
18:49:50.0781 5800 MSPCLOCK - ok
18:49:50.0812 5800 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
18:49:50.0844 5800 MSPQM - ok
18:49:50.0890 5800 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
18:49:50.0906 5800 MsRPC - ok
18:49:50.0937 5800 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
18:49:50.0953 5800 mssmbios - ok
18:49:51.0000 5800 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
18:49:51.0046 5800 MSTEE - ok
18:49:51.0078 5800 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
18:49:51.0093 5800 MTsensor - ok
18:49:51.0109 5800 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
18:49:51.0124 5800 Mup - ok
18:49:51.0156 5800 mv61xx (792ca0761a6ff267fb271fa4dbe8cd84) C:\Windows\system32\DRIVERS\mv61xx.sys
18:49:51.0171 5800 mv61xx - ok
18:49:51.0218 5800 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
18:49:51.0249 5800 NativeWifiP - ok
18:49:51.0312 5800 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
18:49:51.0358 5800 NDIS - ok
18:49:51.0390 5800 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
18:49:51.0436 5800 NdisTapi - ok
18:49:51.0468 5800 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
18:49:51.0514 5800 Ndisuio - ok
18:49:51.0561 5800 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
18:49:51.0608 5800 NdisWan - ok
18:49:51.0624 5800 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
18:49:51.0655 5800 NDProxy - ok
18:49:51.0686 5800 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
18:49:51.0748 5800 NetBIOS - ok
18:49:51.0780 5800 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
18:49:51.0811 5800 netbt - ok
18:49:51.0858 5800 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
18:49:51.0858 5800 nfrd960 - ok
18:49:51.0920 5800 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
18:49:51.0951 5800 Npfs - ok
18:49:51.0967 5800 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
18:49:52.0014 5800 nsiproxy - ok
18:49:52.0076 5800 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
18:49:52.0170 5800 Ntfs - ok
18:49:52.0201 5800 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
18:49:52.0232 5800 Null - ok
18:49:52.0263 5800 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
18:49:52.0279 5800 nvraid - ok
18:49:52.0310 5800 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
18:49:52.0310 5800 nvstor - ok
18:49:52.0341 5800 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
18:49:52.0357 5800 nv_agp - ok
18:49:52.0372 5800 NwlnkFlt - ok
18:49:52.0388 5800 NwlnkFwd - ok
18:49:52.0419 5800 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
18:49:52.0450 5800 ohci1394 - ok
18:49:52.0497 5800 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
18:49:52.0560 5800 Parport - ok
18:49:52.0606 5800 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
18:49:52.0622 5800 partmgr - ok
18:49:52.0653 5800 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
18:49:52.0669 5800 pci - ok
18:49:52.0700 5800 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
18:49:52.0716 5800 pciide - ok
18:49:52.0825 5800 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
18:49:52.0872 5800 pcmcia - ok
18:49:52.0903 5800 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
18:49:53.0012 5800 PEAUTH - ok
18:49:53.0059 5800 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
18:49:53.0090 5800 PptpMiniport - ok
18:49:53.0121 5800 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
18:49:53.0152 5800 Processor - ok
18:49:53.0199 5800 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
18:49:53.0230 5800 PSched - ok
18:49:53.0277 5800 PTSimBus (b0776cbfe6e5c5fed6ff1547fbd77bd7) C:\Windows\system32\DRIVERS\PTSimBus.sys
18:49:53.0308 5800 PTSimBus - ok
18:49:53.0340 5800 PTSimHid (e5fb14783019bacaf5cfc10fc1ad582e) C:\Windows\system32\DRIVERS\PTSimHid.sys
18:49:53.0371 5800 PTSimHid - ok
18:49:53.0418 5800 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
18:49:53.0480 5800 ql2300 - ok
18:49:53.0527 5800 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
18:49:53.0527 5800 ql40xx - ok
18:49:53.0574 5800 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
18:49:53.0605 5800 QWAVEdrv - ok
18:49:53.0620 5800 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
18:49:53.0652 5800 RasAcd - ok
18:49:53.0698 5800 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:49:53.0730 5800 Rasl2tp - ok
18:49:53.0776 5800 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
18:49:53.0808 5800 RasPppoe - ok
18:49:53.0854 5800 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
18:49:53.0886 5800 RasSstp - ok
18:49:53.0917 5800 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
18:49:53.0979 5800 rdbss - ok
18:49:53.0995 5800 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:49:54.0026 5800 RDPCDD - ok
18:49:54.0073 5800 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
18:49:54.0120 5800 rdpdr - ok
18:49:54.0135 5800 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
18:49:54.0182 5800 RDPENCDD - ok
18:49:54.0213 5800 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
18:49:54.0244 5800 RDPWD - ok
18:49:54.0276 5800 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
18:49:54.0307 5800 rspndr - ok
18:49:54.0338 5800 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
18:49:54.0354 5800 sbp2port - ok
18:49:54.0400 5800 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:49:54.0447 5800 secdrv - ok
18:49:54.0494 5800 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
18:49:54.0541 5800 Serenum - ok
18:49:54.0572 5800 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
18:49:54.0619 5800 Serial - ok
18:49:54.0650 5800 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
18:49:54.0712 5800 sermouse - ok
18:49:54.0744 5800 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
18:49:54.0790 5800 sffdisk - ok
18:49:54.0806 5800 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
18:49:54.0853 5800 sffp_mmc - ok
18:49:54.0884 5800 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
18:49:54.0915 5800 sffp_sd - ok
18:49:54.0946 5800 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
18:49:55.0009 5800 sfloppy - ok
18:49:55.0040 5800 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
18:49:55.0040 5800 SiSRaid2 - ok
18:49:55.0071 5800 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
18:49:55.0087 5800 SiSRaid4 - ok
18:49:55.0134 5800 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
18:49:55.0180 5800 Smb - ok
18:49:55.0227 5800 snapman380 (001901f10423616ca0d4aecdcce8b855) C:\Windows\system32\DRIVERS\snman380.sys
18:49:55.0243 5800 snapman380 - ok
18:49:55.0430 5800 SNP2UVC (5b5bf3ca043022a5be7c5afa8ef4ec66) C:\Windows\system32\DRIVERS\snp2uvc.sys
18:49:55.0914 5800 SNP2UVC - ok
18:49:56.0007 5800 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
18:49:56.0023 5800 spldr - ok
18:49:56.0085 5800 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys
18:49:56.0132 5800 sptd - ok
18:49:56.0194 5800 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
18:49:56.0257 5800 srv - ok
18:49:56.0288 5800 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
18:49:56.0335 5800 srv2 - ok
18:49:56.0366 5800 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
18:49:56.0382 5800 srvnet - ok
18:49:56.0428 5800 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
18:49:56.0444 5800 swenum - ok
18:49:56.0460 5800 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
18:49:56.0475 5800 Symc8xx - ok
18:49:56.0506 5800 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
18:49:56.0506 5800 Sym_hi - ok
18:49:56.0538 5800 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
18:49:56.0553 5800 Sym_u3 - ok
18:49:56.0569 5800 Tablet2k - ok
18:49:56.0600 5800 TClass2k (f96e9f71f611093e67d8c78a8ccc9a0a) C:\Windows\system32\DRIVERS\TClass2k.sys
18:49:56.0647 5800 TClass2k - ok
18:49:56.0709 5800 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
18:49:56.0803 5800 Tcpip - ok
18:49:56.0850 5800 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
18:49:56.0896 5800 Tcpip6 - ok
18:49:56.0943 5800 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
18:49:56.0990 5800 tcpipreg - ok
18:49:57.0021 5800 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
18:49:57.0068 5800 TDPIPE - ok
18:49:57.0115 5800 tdrpman147 (fe37527578efeaf87c7c6040bf4f8226) C:\Windows\system32\DRIVERS\tdrpm147.sys
18:49:57.0177 5800 tdrpman147 - ok
18:49:57.0224 5800 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
18:49:57.0255 5800 TDTCP - ok
18:49:57.0302 5800 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
18:49:57.0333 5800 tdx - ok
18:49:57.0380 5800 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
18:49:57.0380 5800 TermDD - ok
18:49:57.0427 5800 tifsfilter (156ef5e1164bba862eee84400c7ba034) C:\Windows\system32\DRIVERS\tifsfilt.sys
18:49:57.0442 5800 tifsfilter - ok
18:49:57.0505 5800 timounter (8a474022c0465797b13a4ea7535d4c5b) C:\Windows\system32\DRIVERS\timntr.sys
18:49:57.0552 5800 timounter - ok
18:49:57.0598 5800 truecrypt - ok
18:49:57.0630 5800 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:49:57.0692 5800 tssecsrv - ok
18:49:57.0723 5800 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
18:49:57.0770 5800 tunmp - ok
18:49:57.0832 5800 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
18:49:57.0848 5800 tunnel - ok
18:49:57.0988 5800 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
18:49:58.0004 5800 uagp35 - ok
18:49:58.0035 5800 UCTblHid (670ab775d081fec2e51da2e347474998) C:\Windows\system32\DRIVERS\UCTblHid.sys
18:49:58.0066 5800 UCTblHid - ok
18:49:58.0098 5800 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
18:49:58.0144 5800 udfs - ok
18:49:58.0176 5800 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
18:49:58.0176 5800 uliagpkx - ok
18:49:58.0207 5800 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
18:49:58.0222 5800 uliahci - ok
18:49:58.0254 5800 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
18:49:58.0269 5800 UlSata - ok
18:49:58.0300 5800 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
18:49:58.0316 5800 ulsata2 - ok
18:49:58.0332 5800 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
18:49:58.0363 5800 umbus - ok
18:49:58.0425 5800 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys
18:49:58.0441 5800 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
18:49:58.0441 5800 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
18:49:58.0456 5800 USBAAPL64 - ok
18:49:58.0488 5800 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
18:49:58.0519 5800 usbaudio - ok
18:49:58.0550 5800 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
18:49:58.0581 5800 usbccgp - ok
18:49:58.0612 5800 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
18:49:58.0659 5800 usbcir - ok
18:49:58.0690 5800 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
18:49:58.0722 5800 usbehci - ok
18:49:58.0768 5800 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
18:49:58.0800 5800 usbhub - ok
18:49:58.0815 5800 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
18:49:58.0878 5800 usbohci - ok
18:49:58.0909 5800 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
18:49:58.0956 5800 usbprint - ok
18:49:58.0987 5800 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:49:59.0018 5800 USBSTOR - ok
18:49:59.0034 5800 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
18:49:59.0096 5800 usbuhci - ok
18:49:59.0143 5800 VBoxDrv (1287ce7b6cc8fd5a9c505b2c84a400cb) C:\Windows\system32\DRIVERS\VBoxDrv.sys
18:49:59.0158 5800 VBoxDrv - ok
18:49:59.0205 5800 VBoxNetAdp (55c13725fc3b0cac69b5744ca0d1e122) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:49:59.0221 5800 VBoxNetAdp - ok
18:49:59.0268 5800 VBoxNetFlt (b3da4bc8f82ae0fba2374b6529af813b) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
18:49:59.0283 5800 VBoxNetFlt - ok
18:49:59.0299 5800 VBoxUSBMon (cb45d97364ae93308853159b7cdc7d23) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:49:59.0314 5800 VBoxUSBMon - ok
18:49:59.0346 5800 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
18:49:59.0377 5800 vga - ok
18:49:59.0408 5800 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
18:49:59.0455 5800 VgaSave - ok
18:49:59.0486 5800 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
18:49:59.0486 5800 viaide - ok
18:49:59.0533 5800 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
18:49:59.0548 5800 volmgr - ok
18:49:59.0580 5800 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
18:49:59.0611 5800 volmgrx - ok
18:49:59.0673 5800 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
18:49:59.0689 5800 volsnap - ok
18:49:59.0720 5800 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
18:49:59.0720 5800 vsmraid - ok
18:49:59.0767 5800 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
18:49:59.0814 5800 WacomPen - ok
18:49:59.0860 5800 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
18:49:59.0892 5800 Wanarp - ok
18:49:59.0907 5800 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
18:49:59.0923 5800 Wanarpv6 - ok
18:49:59.0954 5800 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
18:49:59.0970 5800 Wd - ok
18:50:00.0016 5800 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
18:50:00.0079 5800 Wdf01000 - ok
18:50:00.0141 5800 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
18:50:00.0172 5800 WmiAcpi - ok
18:50:00.0219 5800 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
18:50:00.0250 5800 WpdUsb - ok
18:50:00.0297 5800 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
18:50:00.0344 5800 ws2ifsl - ok
18:50:00.0375 5800 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:50:00.0422 5800 WUDFRd - ok
18:50:00.0469 5800 yukonx64 (827aaae4f84945658b0b03da805df44e) C:\Windows\system32\DRIVERS\yk60x64.sys
18:50:00.0547 5800 yukonx64 - ok
18:50:00.0609 5800 zlportio - ok
18:50:00.0640 5800 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:50:00.0703 5800 \Device\Harddisk0\DR0 - ok
18:50:00.0703 5800 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
18:50:00.0750 5800 \Device\Harddisk1\DR1 - ok
18:50:00.0750 5800 Boot (0x1200) (7e2cd16d3bf043a8d34298f697a17f39) \Device\Harddisk0\DR0\Partition0
18:50:00.0750 5800 \Device\Harddisk0\DR0\Partition0 - ok
18:50:00.0781 5800 Boot (0x1200) (c15e672c839739eb1fe8125efed3879d) \Device\Harddisk0\DR0\Partition1
18:50:00.0781 5800 \Device\Harddisk0\DR0\Partition1 - ok
18:50:00.0781 5800 Boot (0x1200) (372d1b08b60fec82b97ba57455d09ea2) \Device\Harddisk1\DR1\Partition0
18:50:00.0781 5800 \Device\Harddisk1\DR1\Partition0 - ok
18:50:00.0781 5800 ============================================================
18:50:00.0781 5800 Scan finished
18:50:00.0781 5800 ============================================================
18:50:00.0781 3824 Detected object count: 2
18:50:00.0781 3824 Actual detected object count: 2
18:50:26.0006 3824 Hardlock ( UnsignedFile.Multi.Generic ) - skipped by user
18:50:26.0006 3824 Hardlock ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:50:26.0022 3824 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
18:50:26.0022 3824 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
06.02.2012, 20:03
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2012, 20:40
| #15 |
| | Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 Guten Abend, hier ist das ComboFix Logfile: Code:
ATTFilter ComboFix 12-02-06.02 - MAXMUSTERMANN 07.02.2012 18:54:30.1.4 - x64
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.49.1031.18.4094.2162 [GMT 1:00]
ausgeführt von:: d:\eigene dateien\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\twain.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-01-07 bis 2012-02-07 ))))))))))))))))))))))))))))))
.
.
2012-02-07 18:04 . 2012-02-07 18:04 -------- d-----w- c:\users\MAXMUSTERMANN\AppData\Local\temp
2012-02-07 18:04 . 2012-02-07 18:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-07 17:51 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3DC71EC-03C5-4F76-8091-1667A3CAC77D}\mpengine.dll
2012-02-06 17:38 . 2012-02-06 17:38 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-01-15 10:26 . 2012-01-15 10:26 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-15 10:07 . 2011-11-17 06:53 515968 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-15 10:07 . 2011-11-16 16:43 442368 ----a-w- c:\windows\system32\winhttp.dll
2012-01-15 10:07 . 2011-11-16 16:42 94720 ----a-w- c:\windows\system32\secur32.dll
2012-01-15 10:07 . 2011-11-16 16:42 347136 ----a-w- c:\windows\system32\schannel.dll
2012-01-15 10:07 . 2011-11-16 16:41 1689600 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-15 10:07 . 2011-11-16 16:24 77312 ----a-w- c:\windows\SysWow64\secur32.dll
2012-01-15 10:07 . 2011-11-16 16:23 377344 ----a-w- c:\windows\SysWow64\winhttp.dll
2012-01-15 10:07 . 2011-11-16 16:23 278528 ----a-w- c:\windows\SysWow64\schannel.dll
2012-01-15 10:07 . 2011-11-16 14:34 11264 ----a-w- c:\windows\system32\lsass.exe
2012-01-12 08:13 . 2012-01-12 08:16 -------- d-----w- c:\program files (x86)\JDownloader
2012-01-11 10:27 . 2011-12-01 15:29 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 10:27 . 2011-12-01 15:21 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2012-01-11 10:27 . 2011-10-25 16:13 1570816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 10:27 . 2011-10-25 16:13 352256 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 10:27 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 10:27 . 2011-10-25 15:58 497152 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 10:26 . 2011-11-18 20:55 1585152 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 10:26 . 2011-11-18 20:55 1167984 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 10:26 . 2011-10-14 17:31 211968 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 10:26 . 2011-10-14 17:27 48128 ----a-w- c:\windows\system32\mcicda.dll
2012-01-11 10:26 . 2011-10-14 17:27 28672 ----a-w- c:\windows\system32\mciwave.dll
2012-01-11 10:26 . 2011-10-14 17:27 28160 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 10:26 . 2011-10-14 16:03 189952 ----a-w- c:\windows\SysWow64\winmm.dll
2012-01-11 10:26 . 2011-10-14 16:00 23552 ----a-w- c:\windows\SysWow64\mciseq.dll
2012-01-11 10:26 . 2011-11-25 16:25 451072 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 10:26 . 2011-11-18 18:07 76800 ----a-w- c:\windows\system32\packager.dll
2012-01-11 10:26 . 2011-11-18 17:47 66560 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-11 07:58 . 2012-02-01 17:47 45016 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-11 07:58 . 2012-01-11 07:58 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-11 07:58 . 2012-01-11 07:58 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-11 07:58 . 2012-01-11 07:58 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-26 23:52 . 2009-10-02 23:32 279656 ------w- c:\windows\system32\MpSigStub.exe
2011-12-15 21:13 . 2011-12-15 21:13 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-10 14:24 . 2010-07-16 17:48 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-23 13:57 . 2011-12-15 16:23 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 04:54 . 2010-05-10 08:44 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundTray"="c:\program files (x86)\Analog Devices\SoundMAX\SoundTray.exe" [2008-03-26 143360]
"Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2008-05-09 1423360]
"QFan Help"="c:\program files\ASUS\Ai Suite\QFan3\QFanHelp.exe" [2008-05-06 594432]
"Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-11-30 881152]
"Launch Direct Link"="c:\program files (x86)\ASUS\AI Direct Link\AsShare.exe" [2007-11-16 1209856]
"Launch As Cmd Runner"="c:\program files (x86)\ASUS\AI Direct Link\AsCmd.exe" [2007-04-11 376832]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-10-13 165144]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-10-13 960376]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-10-13 4344472]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2008-03-16 1302528]
"StartCCC"="d:\ccc\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304]
"SpybotSnD"="c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 5365592]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\MAXMUSTERMANN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Protect.lnk - c:\program files (x86)\FRITZ!DSL\FwebProt.exe [2007-9-7 1070384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Startcenter.lnk - c:\windows\Installer\{2457326B-C110-40C3-89B0-889CC913871A}\Icon2457326B4.exe [2009-10-4 29184]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux8"=wdmaud.drv
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Inhalt des "geplante Tasks" Ordners
.
2012-02-06 c:\windows\Tasks\User_Feed_Synchronization-{978E09A9-0F47-4184-8B35-D34606FD7885}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-10-13 165144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://192.168.178.83/codebase/DVM_IPCam2.ocx
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\MAXMUSTERMANN\AppData\Roaming\Mozilla\Firefox\Profiles\htm99lj7.default\
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-C-Media Speaker Configuration - d:\download\nightingale_vista32_drv\nightingale\vista32\Setup.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-V-Ray for 3dsmax 2010 for x86 - c:\program files (x86)\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\wininstaller.exe-uninstall=c:\program files (x86)\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\install.log
AddRemove-Vodafone WCDMA Composite Device Drive - c:\windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\sched.exe
c:\program files (x86)\ASUS\AASP\1.00.63\aaCenter.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\Six Engine\SixEngine.exe
c:\program files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\FRITZ!DSL\IGDCTRL.EXE
c:\windows\System32\Drivers\WTSRV.EXE
c:\windows\SysWOW64\WTClient.exe
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\program files (x86)\FRITZ!DSL\StCenter.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-02-07 19:18:52 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-02-07 18:18
.
Vor Suchlauf: 945.790.976 Bytes frei
Nach Suchlauf: 1.149.612.032 Bytes frei
.
- - End Of File - - 05A525550227B098D55685B653F44C3C
|
|
| Themen zu Viren Fund durch Antivir - TR/Offend und TR/Minggy 3.30 |
| 0x00000001, antivir, audiodg.exe, autorun, avira, bho, bonjour, ccc.exe, down, downloader, dsl, error, excel, firefox, focus, format, helper, intranet, launch, locker, logfile, mom.exe, mozilla, nt.dll, object, plug-in, prozesse, registry, required, rundll, safer networking, software, svchost.exe, tablet, tr/offend, verweise, viren, vista, vista32, warnung |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
