| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: WIN7 auch GVU Trojaner 2.07 verseuchtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.08.2012, 21:12
| #1 |
 |  WIN7 auch GVU Trojaner 2.07 verseucht Hallo liebe Helfer, mein PC ist mit diesem GFU 2,07 Trojaner verseucht. Ich würde mich echt über eure Hilfe freuen. Ich habe denn Quick-Scan mit OLG ausgeführt, aber nicht im Abgsicherten Modus.(muss ich das noch? habe es nicht herausgelesen, das es im Abgesicherten Modus gescannt werden muss) Vielen Vielen Dank im voraus schon mal für euere Bemühungen. Viele Grüße Dadymo Die Extra Log konte ich nicht Anhängen, Malwarebytes hat nichts gefunden, komischerweise Geändert von Dadymo (29.08.2012 um 21:18 Uhr) |
|
29.08.2012, 21:26
| #2 |
| | WIN7 auch GVU Trojaner 2.07 verseucht Entschuldigung für meine D...heit, die Größe war es
__________________ Vielen Dank schön mal, und eine Gute Nacht Dadymo |
|
31.08.2012, 19:55
| #3 |
| /// Helfer-Team  | WIN7 auch GVU Trojaner 2.07 verseucht Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen. Diese Nacheinander abarbeiten und die 4 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen. Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern mede dies bitte. 1. Schritt Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{12A4CE82-5E74-4E26-9BE2-A2815B0E8300}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=2231D1E5-C214-44F0-BB79-3A82003020DD&apn_sauid=1A05F765-92D7-4315-8377-4E438837FE87
IE - HKCU\..\SearchScopes\{28D0A542-4E90-4B19-8E0B-D78075EB03E8}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - user.js - File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[2012/08/29 19:15:12 | 000,024,064 | ---- | M] (Gerhard Schlager) -- C:\windows\SysWow64\ctfmon.exe
[2012/08/29 13:24:59 | 000,001,889 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/08/29 21:10:22 | 083,023,306 | ---- | M] () -- C:\ProgramData\ism_0_llatsni.pad
[2011/06/07 12:13:38 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
:Files
C:\Users\user\AppData\Local\{*}
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\user\AppData\Local\Temp\*.exe
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
%SystemRoot%\System32\*.tmp
%SystemRoot%\SysWOW64\*.tmp
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! 2. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 3. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
4. Schritt
__________________ |
|
31.08.2012, 21:22
| #4 |
| | WIN7 auch GVU Trojaner 2.07 verseucht Hallo t'john, erst mal recht vielen vielen Dank für deine schnelle Hilfe. Habe alles so gemacht, gefixt, danach eine neustart, beim Hochfahren kam "Probleme beim Starten von install_0_msi.exe" Habe OK geklickt und das ist die Log. Den Rest muss ich am Sonntag erledigen, leider. Aber echt recht Herlichen Dank für deine Arbeit und deine Bemühung!! schönen Abend und Viele Grüße Dadymo Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{12A4CE82-5E74-4E26-9BE2-A2815B0E8300}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12A4CE82-5E74-4E26-9BE2-A2815B0E8300}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{28D0A542-4E90-4B19-8E0B-D78075EB03E8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28D0A542-4E90-4B19-8E0B-D78075EB03E8}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
File C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{40C3CC16-7269-4B32-9531-17F2950FB06F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40C3CC16-7269-4B32-9531-17F2950FB06F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000012\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000013\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\windows\SysWow64\sho4436.tmp deleted successfully.
C:\Windows\SysWOW64\ctfmon.exe moved successfully.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk moved successfully.
C:\ProgramData\ism_0_llatsni.pad moved successfully.
C:\Windows\MusiccityDownload.exe moved successfully.
========== FILES ==========
C:\Users\user\AppData\Local\{000E725C-8B21-4BB6-9BBD-853A5F029CE2} folder moved successfully.
C:\Users\user\AppData\Local\{020687E1-4A6A-42B9-BAA4-BF8FF544C8F6} folder moved successfully.
C:\Users\user\AppData\Local\{04046705-E479-4D57-B04F-EE747173938F} folder moved successfully.
C:\Users\user\AppData\Local\{04975260-5DD6-44E4-855E-43A9CE76A7F9} folder moved successfully.
C:\Users\user\AppData\Local\{06C511CB-01E3-48BA-8B28-986D69E55108} folder moved successfully.
C:\Users\user\AppData\Local\{0B9EA756-8EBE-4E66-A4C7-71277E4F7EE6} folder moved successfully.
C:\Users\user\AppData\Local\{0D82F777-72A6-4A62-939F-90423BD7DE7F} folder moved successfully.
C:\Users\user\AppData\Local\{0E02F7D2-D08A-4C37-9F6F-BB57A51ACD4A} folder moved successfully.
C:\Users\user\AppData\Local\{0E911913-8A70-4A15-9243-AE41353112A6} folder moved successfully.
C:\Users\user\AppData\Local\{0EC5E34B-B008-4873-86F8-64179FF3BEE9} folder moved successfully.
C:\Users\user\AppData\Local\{116F0766-B23F-4A08-9E08-30061D3233CF} folder moved successfully.
C:\Users\user\AppData\Local\{1276C2F7-2FF7-4DEA-9E53-A2EA72E0A1E9} folder moved successfully.
C:\Users\user\AppData\Local\{1354514C-F5DA-4439-9A35-7698C623D802} folder moved successfully.
C:\Users\user\AppData\Local\{14C3A926-9A9C-48B8-905B-5D87E6418AC0} folder moved successfully.
C:\Users\user\AppData\Local\{1574270C-5FF9-45CB-AD1E-8F245064D85D} folder moved successfully.
C:\Users\user\AppData\Local\{177FCA77-85CC-4C53-8E74-79A303F16510} folder moved successfully.
C:\Users\user\AppData\Local\{17BE8F47-DCAF-4BBD-9AFF-D74403A776BA} folder moved successfully.
C:\Users\user\AppData\Local\{19B487E5-72D1-4353-961A-85908590256B} folder moved successfully.
C:\Users\user\AppData\Local\{1DE2DFDE-705D-4AF2-85B8-DC0754BEC616} folder moved successfully.
C:\Users\user\AppData\Local\{2064065E-0F03-4973-883F-98E558FBD64E} folder moved successfully.
C:\Users\user\AppData\Local\{20DF6A0D-1BCF-4D79-984C-848AB2D81DB3} folder moved successfully.
C:\Users\user\AppData\Local\{2119EFA3-1D37-4F5A-A939-301A073ADE6F} folder moved successfully.
C:\Users\user\AppData\Local\{23A48079-D495-48B2-B53F-98AF70487F35} folder moved successfully.
C:\Users\user\AppData\Local\{23AE7CA3-A77D-4256-BB8F-4AB6064F9C22} folder moved successfully.
C:\Users\user\AppData\Local\{2E530C49-F9A9-4532-91B5-E4DEF10379CF} folder moved successfully.
C:\Users\user\AppData\Local\{316C362E-87BD-4637-A257-9BCAA35CED52} folder moved successfully.
C:\Users\user\AppData\Local\{34DF9688-2892-45DE-8B49-980A61F79C50} folder moved successfully.
C:\Users\user\AppData\Local\{3B337946-DF96-4AAD-BC26-6657E03324A5} folder moved successfully.
C:\Users\user\AppData\Local\{3C2016EA-F9F3-4AF4-A277-1521E5123892} folder moved successfully.
C:\Users\user\AppData\Local\{3EC90528-A1B9-4281-A84C-AD28AED89645} folder moved successfully.
C:\Users\user\AppData\Local\{3F5482A3-E72B-49F5-A630-605FE7A4993C} folder moved successfully.
C:\Users\user\AppData\Local\{40F632CB-A27A-4949-A400-6900EC32FD87} folder moved successfully.
C:\Users\user\AppData\Local\{43ADABE0-835A-4C8A-A070-4A6F5B8A828D} folder moved successfully.
C:\Users\user\AppData\Local\{475EBFCE-0E5C-436A-8D87-2DFC954A8AEF} folder moved successfully.
C:\Users\user\AppData\Local\{477432CB-214E-46D1-8223-52D0B2CA900A} folder moved successfully.
C:\Users\user\AppData\Local\{488A59C2-91D0-4E07-A718-5D05F530F019} folder moved successfully.
C:\Users\user\AppData\Local\{49207F36-C924-43D2-966A-9C3BF397D586} folder moved successfully.
C:\Users\user\AppData\Local\{497588A1-5D61-4583-95BF-2DA77C222840} folder moved successfully.
C:\Users\user\AppData\Local\{4B06C42B-71CF-4705-87A2-CA542A483020} folder moved successfully.
C:\Users\user\AppData\Local\{4C23D89B-2D6F-4D8A-BAAB-066C9127C586} folder moved successfully.
C:\Users\user\AppData\Local\{4D91DB65-3E22-45A5-B25A-74CC8834688C} folder moved successfully.
C:\Users\user\AppData\Local\{4DFD8BBC-8ABF-4357-9E06-376D69FEC99B} folder moved successfully.
C:\Users\user\AppData\Local\{5063A58D-0AA4-42BC-9FFC-5C27C5A8B225} folder moved successfully.
C:\Users\user\AppData\Local\{55A35942-9A56-44AB-8428-64EBE4F9E638} folder moved successfully.
C:\Users\user\AppData\Local\{57300D20-DFD8-4768-A04E-917C0190039A} folder moved successfully.
C:\Users\user\AppData\Local\{59A48CAA-F24B-465B-8065-8A52BEF269C1} folder moved successfully.
C:\Users\user\AppData\Local\{61AAAD6D-E0EB-4D57-838C-57A4A3DD6F47} folder moved successfully.
C:\Users\user\AppData\Local\{638F63FC-5D2B-4FE3-B357-8F4403547837} folder moved successfully.
C:\Users\user\AppData\Local\{665B9EF7-E5FC-4EE3-B712-48B54E3E5387} folder moved successfully.
C:\Users\user\AppData\Local\{675D5011-8402-4D01-9DB9-2685528A0230} folder moved successfully.
C:\Users\user\AppData\Local\{683CE99B-2788-47F3-A4BA-461095887691} folder moved successfully.
C:\Users\user\AppData\Local\{6B281489-5C4D-4873-B419-D005B7A7FE57} folder moved successfully.
C:\Users\user\AppData\Local\{6C2C283B-7FBF-4F87-8BA7-A9A41FC4099B} folder moved successfully.
C:\Users\user\AppData\Local\{6D527946-F656-42FB-9E91-62C91B9D6F36} folder moved successfully.
C:\Users\user\AppData\Local\{6DE81746-AE94-40ED-9176-5AFFEEE5D6CD} folder moved successfully.
C:\Users\user\AppData\Local\{6F8D5F1B-9969-498E-B612-88B5A56558C8} folder moved successfully.
C:\Users\user\AppData\Local\{721F947B-605E-42A4-BB59-656DE42A0834} folder moved successfully.
C:\Users\user\AppData\Local\{7221ECE2-6BFA-4D34-B811-D593A65848B7} folder moved successfully.
C:\Users\user\AppData\Local\{739A1239-06E8-42E2-9952-DBDB8A088507} folder moved successfully.
C:\Users\user\AppData\Local\{739C2C99-2F8D-43D7-B79E-A0EF62E30595} folder moved successfully.
C:\Users\user\AppData\Local\{791701E2-4AC6-44A0-82E2-8C307B2BBF4C} folder moved successfully.
C:\Users\user\AppData\Local\{797D485B-847D-4B6E-975C-137AF75C78F4} folder moved successfully.
C:\Users\user\AppData\Local\{7AA83FD4-2811-4A7D-BC6A-DA1AEC20B7D0} folder moved successfully.
C:\Users\user\AppData\Local\{7AE2FA7F-BD61-49E8-8C4C-8E050BA5AF38} folder moved successfully.
C:\Users\user\AppData\Local\{800D0471-321D-4086-A8F0-A6B2CE2D3401} folder moved successfully.
C:\Users\user\AppData\Local\{86AF16DF-2110-4B33-870A-32002B388807} folder moved successfully.
C:\Users\user\AppData\Local\{871BCD0B-5901-44D8-8EB5-86C36C7CCBE9} folder moved successfully.
C:\Users\user\AppData\Local\{8C326BFF-509D-485A-9E44-3A576B0AD4AE} folder moved successfully.
C:\Users\user\AppData\Local\{8F0D79A2-41B8-4632-AE0D-04953ED1C11E} folder moved successfully.
C:\Users\user\AppData\Local\{9544CE78-9A16-4527-B016-2334B8A694AC} folder moved successfully.
C:\Users\user\AppData\Local\{957982B3-C0B2-4C48-BB3E-F366FA739DAB} folder moved successfully.
C:\Users\user\AppData\Local\{9EF9E1BF-DE5A-40B8-88FF-BD65F3781345} folder moved successfully.
C:\Users\user\AppData\Local\{9F6AB74F-593B-4D99-B88B-DEA49A6B54E2} folder moved successfully.
C:\Users\user\AppData\Local\{A17F032C-8E19-4942-A2DB-EC592B9BB874} folder moved successfully.
C:\Users\user\AppData\Local\{A25686EF-92E1-47EB-9D1D-8FE19C40299B} folder moved successfully.
C:\Users\user\AppData\Local\{A52B1F8C-E6B7-4D4B-BAA3-8F5CD6D4D2C4} folder moved successfully.
C:\Users\user\AppData\Local\{A891D1BA-BC85-45C0-8333-1E035868A0E8} folder moved successfully.
C:\Users\user\AppData\Local\{B104273A-C912-4E51-8B52-E9E60AC2797B} folder moved successfully.
C:\Users\user\AppData\Local\{B1B6DE8E-95B3-49BB-9D76-225766F2AE43} folder moved successfully.
C:\Users\user\AppData\Local\{B2431F85-CF61-4788-A457-0143F264C7BB} folder moved successfully.
C:\Users\user\AppData\Local\{B473B0CB-91F3-4165-855B-01EEFA0691CD} folder moved successfully.
C:\Users\user\AppData\Local\{B521B22D-063F-4889-AF2A-B658EEB391FA} folder moved successfully.
C:\Users\user\AppData\Local\{B5F33B2D-7CBA-4F81-883F-AB0CA4587E67} folder moved successfully.
C:\Users\user\AppData\Local\{B70DCFA0-C9B5-4DCC-85FC-75CBFBFE49A3} folder moved successfully.
C:\Users\user\AppData\Local\{B7279DED-D847-48FB-B6C9-AE3891C257FC} folder moved successfully.
C:\Users\user\AppData\Local\{B8F9D5FA-0BCB-4258-8C4F-14869BF5E193} folder moved successfully.
C:\Users\user\AppData\Local\{C09A13AE-B30A-40BC-9048-1E0462FCC590} folder moved successfully.
C:\Users\user\AppData\Local\{C0BA8BF5-EE53-4E20-8167-8E361A776178} folder moved successfully.
C:\Users\user\AppData\Local\{C102A1DC-C2B0-4FA4-80CA-04F26928A34F} folder moved successfully.
C:\Users\user\AppData\Local\{C1DD3170-48B8-4DEB-928D-D7C5F7552376} folder moved successfully.
C:\Users\user\AppData\Local\{C413068F-5BBD-426F-A1D0-1F3F24561BF9} folder moved successfully.
C:\Users\user\AppData\Local\{C71CD787-0859-46A4-B5AE-30B18B1D2F67} folder moved successfully.
C:\Users\user\AppData\Local\{CD195024-D775-438B-B55C-DF28A947850B} folder moved successfully.
C:\Users\user\AppData\Local\{CDCA51ED-98BE-4D04-9C5B-1CF449D8556F} folder moved successfully.
C:\Users\user\AppData\Local\{CE953A5D-25B1-48CB-9533-11032DE56B7E} folder moved successfully.
C:\Users\user\AppData\Local\{D364BD16-4D47-495E-9F94-C04BA2D5DFDE} folder moved successfully.
C:\Users\user\AppData\Local\{D470CCAC-E724-48F9-8099-E14D4DA242EC} folder moved successfully.
C:\Users\user\AppData\Local\{D4E89EE6-9FF6-4742-8320-67A3FFC0A73C} folder moved successfully.
C:\Users\user\AppData\Local\{D78FD821-DB57-4CDB-91DB-7A01859DF56B} folder moved successfully.
C:\Users\user\AppData\Local\{D7EB7752-D654-43B9-8AB5-D22DF24D2D34} folder moved successfully.
C:\Users\user\AppData\Local\{D8F620F4-83A7-49EC-98B3-F0871B16E6DB} folder moved successfully.
C:\Users\user\AppData\Local\{D92DED8F-8EE7-441F-9B7A-922379DA29B1} folder moved successfully.
C:\Users\user\AppData\Local\{DA152029-89F3-40F8-AB9C-442766A20935} folder moved successfully.
C:\Users\user\AppData\Local\{DD8724E9-AFA6-4A3E-8518-8B1AA8A5F3CC} folder moved successfully.
C:\Users\user\AppData\Local\{DDA72E12-45E8-4158-99EB-F668BC5E273E} folder moved successfully.
C:\Users\user\AppData\Local\{DF0B4644-03FE-4869-9448-1ABC061EDD42} folder moved successfully.
C:\Users\user\AppData\Local\{E0001DEF-96E4-4FB6-A340-737CC61DABA9} folder moved successfully.
C:\Users\user\AppData\Local\{E4CCE29C-B93B-4013-9436-B853D9D16EBD} folder moved successfully.
C:\Users\user\AppData\Local\{E5D88FBA-85F9-4898-9804-D4C5BE078761} folder moved successfully.
C:\Users\user\AppData\Local\{E788A829-937A-4354-9CAC-40ADB101FDF7} folder moved successfully.
C:\Users\user\AppData\Local\{E8C7A116-953F-4693-945D-D9C12A52AD93} folder moved successfully.
C:\Users\user\AppData\Local\{E8F15126-EC7C-4A7C-96EE-0B8E75214D71} folder moved successfully.
C:\Users\user\AppData\Local\{EB863A9C-188B-49BE-B22E-3B3AAA1A91E2} folder moved successfully.
C:\Users\user\AppData\Local\{ED2F8264-DA44-47F5-B4FE-AB3EC6410BCF} folder moved successfully.
C:\Users\user\AppData\Local\{EE386B48-8B79-4FD0-B97B-53ACABB12563} folder moved successfully.
C:\Users\user\AppData\Local\{EE5F67A2-3246-4DEF-8432-91908C4977AD} folder moved successfully.
C:\Users\user\AppData\Local\{EECEF9E6-A121-4DEC-83A1-80A69B247234} folder moved successfully.
C:\Users\user\AppData\Local\{EF217A95-ED5A-40E5-8AD2-538640C08578} folder moved successfully.
C:\Users\user\AppData\Local\{F1216B40-6988-48C1-A768-86087D06423A} folder moved successfully.
C:\Users\user\AppData\Local\{F1B809AE-75E5-42C2-B8AF-36B950154F76} folder moved successfully.
C:\Users\user\AppData\Local\{FF1C1779-624A-4BA3-82D9-EF223BD7E162} folder moved successfully.
C:\Users\user\AppData\Local\{FFC5CBAF-A3CF-4F3B-9920-75E3929F09F4} folder moved successfully.
File\Folder C:\ProgramData\*.exe not found.
C:\ProgramData\Temp\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} folder moved successfully.
C:\ProgramData\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1} folder moved successfully.
C:\ProgramData\Temp\{80E158EA-7181-40FE-A701-301CE6BE64AB} folder moved successfully.
C:\ProgramData\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41} folder moved successfully.
C:\ProgramData\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658} folder moved successfully.
C:\ProgramData\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} folder moved successfully.
C:\ProgramData\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D} folder moved successfully.
C:\ProgramData\Temp folder moved successfully.
C:\Users\user\AppData\Local\Temp\conduitinstaller.exe moved successfully.
C:\Users\user\AppData\Local\Temp\dotNetFx40_Full_setup.exe moved successfully.
C:\Users\user\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe moved successfully.
C:\Users\user\AppData\Local\Temp\install_0_msi.exe moved successfully.
C:\Users\user\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe moved successfully.
C:\Users\user\AppData\Local\Temp\jre-6u34-windows-i586-iftw.exe moved successfully.
C:\Users\user\AppData\Local\Temp\OriginLauncher3789919.exe moved successfully.
C:\Users\user\AppData\Local\Temp\PriceGong.exe moved successfully.
C:\Users\user\AppData\Local\Temp\rootsupd.exe moved successfully.
C:\Users\user\AppData\Local\Temp\Setup.exe moved successfully.
C:\Users\user\AppData\Local\Temp\Shortcut_SweetImSetup.exe moved successfully.
C:\Users\user\AppData\Local\Temp\SIMEEIInstaller.exe moved successfully.
C:\Users\user\AppData\Local\Temp\SweetIMSetup.exe moved successfully.
C:\Users\user\AppData\Local\Temp\tmp3C42.tmp.exe moved successfully.
C:\Users\user\AppData\Local\Temp\tmpBA5C.tmp.exe moved successfully.
C:\Users\user\AppData\Local\Temp\tmpC09C.tmp.exe moved successfully.
C:\Users\user\AppData\Local\Temp\tmpD7A.tmp.exe moved successfully.
C:\Users\user\AppData\Local\Temp\tmpDEAB.tmp.exe moved successfully.
C:\Users\user\AppData\Local\Temp\tmpFD8E.tmp.exe moved successfully.
C:\Users\user\AppData\Local\Temp\TubeBox_Setup.exe moved successfully.
C:\Users\user\AppData\Local\Temp\uninstall.exe moved successfully.
C:\Users\user\AppData\Local\Temp\vcredist_x64.exe moved successfully.
C:\Users\user\AppData\Local\Temp\vcredist_x86.exe moved successfully.
C:\Users\user\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk moved successfully.
File/Folder C:\windows\System32\*.tmp not found.
File/Folder C:\windows\SysWOW64\*.tmp not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\user\Desktop\cmd.bat deleted successfully.
C:\Users\user\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 53500 bytes
->Temporary Internet Files folder emptied: 66470 bytes
->Java cache emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Sicherheits Log datei von OTL 29,082012
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: user
->Temp folder emptied: 8394414985 bytes
->Temporary Internet Files folder emptied: 474121924 bytes
->Google Chrome cache emptied: 6811432 bytes
->Flash cache emptied: 127248 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 523080366 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 1783276338 bytes
Total Files Cleaned = 10,664.00 mb
OTL by OldTimer - Version 3.2.59.1 log created on 08312012_212015
Files\Folders moved on Reboot...
C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
31.08.2012, 22:58
| #5 |
| /// Helfer-Team | WIN7 auch GVU Trojaner 2.07 verseucht Sehr gut!  Wie laeuft der Rechner? 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 2. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
|
05.09.2012, 20:40
| #6 |
| | WIN7 auch GVU Trojaner 2.07 verseucht Hallo t'john, ich schon wieder, jetzt habe ich das Problem, das ich mit Malewarebytes kein Update machen kann, weil dass Rundll "install_0_msi.exe" fehlt und ich absolut keine Verbindung ins Internet bekomme. Weder über Lan noch über WLan. Würde mich echt freuen wenn du mir weiterhelfen könntest. Ach der Rechner läuft noch nicht so toll, braucht ewig bis sich was öffnet. Vielen Dank schon mal und Viele Grüße Dadymo |
|
06.09.2012, 01:22
| #7 |
| /// Helfer-Team | WIN7 auch GVU Trojaner 2.07 verseucht Wer sagt denn auch dass wir fertig waren? Solltest du noch einmal abbrechen, wirst du hier von mir keine Hilfe mehr erhalten. Mit einem anderen Rechner laden: http://data.mbamupdates.com/tools/mbam-rules.exe Ueber USB-Stick auf dem betroffenen Rechner starten um Datenbank zu aktualisieren. Scannen Log Posten! |
|
06.09.2012, 18:20
| #8 |
| | WIN7 auch GVU Trojaner 2.07 verseucht Hallo t'john, Danke für den Link. Habe alles so gemacht, Malwarebytes aktualisiert, Vollscann gemacht, Funde löschen lassen. Kann ich jetzt mit Schritt 3 weitermachen (AdwCleaner) oder hast du andere Anweisungen für mich? Ich möchte doch nichts falsch machen Vielen Dank Dadymo Log von Malwarebytes. |
|
06.09.2012, 19:38
| #9 |
| /// Helfer-Team | WIN7 auch GVU Trojaner 2.07 verseucht Ja, mit 3 und 4 weitermachen. |
|
06.09.2012, 20:34
| #10 |
| | WIN7 auch GVU Trojaner 2.07 verseucht Hallo t'john, habe alles gemacht,(schritt 3 + 4) Bitte nicht mit mir meckern, habe AdwCleaner beim Ersten mal nicht vom Desktop aus gestartet sondern vom Stick (aber Als Admin). Beim 2 ten mal aufs Desktop und als Admin ausgeführt. Bitte gib mich nicht auf. Vielen Dank und viele Grüße Dadymo |
|
07.09.2012, 12:03
| #11 |
| /// Helfer-Team | WIN7 auch GVU Trojaner 2.07 verseucht Sehr gut! Wie laeuft der Rechner? Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
07.09.2012, 20:14
| #12 |
| | WIN7 auch GVU Trojaner 2.07 verseucht Hallo t'john, vielen Dank erstmal, Rechner läuft noch nicht besonders. Bitte nicht schimpfen, aber ich komme noch nicht ins Internet. Jetzt habe ich mal den Malware-Scan mit Emsisoft gemacht, nur ohne das update. Da habe ich jetzt auch noch nichts gelöscht oder in Quarantäne verschoben, hast du ja geschrieben, nur scannen und posten. Vielen Dank nochmal für deine Bemühungen und Hilfe Ein schönes Wochenende Viele Grüße Dadymo |
|
08.09.2012, 18:49
| #13 |
| /// Helfer-Team | WIN7 auch GVU Trojaner 2.07 verseucht Windows Repair Tool (AIO)
|
|
09.09.2012, 09:16
| #14 |
| | WIN7 auch GVU Trojaner 2.07 verseucht Hallo t'john, du bist echt mein Retter, Vielen Vielen Dank, ganz Ehrlich. Internet geht wieder.(habe alles genau so gemacht) Rechner läuft jetzt besser. Habe Malware-Scan mit Emsisoft (frisch upgedatet aber nichts löschen lassen oder in Quarantäne verschoben.) Freue mich schon auf deine nächste Anweisung. Echt Vielen Vielen Dank und einen schönen Sonntag, Viele Grüße Dadymo |
|
09.09.2012, 23:56
| #15 |
| /// Helfer-Team | WIN7 auch GVU Trojaner 2.07 verseucht Sehr gut! Lasse die Funde in Quarantaene verschieben, dann: Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
|
| Themen zu WIN7 auch GVU Trojaner 2.07 verseucht |
| abgesicherte, abgesicherten, abgesicherten modus, anhänge, anhängen, ausgeführt, euere, extra, freue, gescannt, gvu trojaner, gvu trojaner 2.07, helfer, hänge, hängen, konte, liebe, log, troja, trojaner, verseucht, win, win7, würde |
Linear-Darstellung
