Polizei Virus Österreich

gox · 01.09.2012, 19:13

Hallo liebes Team!
Ich wende mich ebenfalls mit der Bitte um Hilfe an Euch, da ich mir vor zwei Tagen den 'Polizei-Virus' eingefangen habe.
Nach einer Weile googeln bin ich auf dieses Forum gestoßen wo ich entdeckt habe dass ich nicht der einzige mit dem selben Problem bin.
... Nun ja, ich kenne mich nicht wirklich gut mit den Computern aus und alles was ich tun konnte ist das Programm 'OTL' von Oldtimer herunterzuladen und mit dem, einen Scan durchzuführen.
Die Einstellungen waren überall 'Benutzer SafeList', 'Datei-Alter 30 Tage',und 'Standard-Ausgabe'.
Nach dem Scan am Bildschirm waren 2 neue Dateien und sogar:
-OTL und
-Extras,
die ich Anbei auch posten werde.
Ich hoffe es findet sich jemand um sich mit diesem Problem auseinander zu setzen um mir zu helfen da ich selber nicht weiter weiss.
Vielen Dank im Vorraus

t'john · 02.09.2012, 10:06

Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 4 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern mede dies bitte.

1. Schritt

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.

Code:

ATTFilter

:OTL
MOD - [2012.08.31 03:50:33 | 000,067,584 | ---- | M] () -- C:\Users\Goran\AppData\Local\Temp\cnomsxaerw.exe 
MOD - [2012.08.31 03:50:26 | 000,156,160 | ---- | M] () -- C:\Users\Goran\AppData\Roaming\wsacs.dll 
MOD - [2012.08.31 03:50:15 | 000,268,288 | ---- | M] () -- C:\Users\Goran\AppData\Roaming\xsecva\xsecva.exe 
MOD - [2012.04.29 20:49:35 | 000,140,800 | ---- | M] () -- C:\ProgramData\TheBflix\bhoclass.dll 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=109217&babsrc=HP_ss&mntrId=5c1ddb960000000000000015ce34ef7b 
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC 
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109217&babsrc=SP_ss&mntrId=5c1ddb960000000000000015ce34ef7b 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" 
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" 
FF - prefs.js..browser.search.selectedEngine: "Google" 
FF - prefs.js..browser.startup.homepage: "about:home" 
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109217&babsrc=adbartrp&mntrId=5c1ddb960000000000000015ce34ef7b&q=" 
CHR - Extension: TheBflix = C:\Users\Goran\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhocdmhohpjjbaamenhbaidaoihaiflb\5.1_0\ 
O2 - BHO: (TheBflix Class) - {C8D6B0C9-EFC9-446D-9DDC-152AC8DDED2B} - C:\ProgramData\TheBflix\bhoclass.dll () 
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) 
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) 
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () 
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) 
O4 - HKCU..\Run: [] C:\Users\Goran\AppData\Local\Temp\cnomsxaerw.exe () 
O4 - HKCU..\Run: [wsacs] C:\Users\Goran\AppData\Roaming\wsacs.dll () 
O4 - HKCU..\Run: [XSECVA] C:\Users\Goran\AppData\Roaming\xsecva\xsecva.exe () 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Reg Error: Value error.) 
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 10.6.2) 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] 
O33 - MountPoints2\{06463ec6-ef57-11df-98ab-001b3880edd0}\Shell - "" = AutoRun 
O33 - MountPoints2\{06463ec6-ef57-11df-98ab-001b3880edd0}\Shell\AutoRun\command - "" = F:\SETUP.EXE 
O33 - MountPoints2\{6a8f9dab-24f7-11e1-a19f-0015ce34ef7b}\Shell - "" = AutoRun 
O33 - MountPoints2\{6a8f9dab-24f7-11e1-a19f-0015ce34ef7b}\Shell\AutoRun\command - "" = F:\Startme.exe 
 
[2012.08.15 11:28:26 | 000,352,936 | ---- | C] (Softonic) -- C:\Users\Goran\Desktop\SoftonicDownloader_for_topocr.exe 

[2012.01.09 03:35:56 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} 
[2012.01.09 03:35:33 | 000,003,915 | ---- | M] () -- C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\searchplugins\sweetim.xml 
[2012.05.01 15:19:48 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\4f9d8d3f224fb@4f9d8d3f224fd.info 
[2011.03.28 14:40:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com 

[2012.09.01 19:21:54 | 000,000,000 | ---D | C] -- C:\Users\Goran\AppData\Local\{A1DBF5BC-D54C-48F6-9072-FD3BB1547511} 
[2010.11.14 15:01:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat 
:Files

C:\Users\Goran\AppData\Local\{*}
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\Goran\AppData\Local\Temp\*.exe
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
%SystemRoot%\System32\*.tmp
%SystemRoot%\SysWOW64\*.tmp
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

2. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

danach:

3. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

4. Schritt

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Delete.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

gox · 03.09.2012, 04:52

Hey t'john, es hat funktioniert!!

Jetz läuft mein Laptop wieder

Ich wollte mich noch bei dir herzlich bedanken für deine Hilfe, gleichzeitig aber auch die Logfiles posten die du noch von mir verlangt hast die du unter dem Text findest, da die zu groß fürs attachen waren.

Ich hoffe nur, dass ich alles richtig gemacht habe da ich beim Scannen deine Anweisungen genau schritweisse befolgt habe.

1. Schritt:

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: "about:home" removed from browser.startup.homepage
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
Prefs.js: "hxxp://search.babylon.com/?AF=109217&babsrc=adbartrp&mntrId=5c1ddb960000000000000015ce34ef7b&q=" removed from keyword.URL
C:\Users\Goran\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhocdmhohpjjbaamenhbaidaoihaiflb\5.1_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8D6B0C9-EFC9-446D-9DDC-152AC8DDED2B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C8D6B0C9-EFC9-446D-9DDC-152AC8DDED2B}\ deleted successfully.
C:\ProgramData\TheBflix\bhoclass.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
C:\Programme\DivX\DivX Update\DivXUpdate.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM deleted successfully.
C:\Programme\SweetIM\Messenger\SweetIM.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Users\Goran\AppData\Local\Temp\cnomsxaerw.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\wsacs deleted successfully.
C:\Users\Goran\AppData\Roaming\wsacs.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\XSECVA deleted successfully.
C:\Users\Goran\AppData\Roaming\xsecva\xsecva.exe moved successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06463ec6-ef57-11df-98ab-001b3880edd0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06463ec6-ef57-11df-98ab-001b3880edd0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06463ec6-ef57-11df-98ab-001b3880edd0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06463ec6-ef57-11df-98ab-001b3880edd0}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a8f9dab-24f7-11e1-a19f-0015ce34ef7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6a8f9dab-24f7-11e1-a19f-0015ce34ef7b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a8f9dab-24f7-11e1-a19f-0015ce34ef7b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6a8f9dab-24f7-11e1-a19f-0015ce34ef7b}\ not found.
File F:\Startme.exe not found.
C:\Users\Goran\Desktop\SoftonicDownloader_for_topocr.exe moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\skin folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\nl-NL folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\it-IT folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\fr-FR folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\es-ES folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\en-US folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\de-DE folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\content folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\searchplugins\sweetim.xml moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\4f9d8d3f224fb@4f9d8d3f224fd.info\content folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\4f9d8d3f224fb@4f9d8d3f224fd.info folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Goran\AppData\Roaming\mozilla\Firefox\Profiles\63wpayub.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Goran\AppData\Local\{A1DBF5BC-D54C-48F6-9072-FD3BB1547511} folder moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
========== FILES ==========
C:\Users\Goran\AppData\Local\{001177D6-7199-480D-8C4A-FFCDCCE0A5F6} folder moved successfully.
C:\Users\Goran\AppData\Local\{00317DB1-FCC1-48E3-9111-4A8AE0FBB2C4} folder moved successfully.
C:\Users\Goran\AppData\Local\{00E79252-A63A-44FF-8085-984004DF4262} folder moved successfully.
C:\Users\Goran\AppData\Local\{011F317B-0598-4D3F-862F-18EA06BA1F6C} folder moved successfully.
C:\Users\Goran\AppData\Local\{037926E3-0F1C-459F-8886-005B63657AD9} folder moved successfully.
C:\Users\Goran\AppData\Local\{0396E622-61D9-4BD4-A00D-54439AFB401D} folder moved successfully.
C:\Users\Goran\AppData\Local\{0598ED31-AA46-4892-9A86-7111C992ED49} folder moved successfully.
C:\Users\Goran\AppData\Local\{06A559F3-3D90-4E2A-BDD7-314BA658D6A3} folder moved successfully.
C:\Users\Goran\AppData\Local\{06B81F07-58D8-4DBC-B0FA-189ED49288A1} folder moved successfully.
C:\Users\Goran\AppData\Local\{0725AC56-3DD3-4730-AEB1-A82CDB09E5B1} folder moved successfully.
C:\Users\Goran\AppData\Local\{07C6C774-F744-47C0-A95D-71B5DAF5D4EF} folder moved successfully.
C:\Users\Goran\AppData\Local\{09A4796A-E66A-4659-BAB4-E95DC63F6B28} folder moved successfully.
C:\Users\Goran\AppData\Local\{0A050846-5C10-42B9-913D-AB7AFEE3F889} folder moved successfully.
C:\Users\Goran\AppData\Local\{0AA1A81C-505E-46AE-81B8-58D99AD9554F} folder moved successfully.
C:\Users\Goran\AppData\Local\{0B231B96-7213-4A58-B61D-C9F1265D9540} folder moved successfully.
C:\Users\Goran\AppData\Local\{0DC9057C-7896-42E9-A2E9-5697E0FB5917} folder moved successfully.
C:\Users\Goran\AppData\Local\{0DF529CE-53B5-48F8-BA8E-33869BE3A758} folder moved successfully.
C:\Users\Goran\AppData\Local\{0F02A63C-0E7D-4FAF-96C7-85A40A1FCC7D} folder moved successfully.
C:\Users\Goran\AppData\Local\{0F1FB566-41EF-4ABC-B89F-A4E555D23F82} folder moved successfully.
C:\Users\Goran\AppData\Local\{0F9F362E-CAD5-4B0A-85E9-648D91987348} folder moved successfully.
C:\Users\Goran\AppData\Local\{0FA158E0-913E-4535-92FD-FC10751B195D} folder moved successfully.
C:\Users\Goran\AppData\Local\{10B1F7BB-A8AA-4900-A5AB-DF3C99F49A75} folder moved successfully.
C:\Users\Goran\AppData\Local\{10CC8D6E-3421-4596-B2EB-0DE4B034805A} folder moved successfully.
C:\Users\Goran\AppData\Local\{10DC3BC1-2336-4571-B120-A12D391E76E8} folder moved successfully.
C:\Users\Goran\AppData\Local\{118FD395-6E07-4D2A-AA2A-78653FC07C94} folder moved successfully.
C:\Users\Goran\AppData\Local\{12180734-ED21-435C-813A-5B830F28E42F} folder moved successfully.
C:\Users\Goran\AppData\Local\{14970BBC-897D-463C-A238-890C3B855843} folder moved successfully.
C:\Users\Goran\AppData\Local\{158312A7-7B05-4AF9-BE6E-85061663762B} folder moved successfully.
C:\Users\Goran\AppData\Local\{18320DBD-D533-4F3B-8C8C-2D8AF86A8490} folder moved successfully.
C:\Users\Goran\AppData\Local\{193A9C46-3A62-4D24-95A1-0D37B05C1801} folder moved successfully.
C:\Users\Goran\AppData\Local\{1A0EED4B-4A33-49FA-84BB-FC75EECC0A8E} folder moved successfully.
C:\Users\Goran\AppData\Local\{1A2769CA-F771-44D6-9B1E-4ED42DCD6240} folder moved successfully.
C:\Users\Goran\AppData\Local\{1A282B78-E3EE-4FA1-9D5B-8E5A32FAAF2C} folder moved successfully.
C:\Users\Goran\AppData\Local\{1E93C6A8-C010-4786-9BCE-67EEAD54CEE7} folder moved successfully.
C:\Users\Goran\AppData\Local\{2057ADE1-1E4B-4964-AF26-9936242ED867} folder moved successfully.
C:\Users\Goran\AppData\Local\{213493F6-9BEC-4646-A035-D3B3D94F3091} folder moved successfully.
C:\Users\Goran\AppData\Local\{214CAAE1-0D66-467F-A7D3-17A2D90BC924} folder moved successfully.
C:\Users\Goran\AppData\Local\{215574ED-16F7-463A-9D0D-A5E534C6A952} folder moved successfully.
C:\Users\Goran\AppData\Local\{220A0929-9FF7-41EE-B55B-527D44B6A915} folder moved successfully.
C:\Users\Goran\AppData\Local\{236F1BFA-8444-460F-93B5-92F3739FF4B1} folder moved successfully.
C:\Users\Goran\AppData\Local\{24EA3980-183B-4BAA-BC8E-21A6430DD32D} folder moved successfully.
C:\Users\Goran\AppData\Local\{25AB4EF2-19BF-4DE4-80BD-6397F0527BAC} folder moved successfully.
C:\Users\Goran\AppData\Local\{26B74C3F-50E4-4BA8-A848-745E562001B7} folder moved successfully.
C:\Users\Goran\AppData\Local\{28EEBB52-9DBA-4E6F-A40E-2BFE82814CB2} folder moved successfully.
C:\Users\Goran\AppData\Local\{29753C97-B5CB-4C09-A160-F715204B707A} folder moved successfully.
C:\Users\Goran\AppData\Local\{29C7F7ED-EDD6-4930-B1F4-0174C0E21CA2} folder moved successfully.
C:\Users\Goran\AppData\Local\{29FB3524-EDFA-43F9-8939-9D04764702DA} folder moved successfully.
C:\Users\Goran\AppData\Local\{2B37242D-B926-4B12-B4B3-4C8FCD77A2F6} folder moved successfully.
C:\Users\Goran\AppData\Local\{2C2AE176-0C5B-4458-B1B6-9D4A5DF878F2} folder moved successfully.
C:\Users\Goran\AppData\Local\{2D32318D-12E3-405C-A157-302EDB8815AD} folder moved successfully.
C:\Users\Goran\AppData\Local\{2DBFB8FE-8915-4A38-82FF-527A376F88F8} folder moved successfully.
C:\Users\Goran\AppData\Local\{2DFB33A1-229B-4505-8C5B-3AEF8951095B} folder moved successfully.
C:\Users\Goran\AppData\Local\{2F860F55-1E52-40A5-B263-BC8D375CF9CF} folder moved successfully.
C:\Users\Goran\AppData\Local\{30EAA70C-C0A9-4736-840A-3D7C10EFABB1} folder moved successfully.
C:\Users\Goran\AppData\Local\{30F9ADD0-44A1-4D8A-B5BF-63412EE729F1} folder moved successfully.
C:\Users\Goran\AppData\Local\{31DE1555-5D31-4526-BCF9-51559ABB5BF3} folder moved successfully.
C:\Users\Goran\AppData\Local\{326C6971-79AF-4170-BD6A-94D71A3D004C} folder moved successfully.
C:\Users\Goran\AppData\Local\{3272EEE6-CE30-4944-AB15-79E0A1169C2D} folder moved successfully.
C:\Users\Goran\AppData\Local\{32F144DD-0294-472F-9716-072D5857481E} folder moved successfully.
C:\Users\Goran\AppData\Local\{3350A3AC-DD66-4F9F-A3E6-EB9C3B86EB11} folder moved successfully.
C:\Users\Goran\AppData\Local\{34A065BB-756E-4897-8382-C729A9F7D8C6} folder moved successfully.
C:\Users\Goran\AppData\Local\{34F82B0E-5722-4A4D-A3F9-B09B63413EA9} folder moved successfully.
C:\Users\Goran\AppData\Local\{3580F254-A524-4D9F-BFA4-5D67BA9D179C} folder moved successfully.
C:\Users\Goran\AppData\Local\{3647C093-D0B8-4E4F-BF3B-247E8713D804} folder moved successfully.
C:\Users\Goran\AppData\Local\{384B30B2-FE4C-4B7A-AC15-D90E7B23A735} folder moved successfully.
C:\Users\Goran\AppData\Local\{38F215CB-F0CE-4BB6-90A1-1946E390DD25} folder moved successfully.
C:\Users\Goran\AppData\Local\{390E8A9E-AAAA-4686-8361-62972BC1168A} folder moved successfully.
C:\Users\Goran\AppData\Local\{3B5C86A1-9957-42FD-8E38-826870C71B15} folder moved successfully.
C:\Users\Goran\AppData\Local\{3C10878A-0C08-4C11-9EA3-69EF6E5F03F6} folder moved successfully.
C:\Users\Goran\AppData\Local\{3EC0FCAE-3421-47FA-BABF-5470B3737BC4} folder moved successfully.
C:\Users\Goran\AppData\Local\{4274A75A-5BE2-4025-8421-BCFF8924B191} folder moved successfully.
C:\Users\Goran\AppData\Local\{428AD742-8609-4C55-9EC8-1843DD5A985C} folder moved successfully.
C:\Users\Goran\AppData\Local\{42DE0888-DBEC-4324-839B-46B6FE81A40A} folder moved successfully.
C:\Users\Goran\AppData\Local\{4395AC61-6E57-4EDC-A170-EEDFA94EE919} folder moved successfully.
C:\Users\Goran\AppData\Local\{43EDF507-D3A2-436E-8725-EF35F81AF22F} folder moved successfully.
C:\Users\Goran\AppData\Local\{476497C8-9745-41E7-9A72-9790D2F45773} folder moved successfully.
C:\Users\Goran\AppData\Local\{48366CA8-FE2D-47D7-9A21-0C4DCA5566D3} folder moved successfully.
C:\Users\Goran\AppData\Local\{492CD971-979E-4AE4-89D7-42AE643BD7C6} folder moved successfully.
C:\Users\Goran\AppData\Local\{49B21F56-04A6-4E3C-9655-93A053ACB713} folder moved successfully.
C:\Users\Goran\AppData\Local\{4C3BF650-F5EE-49CC-B5D7-C5DF5C83103A} folder moved successfully.
C:\Users\Goran\AppData\Local\{4D217EF1-CA2E-466C-85A9-7F68CDBA8ACD} folder moved successfully.
C:\Users\Goran\AppData\Local\{4DB615DF-3D74-4BEB-BBEB-D4624F0E917D} folder moved successfully.
C:\Users\Goran\AppData\Local\{4DDA04F4-278A-4EDA-A10F-CA6DB8C3C36E} folder moved successfully.
C:\Users\Goran\AppData\Local\{4DF25244-2663-4284-A60E-D08335845B4A} folder moved successfully.
C:\Users\Goran\AppData\Local\{4EF73CCE-96BC-4CEC-A058-298EAE62D5E6} folder moved successfully.
C:\Users\Goran\AppData\Local\{4FE1344B-AAD6-4661-AFD8-D0DCC825E547} folder moved successfully.
C:\Users\Goran\AppData\Local\{5090E4E1-7135-4233-B9C9-349DAC20359A} folder moved successfully.
C:\Users\Goran\AppData\Local\{51DB656E-703A-42DA-868A-ADCF509597E8} folder moved successfully.
C:\Users\Goran\AppData\Local\{52BEC900-E0D5-4EBA-9F66-96D1163CCFEF} folder moved successfully.
C:\Users\Goran\AppData\Local\{5341F258-3F89-4116-B198-60B8660736E1} folder moved successfully.
C:\Users\Goran\AppData\Local\{53527B0A-E0C4-41B6-BDA3-91D78EF858F9} folder moved successfully.
C:\Users\Goran\AppData\Local\{54994CE5-3B7E-482D-83A3-EBC241E4739F} folder moved successfully.
C:\Users\Goran\AppData\Local\{556804AA-E21D-4C90-B273-683D9290E41C} folder moved successfully.
C:\Users\Goran\AppData\Local\{55A91CD8-2BCB-491B-BD14-95FAF0648F34} folder moved successfully.
C:\Users\Goran\AppData\Local\{55E3F8B4-191C-4B96-9E00-A77935B9E4CD} folder moved successfully.
C:\Users\Goran\AppData\Local\{575BEC01-72BF-458A-B5BD-D92D6FD394C5} folder moved successfully.
C:\Users\Goran\AppData\Local\{58E8FCBB-B3E1-4736-9348-CFD78354959A} folder moved successfully.
C:\Users\Goran\AppData\Local\{5A3D6C04-D584-4969-8814-258473A2F77F} folder moved successfully.
C:\Users\Goran\AppData\Local\{5B087580-7225-41DB-B96F-718D3C492879} folder moved successfully.
C:\Users\Goran\AppData\Local\{5B3BDE7F-77FA-4D26-B6A0-8872A579D278} folder moved successfully.
C:\Users\Goran\AppData\Local\{5D9B708D-9D0F-4B68-AC05-0DE2ABED6BB1} folder moved successfully.
C:\Users\Goran\AppData\Local\{5DCD3917-5E8D-4819-A6EA-8482A327A730} folder moved successfully.
C:\Users\Goran\AppData\Local\{5FC80974-390F-4F71-9045-86ABE69EEAFE} folder moved successfully.
C:\Users\Goran\AppData\Local\{5FFF5CB3-4F6C-4D78-9E9D-6AD656AD02AA} folder moved successfully.
C:\Users\Goran\AppData\Local\{615C1808-175C-4C07-9B3B-D7BB73ADA73E} folder moved successfully.
C:\Users\Goran\AppData\Local\{61820CD1-8697-450D-8E43-71352D0231D9} folder moved successfully.
C:\Users\Goran\AppData\Local\{622F8685-A061-4C32-A758-06A4169E2374} folder moved successfully.
C:\Users\Goran\AppData\Local\{626FA910-BCE3-4CD7-9DB1-BC7F23E6ADFA} folder moved successfully.
C:\Users\Goran\AppData\Local\{645BFD00-DCE2-4DAF-A23B-C0893B29AE97} folder moved successfully.
C:\Users\Goran\AppData\Local\{64FC7EA4-CA3A-462F-839C-4D8FADD46F04} folder moved successfully.
C:\Users\Goran\AppData\Local\{6668071E-15EF-4A09-901D-43B04BB48005} folder moved successfully.
C:\Users\Goran\AppData\Local\{66D4E3E2-FDF3-48BD-8E8C-3C4BB6672B3F} folder moved successfully.
C:\Users\Goran\AppData\Local\{6731DC64-0C87-4604-A3B4-F3C770B9C85C} folder moved successfully.
C:\Users\Goran\AppData\Local\{6744196F-51B0-4471-AC7D-B53383A1C2EF} folder moved successfully.
C:\Users\Goran\AppData\Local\{67EBBC48-40F1-4F0C-B301-D3083E28724D} folder moved successfully.
C:\Users\Goran\AppData\Local\{6831BCAE-62B8-4686-9169-074F16CB43D4} folder moved successfully.
C:\Users\Goran\AppData\Local\{684F399A-756F-41E2-A5C0-93873A21B5F7} folder moved successfully.
C:\Users\Goran\AppData\Local\{68DC6A52-47DB-407F-90C4-12C06297EC1E} folder moved successfully.
C:\Users\Goran\AppData\Local\{68F7798D-8F1F-47CB-ACE5-CC4CAC266BE3} folder moved successfully.
C:\Users\Goran\AppData\Local\{690F6094-75CB-497C-9106-E3C4C02AAD4A} folder moved successfully.
C:\Users\Goran\AppData\Local\{6ADA7C47-C104-4465-80F6-B0A9A2F9BF95} folder moved successfully.
C:\Users\Goran\AppData\Local\{6BA3597D-8BB4-4730-A00B-F09E10CDD0EB} folder moved successfully.
C:\Users\Goran\AppData\Local\{6E14002A-F613-477D-A597-70CBB0C3B3A8} folder moved successfully.
C:\Users\Goran\AppData\Local\{6E1DD435-CB5B-4560-9177-CD664F41598C} folder moved successfully.
C:\Users\Goran\AppData\Local\{6E2190AD-35B9-4713-BA2E-84473BC85CEE} folder moved successfully.
C:\Users\Goran\AppData\Local\{6EB315D1-4916-4CEE-84E9-459A503C63F4} folder moved successfully.
C:\Users\Goran\AppData\Local\{6EB8F5FF-7191-45FF-8D91-C76A910079E6} folder moved successfully.
C:\Users\Goran\AppData\Local\{6F4CCC7B-1FB3-4F2F-829A-6DCB8D6836CE} folder moved successfully.
C:\Users\Goran\AppData\Local\{7030FE76-FDE0-411F-9459-584EE79A71C6} folder moved successfully.
C:\Users\Goran\AppData\Local\{7333B276-BF0B-475F-9D2C-01078DEC8654} folder moved successfully.
C:\Users\Goran\AppData\Local\{74C44D82-F010-4C67-BE7C-2BD266B2F1B0} folder moved successfully.
C:\Users\Goran\AppData\Local\{75D0BC6F-C55A-49FC-800F-06F44AC88DD4} folder moved successfully.
C:\Users\Goran\AppData\Local\{7753BB08-7968-492D-9631-909911D42A67} folder moved successfully.
C:\Users\Goran\AppData\Local\{78644D98-5388-4E8C-8DBE-FFCB6C541A2F} folder moved successfully.
C:\Users\Goran\AppData\Local\{7B4E5870-8BB2-4A84-8587-4500636A8E4D} folder moved successfully.
C:\Users\Goran\AppData\Local\{7B819A9D-2842-419A-A34F-D2951FBEA9B4} folder moved successfully.
C:\Users\Goran\AppData\Local\{7B8B64E0-6464-47C2-BE03-B838000FB0FF} folder moved successfully.
C:\Users\Goran\AppData\Local\{7B8DC0FE-0CC1-49E3-93DD-F43C3AAB8293} folder moved successfully.
C:\Users\Goran\AppData\Local\{7C0C9DF6-7CD8-4DE4-B25A-783853B65355} folder moved successfully.
C:\Users\Goran\AppData\Local\{7CB0831D-95D0-4919-B4B2-B3637DD2FC77} folder moved successfully.
C:\Users\Goran\AppData\Local\{7CCC97C0-2235-4F5E-BD33-9CE6D4155CB5} folder moved successfully.
C:\Users\Goran\AppData\Local\{7E612B59-CB90-41A5-9627-678204E372B6} folder moved successfully.
C:\Users\Goran\AppData\Local\{7E732369-B3B5-4F09-82F0-0E708DB5D80C} folder moved successfully.
C:\Users\Goran\AppData\Local\{7E94B8B8-2F4D-4FBC-AA48-F3A8D282FB2A} folder moved successfully.
C:\Users\Goran\AppData\Local\{7F7EF0DD-7825-4A2C-BD1C-DAE263A52382} folder moved successfully.
C:\Users\Goran\AppData\Local\{80BD1938-EF99-4A54-8ABF-C6099BA4AB76} folder moved successfully.
C:\Users\Goran\AppData\Local\{813632F1-AAB0-40AB-8139-ECFF7780BA49} folder moved successfully.
C:\Users\Goran\AppData\Local\{833AFA41-6037-4BE2-9E4C-9F8B59F388FD} folder moved successfully.
C:\Users\Goran\AppData\Local\{83DDC965-9025-4FCE-A964-8ED5EA0B9904} folder moved successfully.
C:\Users\Goran\AppData\Local\{850DFB7E-18FB-41B5-AABE-A16689E544E9} folder moved successfully.
C:\Users\Goran\AppData\Local\{8639B097-935B-4C35-8105-FFAC5A62DD08} folder moved successfully.
C:\Users\Goran\AppData\Local\{870EC7F8-BD4A-42A5-BCAD-D3EE8D74A770} folder moved successfully.
C:\Users\Goran\AppData\Local\{891CDCD2-03C0-4982-9EA7-1F3E3079D974} folder moved successfully.
C:\Users\Goran\AppData\Local\{8D797496-526C-4DA8-A48E-C8544748F8C2} folder moved successfully.
C:\Users\Goran\AppData\Local\{8E11F0B5-6BA2-45E3-82D8-30AFDA366001} folder moved successfully.
C:\Users\Goran\AppData\Local\{8FCC8A9F-DE8E-4F29-9B65-0883A03A3D0E} folder moved successfully.
C:\Users\Goran\AppData\Local\{8FD4C7B1-F7FD-4B62-AB41-F648071DEDD6} folder moved successfully.
C:\Users\Goran\AppData\Local\{90000AB7-DFF4-43FF-BF2F-D534621C2F99} folder moved successfully.
C:\Users\Goran\AppData\Local\{90641695-B1B4-4307-8DB9-B4F1A298E755} folder moved successfully.
C:\Users\Goran\AppData\Local\{9162F1B9-60AF-4C15-9BB5-026667FCCAF1} folder moved successfully.
C:\Users\Goran\AppData\Local\{91CFB895-4E26-418D-A0DE-EED84135775E} folder moved successfully.
C:\Users\Goran\AppData\Local\{92FBDF5D-8E3C-430F-B6ED-BDA86286D0BD} folder moved successfully.
C:\Users\Goran\AppData\Local\{9321F103-0BB7-4BDB-B0AF-B9BB9BCE0F3D} folder moved successfully.
C:\Users\Goran\AppData\Local\{94281E34-8A75-4457-B891-94B14375EB1E} folder moved successfully.
C:\Users\Goran\AppData\Local\{94DC9AE8-E502-47CE-B210-17FD7E8CEB9D} folder moved successfully.
C:\Users\Goran\AppData\Local\{95BD3F40-0802-4014-8F0F-0931B1CA5A61} folder moved successfully.
C:\Users\Goran\AppData\Local\{95DCDFE3-25D7-46EB-8F8A-89D50F07A152} folder moved successfully.
C:\Users\Goran\AppData\Local\{95F818B4-80B2-432C-A7BB-88A4DA56AFE0} folder moved successfully.
C:\Users\Goran\AppData\Local\{96ABC084-8165-4F1F-897A-AE45E852FF10} folder moved successfully.
C:\Users\Goran\AppData\Local\{96BF66D9-3F18-425F-8A04-42676C3EC16C} folder moved successfully.
C:\Users\Goran\AppData\Local\{98F00E4E-2BBB-4554-A89D-3DE0170B959A} folder moved successfully.
C:\Users\Goran\AppData\Local\{9CD35A77-B97A-4D81-BCAE-221F570D7925} folder moved successfully.
C:\Users\Goran\AppData\Local\{9DC41843-8B5C-4424-B2FB-B89E74733642} folder moved successfully.
C:\Users\Goran\AppData\Local\{9EF15162-B452-48FC-B9E1-CD85930C79DA} folder moved successfully.
C:\Users\Goran\AppData\Local\{9F4E7406-D412-41D5-83BF-59A612155C33} folder moved successfully.
C:\Users\Goran\AppData\Local\{A120F43A-3179-48CB-9672-14EC81BA27D6} folder moved successfully.
C:\Users\Goran\AppData\Local\{A3446A64-C16F-48F2-A6E7-96C14E485F17} folder moved successfully.
C:\Users\Goran\AppData\Local\{A4F9A1BF-EDCE-4566-8A32-3C7B2798CD97} folder moved successfully.
C:\Users\Goran\AppData\Local\{A5503349-4915-4166-B457-B643D98C5128} folder moved successfully.
C:\Users\Goran\AppData\Local\{A8089CFB-4DF1-4215-B0DE-9C545C7B6ECC} folder moved successfully.
C:\Users\Goran\AppData\Local\{A871BFD4-E0E1-426A-A688-BBBF51217F11} folder moved successfully.
C:\Users\Goran\AppData\Local\{A9275F79-7C48-4F1A-ACB1-7F148F5C2CBB} folder moved successfully.
C:\Users\Goran\AppData\Local\{A943C767-A132-4B58-89D8-9EA675A2CCAF} folder moved successfully.
C:\Users\Goran\AppData\Local\{AA09320F-3087-48D3-8CE0-5A2BF20503EE} folder moved successfully.
C:\Users\Goran\AppData\Local\{AA3C2B2C-236B-4849-B0CC-BF60B71F949F} folder moved successfully.
C:\Users\Goran\AppData\Local\{AA4FC862-CD13-46CE-8F2A-986B43EA72BC} folder moved successfully.
C:\Users\Goran\AppData\Local\{AA8029D8-0FC3-4931-BECC-59253CFB2B7D} folder moved successfully.
C:\Users\Goran\AppData\Local\{ABDA7593-C352-46DE-A402-9FC22E57834C} folder moved successfully.
C:\Users\Goran\AppData\Local\{ACB05D92-197D-4DD8-87FE-F23A78BA9488} folder moved successfully.
C:\Users\Goran\AppData\Local\{ADF38E85-2219-489F-833B-6D77817FE08A} folder moved successfully.
C:\Users\Goran\AppData\Local\{AE976B8E-F05B-43C9-A6A5-0491D0A0596A} folder moved successfully.
C:\Users\Goran\AppData\Local\{AEA56090-C99F-49E4-884F-1DB2364E444A} folder moved successfully.
C:\Users\Goran\AppData\Local\{AF8373DA-685B-4289-8C56-253ADF059A1E} folder moved successfully.
C:\Users\Goran\AppData\Local\{B01ECF2A-9304-4F53-84A5-06BBBFE06C88} folder moved successfully.
C:\Users\Goran\AppData\Local\{B0CC1877-AB53-44C7-9195-B749C9DCF5CA} folder moved successfully.
C:\Users\Goran\AppData\Local\{B17532A5-0A3E-4246-80DF-5DE1C4A96898} folder moved successfully.
C:\Users\Goran\AppData\Local\{B387E497-D6D4-4EF4-9A51-A56843FD7126} folder moved successfully.
C:\Users\Goran\AppData\Local\{B412ADC0-2242-4726-9E0F-E63BA4ED4CC2} folder moved successfully.
C:\Users\Goran\AppData\Local\{B8D9CDA7-96D9-487F-A5F1-A7E044FAC5AF} folder moved successfully.
C:\Users\Goran\AppData\Local\{B8F1C3F2-71D4-40CB-83C3-B4D354126DEB} folder moved successfully.
C:\Users\Goran\AppData\Local\{B9FD94C4-FCEE-4A82-BFC0-148516F1F5C8} folder moved successfully.
C:\Users\Goran\AppData\Local\{BA587189-65E5-49D5-BDB8-E94A0B737F35} folder moved successfully.
C:\Users\Goran\AppData\Local\{BAF38490-7B3C-48AF-B397-0A9BA4E60A33} folder moved successfully.
C:\Users\Goran\AppData\Local\{BB6116A5-E628-452C-A650-DF0C821CB454} folder moved successfully.
C:\Users\Goran\AppData\Local\{BC349230-C170-4154-B717-BE77BC7123C8} folder moved successfully.
C:\Users\Goran\AppData\Local\{BCCC2225-631F-42F4-87D3-BE87F1B673B2} folder moved successfully.
C:\Users\Goran\AppData\Local\{BD1012D8-0F91-4E72-B442-73687506C5D3} folder moved successfully.
C:\Users\Goran\AppData\Local\{BD307D33-015D-4403-80CB-829B04CE1CC7} folder moved successfully.
C:\Users\Goran\AppData\Local\{C215AB29-8582-4FCA-9B78-278FFC6F7F7F} folder moved successfully.
C:\Users\Goran\AppData\Local\{C22DA60B-5F93-4CEB-9CF4-72447C110A11} folder moved successfully.
C:\Users\Goran\AppData\Local\{C2F35FE8-4EFF-4E8E-A744-22D604818727} folder moved successfully.
C:\Users\Goran\AppData\Local\{C491B121-AAC3-4A2C-B451-ABCE39ED9CFD} folder moved successfully.
C:\Users\Goran\AppData\Local\{C494B19C-F960-4406-A9CB-8E8532739F28} folder moved successfully.
C:\Users\Goran\AppData\Local\{C5E2A131-768D-491C-A01A-27B5C059C92C} folder moved successfully.
C:\Users\Goran\AppData\Local\{C7EA0F51-8798-448B-A46A-4EF6ACB52EEE} folder moved successfully.
C:\Users\Goran\AppData\Local\{C80441DC-F880-4940-ACF0-FFC40D3B3C26} folder moved successfully.
C:\Users\Goran\AppData\Local\{CA51261B-0129-4625-8DD9-9DADB20E93F2} folder moved successfully.
C:\Users\Goran\AppData\Local\{CAE6D349-1A84-42F6-BF4D-BEE9C3B9C851} folder moved successfully.
C:\Users\Goran\AppData\Local\{CB587914-F867-4DC6-A4D1-71BE18F5718E} folder moved successfully.
C:\Users\Goran\AppData\Local\{CB8C3CA1-CF58-4B22-96DB-473A7486147C} folder moved successfully.
C:\Users\Goran\AppData\Local\{CC02F979-714B-4A06-ACE5-B78825023061} folder moved successfully.
C:\Users\Goran\AppData\Local\{CDF80ADE-B5D6-4820-B743-5E423F20E171} folder moved successfully.
C:\Users\Goran\AppData\Local\{CE4C837D-A912-40BE-9435-29DE0A2B7535} folder moved successfully.
C:\Users\Goran\AppData\Local\{CFE3F23F-7BEE-4D72-A1F2-90F444EB6573} folder moved successfully.
C:\Users\Goran\AppData\Local\{D11E69FF-E1E4-42ED-BD55-90429D5DBAE9} folder moved successfully.
C:\Users\Goran\AppData\Local\{D180704E-F877-4603-BA52-38129C9770A4} folder moved successfully.
C:\Users\Goran\AppData\Local\{D2139DAA-EEF0-43A2-9E1B-CFBB36136C77} folder moved successfully.
C:\Users\Goran\AppData\Local\{D33E20DB-7ED2-49F7-9BB7-98F53A274013} folder moved successfully.
C:\Users\Goran\AppData\Local\{D367A895-50F3-4A45-AE99-675FBA485931} folder moved successfully.
C:\Users\Goran\AppData\Local\{D55F6C74-30C1-431F-B7F5-DA5972972BC0} folder moved successfully.
C:\Users\Goran\AppData\Local\{D56623A1-1147-4A29-810A-0FDB7381E138} folder moved successfully.
C:\Users\Goran\AppData\Local\{D760D740-7285-43E7-B0E8-4247CE6AC231} folder moved successfully.
C:\Users\Goran\AppData\Local\{D821A517-C01A-4311-B135-27900B3FA8B8} folder moved successfully.
C:\Users\Goran\AppData\Local\{DBEC1F5A-62E6-4229-9848-47896AEA1302} folder moved successfully.
C:\Users\Goran\AppData\Local\{DCB3DD1D-670D-451A-96A5-8687789B42F9} folder moved successfully.
C:\Users\Goran\AppData\Local\{DCC51B6B-C8A9-4955-B7B9-37D02ECB7F1B} folder moved successfully.
C:\Users\Goran\AppData\Local\{DCE218F2-AB40-4D69-9D46-EB03042C3B1B} folder moved successfully.
C:\Users\Goran\AppData\Local\{DE66F700-D9A4-4380-BEC7-84F992791DA5} folder moved successfully.
C:\Users\Goran\AppData\Local\{DECA6BF7-4B42-4111-8CD9-B3FB8E0E3B0A} folder moved successfully.
C:\Users\Goran\AppData\Local\{DF6B4C5F-4907-4BB5-92E1-828ED33266DA} folder moved successfully.
C:\Users\Goran\AppData\Local\{E030AC5D-564F-4616-9B05-0C7147B2C887} folder moved successfully.
C:\Users\Goran\AppData\Local\{E1C70B28-CE91-4C34-BB81-5E29ADB33051} folder moved successfully.
C:\Users\Goran\AppData\Local\{E1FA0145-57EF-43D3-8CD0-8532478C8CCA} folder moved successfully.
C:\Users\Goran\AppData\Local\{E1FFDE00-3DDB-45D1-9547-85ECDE3164C2} folder moved successfully.
C:\Users\Goran\AppData\Local\{E2631568-C0A9-418D-A457-0BDD4D9820E9} folder moved successfully.
C:\Users\Goran\AppData\Local\{E2A30A8D-6C48-42A6-942C-D33FDB5BA422} folder moved successfully.
C:\Users\Goran\AppData\Local\{E3A05C23-6D26-4540-B107-0BB551DDD87E} folder moved successfully.
C:\Users\Goran\AppData\Local\{E454A97F-9C02-469B-A33D-72F544A9C2E5} folder moved successfully.
C:\Users\Goran\AppData\Local\{E458F8F1-D22A-46EC-9C55-81B7D67ABC9B} folder moved successfully.
C:\Users\Goran\AppData\Local\{E5338D38-5B40-4623-972C-A8DD8B7BF224} folder moved successfully.
C:\Users\Goran\AppData\Local\{E5E6F166-7AC2-4FAB-90A7-D1F40F5FE541} folder moved successfully.
C:\Users\Goran\AppData\Local\{E61C7C2E-D4BD-4343-B62E-63BF8818DE6D} folder moved successfully.
C:\Users\Goran\AppData\Local\{E6213A96-A75A-4C6B-BCD1-6A229231D8EF} folder moved successfully.
C:\Users\Goran\AppData\Local\{E74B465B-5612-4778-B82F-DDA647DF0946} folder moved successfully.
C:\Users\Goran\AppData\Local\{E81154FB-7739-4F16-87FF-457C57C47BF7} folder moved successfully.
C:\Users\Goran\AppData\Local\{E905994A-F8E2-42F1-BCD7-0953370D0C0E} folder moved successfully.
C:\Users\Goran\AppData\Local\{E9D7E725-2486-44CD-82CF-F8494432BB61} folder moved successfully.
C:\Users\Goran\AppData\Local\{EA808DA1-1892-467C-93B4-6A304F273C1E} folder moved successfully.
C:\Users\Goran\AppData\Local\{EBD26772-E72E-4D8C-9E1C-8FEA8ABD4EF0} folder moved successfully.
C:\Users\Goran\AppData\Local\{ED885749-7D2C-4084-8DF4-8112E3A47DFF} folder moved successfully.
C:\Users\Goran\AppData\Local\{EDB46131-19EB-45A4-9C2B-D384A37148D0} folder moved successfully.
C:\Users\Goran\AppData\Local\{EE22C8FA-1932-42D7-968D-50C88816F2C9} folder moved successfully.
C:\Users\Goran\AppData\Local\{EF0BB26D-88FD-4D74-A825-954E6ADE242D} folder moved successfully.
C:\Users\Goran\AppData\Local\{F0FB17C8-7C21-48EF-9663-FA8F11A8C642} folder moved successfully.
C:\Users\Goran\AppData\Local\{F1A6A9D6-CECE-41AA-9E29-36205CBD0671} folder moved successfully.
C:\Users\Goran\AppData\Local\{F2023A93-FA3B-417A-A78E-6BA86524F670} folder moved successfully.
C:\Users\Goran\AppData\Local\{F21133AF-F87E-48A7-881C-AB7CE2F13751} folder moved successfully.
C:\Users\Goran\AppData\Local\{F36F2808-CE1F-4E99-A7E4-FCC1200C9BC5} folder moved successfully.
C:\Users\Goran\AppData\Local\{F461CD69-A050-42BC-BE1B-5454B7CA4F2C} folder moved successfully.
C:\Users\Goran\AppData\Local\{F4875E7D-66D8-476C-B0BA-7F536FADD595} folder moved successfully.
C:\Users\Goran\AppData\Local\{F699BCC1-01DF-47F2-A985-4AF536598F11} folder moved successfully.
C:\Users\Goran\AppData\Local\{F6AF0553-C387-4C57-94BB-B81F0F508DC9} folder moved successfully.
C:\Users\Goran\AppData\Local\{F6E6C3EF-F52C-43AF-B51B-330F97498D0F} folder moved successfully.
C:\Users\Goran\AppData\Local\{F7A47056-D45C-45D5-8099-E66264470104} folder moved successfully.
C:\Users\Goran\AppData\Local\{F9144B84-BF41-4297-A006-22F4504437B1} folder moved successfully.
C:\Users\Goran\AppData\Local\{F9ABEC78-7CE3-4D8D-9E24-AEC4A775C1EC} folder moved successfully.
C:\Users\Goran\AppData\Local\{FCE0500C-C224-49E9-AAB4-D24EA11DAF26} folder moved successfully.
C:\Users\Goran\AppData\Local\{FD04E115-EF7C-4302-84DD-E4DDADAE3344} folder moved successfully.
C:\Users\Goran\AppData\Local\{FD8C9291-D132-42FE-94A9-D8FFC4723558} folder moved successfully.
C:\Users\Goran\AppData\Local\{FE046E34-F838-4150-B3C9-BE377E62109C} folder moved successfully.
C:\Users\Goran\AppData\Local\{FE967A40-3853-4F27-B04F-C25309E4ECB1} folder moved successfully.
C:\Users\Goran\AppData\Local\{FEEB6E30-3A17-431C-A16D-A58EA6F08A9F} folder moved successfully.
File\Folder C:\ProgramData\*.exe not found.
File\Folder C:\ProgramData\TEMP not found.
C:\Users\Goran\AppData\Local\Temp\InstallFlashPlayer.exe moved successfully.
C:\Users\Goran\AppData\Local\Temp\ncameoxrsw.exe moved successfully.
C:\Users\Goran\AppData\Local\Temp\ranowescxm.exe moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Goran\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
File/Folder C:\Users\Goran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
File/Folder C:\Windows\System32\*.tmp not found.
File/Folder C:\Windows\SysWOW64\*.tmp not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Goran\Desktop\cmd.bat deleted successfully.
C:\Users\Goran\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Goran
->Temp folder emptied: 105535615 bytes
->Temporary Internet Files folder emptied: 1446310 bytes
->FireFox cache emptied: 66816851 bytes
->Google Chrome cache emptied: 1642864 bytes
->Flash cache emptied: 523 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1138428 bytes
RecycleBin emptied: 4613855043 bytes

Total Files Cleaned = 4.569,00 mb

OTL by OldTimer - Version 3.2.59.1 log created on 09022012_223442

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

2. Schritt:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.09.02.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Goran :: GORAN-PC [Administrator]

Schutz: Aktiviert

02.09.2012 23:34:45
mbam-log-2012-09-02 (23-34-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 286647
Laufzeit: 56 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\4RBPZMXX4S (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\n.) Gut: (shell32.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 1
C:\ProgramData\TheBflix (PUP.BFlix) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 19
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\n (Trojan.0Access) -> Löschen bei Neustart.
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\L\00000008.@ (Trojan.BitMiner) -> Löschen bei Neustart.
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\00000004.@ (Trojan.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\00000008.@ (Trojan.Dropper.BCMiner) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\000000cb.@ (Trojan.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\80000000.@ (Trojan.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\80000032.@ (Trojan.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\TopOCR\mb1.exe (Packer.ModifiedUPX) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\09022012_223442\C_ProgramData\TheBflix\bhoclass.dll (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Local\Temp\cnomsxaerw.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Local\Temp\ncameoxrsw.exe (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Local\Temp\ranowescxm.exe (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Roaming\wsacs.dll (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Roaming\xsecva\xsecva.exe (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TheBflix\fhocdmhohpjjbaamenhbaidaoihaiflb.crx (PUP.BFlix) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

3.Schritt:

# AdwCleaner v2.000 - Datei am 09/03/2012 um 02:04:35 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Benutzer : Goran - GORAN-PC
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Goran\Desktop\adwcleaner (1).exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Ordner Gefunden : C:\Program Files\SweetIM
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\InstallMate
Ordner Gefunden : C:\ProgramData\Premium
Ordner Gefunden : C:\ProgramData\SweetIM
Ordner Gefunden : C:\Users\Goran\AppData\Local\Babylon
Ordner Gefunden : C:\Users\Goran\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\Goran\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\Conduit
Ordner Gefunden : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\ConduitCommon
Ordner Gefunden : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\ConduitEngine
Ordner Gefunden : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\CT2269050
Ordner Gefunden : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SweetIm
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Schlüssel Gefunden : HKLM\Software\SweetIm

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (en-US)

Profilname : default
Datei : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\prefs.js

Gefunden : user_pref("CT2269050..clientLogIsEnabled", false);
Gefunden : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
Gefunden : user_pref("CT2269050.CTID", "CT2269050");
Gefunden : user_pref("CT2269050.CurrentServerDate", "31-8-2012");
Gefunden : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2269050.DialogsGetterLastCheckTime", "Wed Aug 29 2012 17:30:22 GMT+0200");
Gefunden : user_pref("CT2269050.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2269050.EMailNotifierPollDate", "Sun Feb 27 2011 03:34:05 GMT+0100");
Gefunden : user_pref("CT2269050.FirstServerDate", "27-2-2011");
Gefunden : user_pref("CT2269050.FirstTime", true);
Gefunden : user_pref("CT2269050.FirstTimeFF3", true);
Gefunden : user_pref("CT2269050.FirstTimeSettingsDone", true);
Gefunden : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2269050.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2269050.Initialize", true);
Gefunden : user_pref("CT2269050.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Gefunden : user_pref("CT2269050.InstalledDate", "Sun Feb 27 2011 03:34:06 GMT+0100");
Gefunden : user_pref("CT2269050.InvalidateCache", false);
Gefunden : user_pref("CT2269050.IsGrouping", false);
Gefunden : user_pref("CT2269050.IsMulticommunity", false);
Gefunden : user_pref("CT2269050.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2269050.IsOpenUninstallPage", false);
Gefunden : user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gefunden : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2269050.LastLogin_2.7.2.0", "Sun Feb 27 2011 03:34:10 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 07:17:48 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.13.0.6", "Thu Jun 28 2012 15:02:55 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.14.1.0", "Wed Aug 22 2012 11:19:32 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.15.1.0", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gefunden : user_pref("CT2269050.LatestVersion", "3.15.1.0");
Gefunden : user_pref("CT2269050.Locale", "en");
Gefunden : user_pref("CT2269050.LoginCache", 4);
Gefunden : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2269050.RadioIsPodcast", false);
Gefunden : user_pref("CT2269050.RadioLastCheckTime", "Sun Feb 27 2011 03:34:10 GMT+0100");
Gefunden : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gefunden : user_pref("CT2269050.RadioMediaID", "12473383");
Gefunden : user_pref("CT2269050.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gefunden : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gefunden : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gefunden : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Aug 31 2012 23:07:07 GMT+0200");
Gefunden : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUserEnabled", false);
Gefunden : user_pref("CT2269050.ServiceMapLastCheckTime", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gefunden : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2269050.SettingsLastCheckTime", "Fri Aug 31 2012 23:07:06 GMT+0200");
Gefunden : user_pref("CT2269050.SettingsLastUpdate", "1346236157");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sun Feb 27 2011 03:34:03 GMT+0100");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Gefunden : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gefunden : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2269050.UserID", "UN03790150899927624");
Gefunden : user_pref("CT2269050.ValidationData_Toolbar", 1);
Gefunden : user_pref("CT2269050.WeatherNetwork", "");
Gefunden : user_pref("CT2269050.WeatherPollDate", "Sun Feb 27 2011 03:34:10 GMT+0100");
Gefunden : user_pref("CT2269050.WeatherUnit", "C");
Gefunden : user_pref("CT2269050.alertChannelId", "666138");
Gefunden : user_pref("CT2269050.backendstorage.cbcountry_001", "4154");
Gefunden : user_pref("CT2269050.backendstorage.cbfirsttime", "576564204A756C20303420323031322030343A35333A35382[...]
Gefunden : user_pref("CT2269050.backendstorage.ct2269050ads1", "25374225323261647325323225334125354225374225323[...]
Gefunden : user_pref("CT2269050.backendstorage.ct2269050current_term", "");
Gefunden : user_pref("CT2269050.backendstorage.ct2269050isadsdisabled", "74727565");
Gefunden : user_pref("CT2269050.backendstorage.ct2269050sdate", "3132");
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "547565204A756C20313720323031322031383A[...]
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "61757374726961");
Gefunden : user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F7777772E66616365626F6F6B2E636F6[...]
Gefunden : user_pref("CT2269050.clientLogIsEnabled", false);
Gefunden : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.initDone", true);
Gefunden : user_pref("CT2269050.myStuffEnabled", true);
Gefunden : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2269050.revertSettingsEnabled", true);
Gefunden : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.testingCtid", "");
Gefunden : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gefunden : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CT2269050.usagesFlag", 2);
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/AT", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/AT", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"bff[...]
Gefunden : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Gefunden : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Gefunden : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Gefunden : user_pref("CommunityToolbar.IsEngineShown", true);
Gefunden : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,ConduitEngine");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Gefunden : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 01:22:07 GMT+02[...]
Gefunden : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gefunden : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 21 2011 21:53:24 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Gefunden : user_pref("CommunityToolbar.alert.locale", "en");
Gefunden : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 00:41:01 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gefunden : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.alert.userId", "{22095dbc-cfe0-4b7f-8fe5-d69d251d8541}");
Gefunden : user_pref("CommunityToolbar.globalUserId", "e7716e3b-cbe1-4437-8f24-8d6301e7fec3");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jun 09 2011 18:34:30 GMT+0200");
Gefunden : user_pref("ConduitEngine.CTID", "ConduitEngine");
Gefunden : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Jun 20 2011 18:57:47 GMT+0200");
Gefunden : user_pref("ConduitEngine.FirstServerDate", "03/22/2011 12");
Gefunden : user_pref("ConduitEngine.FirstTime", true);
Gefunden : user_pref("ConduitEngine.FirstTimeFF3", true);
Gefunden : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gefunden : user_pref("ConduitEngine.Initialize", true);
Gefunden : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gefunden : user_pref("ConduitEngine.InstalledDate", "Tue Mar 22 2011 11:36:51 GMT+0100");
Gefunden : user_pref("ConduitEngine.IsMulticommunity", false);
Gefunden : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gefunden : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gefunden : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 23 2011 00:41:37 GMT+0200");
Gefunden : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Mon Mar 28 2011 00:10:40 GMT+0200");
Gefunden : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Jun 23 2011 09:46:12 GMT+0200");
Gefunden : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 23 2011 09:46:13 GMT+0200");
Gefunden : user_pref("ConduitEngine.UserID", "UN21969960234162977");
Gefunden : user_pref("ConduitEngine.componentAlertEnabled", false);
Gefunden : user_pref("ConduitEngine.engineLocale", "en-US");
Gefunden : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 23 2011 09:46:13 GMT+0200");
Gefunden : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 23 2011 09:46:13 GMT+0200");
Gefunden : user_pref("ConduitEngine.initDone", true);
Gefunden : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Gefunden : user_pref("ConduitEngine.usagesFlag", 2);
Gefunden : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gefunden : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Gefunden : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217");
Gefunden : user_pref("extensions.BabylonToolbar_i.hardId", "5c1ddb960000000000000015ce34ef7b");
Gefunden : user_pref("extensions.BabylonToolbar_i.id", "5c1ddb960000000000000015ce34ef7b");
Gefunden : user_pref("extensions.BabylonToolbar_i.instlDay", "15461");
Gefunden : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109217&babsrc=NT_s[...]
Gefunden : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Gefunden : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gefunden : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:48:12");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Goran\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [21747 octets] - [03/09/2012 02:04:35]

########## EOF - C:\AdwCleaner[R1].txt - [21808 octets] ##########

4. Schritt:

# AdwCleaner v2.000 - Datei am 09/03/2012 um 02:12:22 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Benutzer : Goran - GORAN-PC
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Goran\Desktop\adwcleaner (1).exe
# Option [Löschen]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\user.js
Ordner Gelöscht : C:\Program Files\SweetIM
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Users\Goran\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Goran\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Goran\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\Conduit
Ordner Gelöscht : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\ConduitCommon
Ordner Gelöscht : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\ConduitEngine
Ordner Gelöscht : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\CT2269050
Ordner Gelöscht : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SweetIm
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Schlüssel Gelöscht : HKLM\Software\SweetIm

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profilname : default
Datei : C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\prefs.js

C:\Users\Goran\AppData\Roaming\Mozilla\Firefox\Profiles\63wpayub.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2269050..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
Gelöscht : user_pref("CT2269050.CTID", "CT2269050");
Gelöscht : user_pref("CT2269050.CurrentServerDate", "31-8-2012");
Gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2269050.DialogsGetterLastCheckTime", "Wed Aug 29 2012 17:30:22 GMT+0200");
Gelöscht : user_pref("CT2269050.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Sun Feb 27 2011 03:34:05 GMT+0100");
Gelöscht : user_pref("CT2269050.FirstServerDate", "27-2-2011");
Gelöscht : user_pref("CT2269050.FirstTime", true);
Gelöscht : user_pref("CT2269050.FirstTimeFF3", true);
Gelöscht : user_pref("CT2269050.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2269050.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2269050.Initialize", true);
Gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Gelöscht : user_pref("CT2269050.InstalledDate", "Sun Feb 27 2011 03:34:06 GMT+0100");
Gelöscht : user_pref("CT2269050.InvalidateCache", false);
Gelöscht : user_pref("CT2269050.IsGrouping", false);
Gelöscht : user_pref("CT2269050.IsMulticommunity", false);
Gelöscht : user_pref("CT2269050.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2269050.IsOpenUninstallPage", false);
Gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2269050.LastLogin_2.7.2.0", "Sun Feb 27 2011 03:34:10 GMT+0100");
Gelöscht : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 07:17:48 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.13.0.6", "Thu Jun 28 2012 15:02:55 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.14.1.0", "Wed Aug 22 2012 11:19:32 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.15.1.0", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gelöscht : user_pref("CT2269050.LatestVersion", "3.15.1.0");
Gelöscht : user_pref("CT2269050.Locale", "en");
Gelöscht : user_pref("CT2269050.LoginCache", 4);
Gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2269050.RadioIsPodcast", false);
Gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Sun Feb 27 2011 03:34:10 GMT+0100");
Gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gelöscht : user_pref("CT2269050.RadioMediaID", "12473383");
Gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gelöscht : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Aug 31 2012 23:07:07 GMT+0200");
Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT2269050.ServiceMapLastCheckTime", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gelöscht : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Fri Aug 31 2012 23:07:06 GMT+0200");
Gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1346236157");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sun Feb 27 2011 03:34:03 GMT+0100");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gelöscht : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2269050.UserID", "UN03790150899927624");
Gelöscht : user_pref("CT2269050.ValidationData_Toolbar", 1);
Gelöscht : user_pref("CT2269050.WeatherNetwork", "");
Gelöscht : user_pref("CT2269050.WeatherPollDate", "Sun Feb 27 2011 03:34:10 GMT+0100");
Gelöscht : user_pref("CT2269050.WeatherUnit", "C");
Gelöscht : user_pref("CT2269050.alertChannelId", "666138");
Gelöscht : user_pref("CT2269050.backendstorage.cbcountry_001", "4154");
Gelöscht : user_pref("CT2269050.backendstorage.cbfirsttime", "576564204A756C20303420323031322030343A35333A35382[...]
Gelöscht : user_pref("CT2269050.backendstorage.ct2269050ads1", "25374225323261647325323225334125354225374225323[...]
Gelöscht : user_pref("CT2269050.backendstorage.ct2269050current_term", "");
Gelöscht : user_pref("CT2269050.backendstorage.ct2269050isadsdisabled", "74727565");
Gelöscht : user_pref("CT2269050.backendstorage.ct2269050sdate", "3132");
Gelöscht : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "547565204A756C20313720323031322031383A[...]
Gelöscht : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "61757374726961");
Gelöscht : user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F7777772E66616365626F6F6B2E636F6[...]
Gelöscht : user_pref("CT2269050.clientLogIsEnabled", false);
Gelöscht : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2269050.initDone", true);
Gelöscht : user_pref("CT2269050.myStuffEnabled", true);
Gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2269050.revertSettingsEnabled", true);
Gelöscht : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2269050.testingCtid", "");
Gelöscht : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Fri Aug 31 2012 23:07:08 GMT+0200");
Gelöscht : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CT2269050.usagesFlag", 2);
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/AT", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/AT", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"bff[...]
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Gelöscht : user_pref("CommunityToolbar.IsEngineShown", true);
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 01:22:07 GMT+02[...]
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 21 2011 21:53:24 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 00:41:01 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "{22095dbc-cfe0-4b7f-8fe5-d69d251d8541}");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "e7716e3b-cbe1-4437-8f24-8d6301e7fec3");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jun 09 2011 18:34:30 GMT+0200");
Gelöscht : user_pref("ConduitEngine.CTID", "ConduitEngine");
Gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Jun 20 2011 18:57:47 GMT+0200");
Gelöscht : user_pref("ConduitEngine.FirstServerDate", "03/22/2011 12");
Gelöscht : user_pref("ConduitEngine.FirstTime", true);
Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gelöscht : user_pref("ConduitEngine.Initialize", true);
Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gelöscht : user_pref("ConduitEngine.InstalledDate", "Tue Mar 22 2011 11:36:51 GMT+0100");
Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 23 2011 00:41:37 GMT+0200");
Gelöscht : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Mon Mar 28 2011 00:10:40 GMT+0200");
Gelöscht : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Jun 23 2011 09:46:12 GMT+0200");
Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 23 2011 09:46:13 GMT+0200");
Gelöscht : user_pref("ConduitEngine.UserID", "UN21969960234162977");
Gelöscht : user_pref("ConduitEngine.componentAlertEnabled", false);
Gelöscht : user_pref("ConduitEngine.engineLocale", "en-US");
Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 23 2011 09:46:13 GMT+0200");
Gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 23 2011 09:46:13 GMT+0200");
Gelöscht : user_pref("ConduitEngine.initDone", true);
Gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Gelöscht : user_pref("ConduitEngine.usagesFlag", 2);
Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217");
Gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "5c1ddb960000000000000015ce34ef7b");
Gelöscht : user_pref("extensions.BabylonToolbar_i.id", "5c1ddb960000000000000015ce34ef7b");
Gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15461");
Gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109217&babsrc=NT_s[...]
Gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:48:12");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Goran\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [21878 octets] - [03/09/2012 02:04:35]
AdwCleaner[S1].txt - [22352 octets] - [03/09/2012 02:12:22]

########## EOF - C:\AdwCleaner[S1].txt - [22413 octets] ##########

MfG gox

t'john · 03.09.2012, 20:08

Zitat:

PUP.BFlix

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}
C:\ProgramData\TheBflix
C:\ProgramData\TheBflix\background.html
C:\ProgramData\TheBflix\content.js
C:\ProgramData\TheBflix\fhocdmhohpjjbaamenhbaidaoihaiflb.crx
C:\ProgramData\TheBflix\settings.ini
C:\ProgramData\TheBflix\uninstall.exe

Trojan.FakeAlert

HKCU\SOFTWARE\4RBPZMXX4S
HKCU\SOFTWARE\JP595IR86O
HKCU\SOFTWARE\NtWqIVLZEWZU

Malware.Trace

HKCU\SOFTWARE\Microsoft\Handle

Hijack.Zones

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\

Trojan.0Access

HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32|
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\n
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\00000004.@
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\000000cb.@
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\80000000.@
C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\80000032.@

Trojan.BitMiner

C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\L\00000008.@

Trojan.Dropper.BCMiner

C:\$Recycle.Bin\S-1-5-21-3476324592-201196357-1957895708-1000\$b9b850e02218fdcd1ca66d27a994ea7b\U\00000008.@

Packer.ModifiedUPX

C:\Program Files\TopOCR\mb1.exe

PUP.DownloadnSave

C:\_OTL\MovedFiles\09022012_223442\C_ProgramData\TheBflix\bhoclass.dll

Trojan.Agent

C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Local\Temp\cnomsxaerw.exe

Spyware.Password

C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Local\Temp\ncameoxrsw.exe
C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Roaming\wsacs.dll
C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Roaming\xsecva\xsecva.exe

Rootkit.0Access

C:\_OTL\MovedFiles\09022012_223442\C_Users\Goran\AppData\Local\Temp\ranowescxm.exe

Schlechte Nachrichten!

Du hast mehr als eine schwere Infektion auf Deinem Rechner. http://www.trojaner-board.de/56634-rootkits.html
Er ist kompromittiert und ist nicht mehr vertrauenswuerdig. Du solletest von einem sauberen System aus alle deine Passwoerter aendern.
Ich empfehle dir dringendst den PC vom Netz zu trennen und neu aufzusetzen.

Anleitungen zum Neuaufsetzen (bebildert) > Windows 7 neu aufsetzen > Vista > XP

1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.

Polizei Virus Österreich

Plagegeister aller Art und deren Bekämpfung: Polizei Virus Österreich