| |
| |||||||
Log-Analyse und Auswertung: ZeuS/ZBot Telekom Warnung OTL Log filesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.04.2013, 12:58
| #1 |
 |  ZeuS/ZBot Telekom Warnung OTL Log files Hallo, ich habe, wie anscheinend einige in den letzten Tagen, eine E-Mail der dt. Telekom bekommen, dass es Hinweise darauf gibt, dass unter unserem Anschluss ein ZeuS/Zbot agiert. Im Netzwerk befinden sich 3 Rechner (Vater, Schwester, Ich). Einer der Rechner soll infiziert sein, die Frage ist welcher. Wäre jemand so nett einen kurzen Blick auf meine OTL Logs zu werfen? Schutzsoftware ist AVG (Freewareversion) Ich bin mir nicht sicher, woran ich eine eventuelle Infizierung erkenne... (Es handelt sich nur um die Logs von meinem Rechner) OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.04.2013 13:30:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Xychor\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 53,69% Memory free 8,00 Gb Paging File | 5,91 Gb Available in Paging File | 73,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 69,15 Gb Total Space | 5,01 Gb Free Space | 7,24% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 25,23 Gb Free Space | 12,92% Space Free | Partition Type: NTFS Drive E: | 102,78 Gb Total Space | 10,19 Gb Free Space | 9,91% Space Free | Partition Type: NTFS Computer Name: PC-JAN | User Name: Xychor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.11 13:28:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Xychor\Desktop\OTL.exe PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Xychor\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013.02.02 13:41:24 | 000,878,928 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2012.12.11 04:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe PRC - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe PRC - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.04.17 23:04:15 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe PRC - [2011.10.26 20:48:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.03.04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe PRC - [2011.01.17 19:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 19:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin ========== Modules (No Company Name) ========== MOD - [2013.02.02 13:41:50 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll MOD - [2013.02.02 13:41:50 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll MOD - [2013.02.02 13:41:50 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll MOD - [2013.02.02 13:41:50 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll MOD - [2013.02.02 13:41:50 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll MOD - [2013.02.02 13:41:50 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll MOD - [2013.02.02 13:41:50 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll MOD - [2013.02.02 13:41:50 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll MOD - [2013.02.02 13:41:49 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll MOD - [2013.02.02 13:41:49 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll MOD - [2013.02.02 13:41:49 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll MOD - [2013.02.02 13:41:49 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll MOD - [2013.01.02 23:55:51 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll MOD - [2012.01.02 20:33:30 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ========== Services (SafeList) ========== SRV - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012.10.10 22:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.03.04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2010.10.19 19:37:57 | 005,250,048 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.11.16 00:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2012.10.22 14:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2012.10.15 04:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.10.02 04:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012.09.21 04:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2012.09.21 04:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2012.09.14 04:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.02.08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA) DRV:64bit: - [2009.07.30 20:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.11.16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 F2 F9 92 84 99 CD 01 [binary data] IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.04.17 23:04:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.01.08 22:36:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.01.08 22:36:41 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1214052748-636940894-3971663584-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Xychor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () F3:64bit: - HKU\S-1-5-21-1214052748-636940894-3971663584-1001 WinNT: Load - (C:\Users\Xychor\LOCALS~1\Temp\msuyot.exe) - File not found F3 - HKU\S-1-5-21-1214052748-636940894-3971663584-1001 WinNT: Load - (C:\Users\Xychor\LOCALS~1\Temp\msuyot.exe) - File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FB98FC0-7832-403E-AF70-1E6DB50C23A6}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-1214052748-636940894-3971663584-1001..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-1214052748-636940894-3971663584-1001\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.11 13:28:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Xychor\Desktop\OTL.exe [2013.04.11 12:49:17 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{ED76A74B-7EB0-463D-80A0-CCD8CB1B24C4} [2013.04.11 03:01:40 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.04.11 03:01:40 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.04.11 03:01:39 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.11 03:01:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.11 03:01:39 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.04.11 03:01:39 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.04.11 03:01:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.11 03:01:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.11 03:01:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.11 03:01:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.11 03:01:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.11 03:01:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.11 03:01:36 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.11 03:01:36 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.11 03:01:36 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.11 00:40:50 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{1EB70703-720F-4DD6-81F1-A02B6FBA222F} [2013.04.11 00:39:05 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{12E22BCE-4D02-4AD9-BEE2-B9F0419BA9F2} [2013.04.10 12:15:05 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.10 12:15:05 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.10 12:15:04 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.04.10 12:15:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.04.10 12:15:04 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.04.10 12:15:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.04.10 12:14:57 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.10 12:14:56 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.04.10 12:14:55 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.04.10 12:14:55 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.04.10 12:14:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.04.10 12:14:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.04.10 12:00:36 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{55998C91-426F-4A89-A108-AFC4389D5F46} [2013.04.10 01:53:20 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{DACCD880-1588-45FA-AA14-559DF9F6289C} [2013.04.09 13:39:44 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{85916747-FD26-4AF5-96B0-21D8C8F468A3} [2013.04.09 00:27:42 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{62707DFC-22B0-4BFE-87B3-B9A265A91DEA} [2013.04.08 11:12:43 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{FA7E4208-46FF-458D-9C6E-79F1F16C8F1A} [2013.04.07 13:31:13 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{4EC91941-F0E4-4F3C-A5AE-9FE152C310B2} [2013.04.06 17:56:55 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{E15C5258-356D-40D2-B06F-B3104DCC5CB2} [2013.04.06 03:45:55 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{65D55836-A0DB-46A5-A240-E6113CABA914} [2013.04.05 07:23:37 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{638C7B8B-F833-4A63-B7EC-30F2C556205B} [2013.04.05 07:21:55 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{CA369210-391A-47C4-91D4-723022B89372} [2013.04.04 17:37:25 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{D7EB438E-1CBB-471F-BEB6-1A2928E49D18} [2013.04.04 05:06:17 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{81DD6869-830D-4E0D-B5AA-C429ED537228} [2013.04.03 15:40:51 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{FAC8AF76-86E4-4AB7-8893-AAE87662DAFA} [2013.04.03 03:34:11 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{FCC6F4BA-5B05-4A69-92CC-345B05887EE5} [2013.04.02 03:03:53 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{842CDB28-93F1-4CAF-960D-76A222D54D3C} [2013.04.01 13:06:43 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{D74EE0A1-CF2D-4B66-8E17-1623522B4C2F} [2013.03.31 23:20:05 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{E77E32F0-84CC-4A80-83F7-8A2C7594041F} [2013.03.30 13:08:31 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{D8325BCE-213C-423D-9E11-2E420BC6CAF2} [2013.03.29 17:56:30 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{317343F1-2F10-4DD5-8E72-4F9F7CDCF024} [2013.03.29 03:06:17 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{3F59454D-5FCD-47E6-BF40-FF0060994CDF} [2013.03.28 13:43:28 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{FC26BAFC-6119-483E-81A0-C3092D2D65EF} [2013.03.27 20:36:40 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{8D8DA816-DC1C-4ABC-9B22-8CFA80BE5473} [2013.03.27 07:17:58 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{4270427C-9682-4306-878A-82B234994359} [2013.03.27 01:23:15 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{B21E4800-ED45-4421-9D57-0BE9475D6FDD} [2013.03.26 12:29:03 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{DBB3A81A-0A2A-4B9A-8EE8-F1017238BDCA} [2013.03.26 00:06:33 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{30CC38B5-58BC-478F-AC87-131A2D17DD9B} [2013.03.25 09:58:23 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{031FF947-9676-4C6F-A16A-3874A41287BF} [2013.03.24 17:46:41 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{6BAA8D6B-24E7-455A-ADB2-33EC4DCDE747} [2013.03.24 05:24:31 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{1870C5E5-63E9-4ABD-9CCE-35B5684DFBD7} [2013.03.23 16:29:06 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{A25FF71E-DA38-4585-9F15-19670F3C6AAE} [2013.03.23 03:27:17 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{D0733EC3-2DCD-4496-8C5B-25C0B35A339B} [2013.03.22 15:12:43 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{7B7A6789-5DD3-4D99-A792-DEB13C85CC95} [2013.03.22 04:02:24 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.22 04:02:24 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.22 04:02:24 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.22 04:02:24 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.22 04:02:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.22 04:02:24 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.22 04:02:24 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.22 04:02:24 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.22 04:02:23 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.22 04:02:23 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.22 04:02:23 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.22 04:02:23 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.22 04:02:23 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.22 04:02:23 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.22 04:02:23 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.22 04:02:23 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.22 04:02:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.22 04:02:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.22 04:02:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.22 04:02:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.22 04:02:22 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.22 04:02:22 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.22 04:02:22 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.22 04:02:22 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.22 04:02:22 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.22 04:02:22 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.22 04:02:22 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.22 04:02:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.22 04:02:22 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.22 04:02:22 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.22 04:02:22 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.22 04:02:22 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.22 04:02:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.22 04:02:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.22 04:02:22 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.22 04:02:22 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.22 04:02:21 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.22 04:02:21 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.22 04:02:21 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.22 04:02:21 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.22 04:02:21 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.22 04:02:21 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.22 04:02:21 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.22 04:02:21 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.22 04:02:21 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.22 04:02:21 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.22 04:02:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.22 04:02:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.22 04:02:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.22 04:02:21 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.22 04:02:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.22 04:02:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.22 04:02:20 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.21 18:36:26 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{56F62617-9747-4F05-9D6F-25B142E872B1} [2013.03.21 04:23:02 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{D1E2EE53-6D0B-4EA7-A030-75B576852EE7} [2013.03.21 00:49:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.03.20 15:28:02 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{4FC3B414-B97B-4993-A283-F0AA87E2B532} [2013.03.19 16:25:25 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{1B640989-E499-4B6F-A7A7-2E947D1774EE} [2013.03.19 02:05:47 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{F60A3625-38C7-4DF3-B2F3-536263D97D47} [2013.03.18 13:50:09 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{B1DD525B-BFD2-4376-BB52-B78C73696794} [2013.03.17 14:06:03 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{C41A9D36-3A0B-49E8-AF9D-AFC87F778F31} [2013.03.16 19:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.03.16 19:02:49 | 000,000,000 | ---D | C] -- C:\Users\Xychor\AppData\Local\{6857F17F-524E-4F72-AA0C-167D90479ED2} [2012.10.23 19:00:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe ========== Files - Modified Within 30 Days ========== [2013.04.11 13:28:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Xychor\Desktop\OTL.exe [2013.04.11 12:40:38 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.11 12:40:38 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.11 12:38:10 | 001,527,976 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.11 12:38:10 | 000,664,674 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.11 12:38:10 | 000,624,856 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.11 12:38:10 | 000,134,842 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.11 12:38:10 | 000,110,494 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.11 12:33:36 | 000,295,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.11 12:33:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.11 12:32:53 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys [2013.04.11 00:47:46 | 000,005,289 | ---- | M] () -- C:\Users\Xychor\.recently-used.xbel [2013.04.09 21:46:57 | 001,852,928 | ---- | M] () -- C:\Users\Xychor\Desktop\jobst-audio_bausatz_preisliste_2013_mrz0.pdf [2013.04.08 18:14:11 | 000,082,620 | ---- | M] () -- C:\Users\Xychor\Desktop\erpx6utuxb.jpg [2013.04.08 18:07:11 | 000,030,004 | ---- | M] () -- C:\Users\Xychor\Desktop\1_184788.jpg [2013.04.08 11:11:30 | 000,135,431 | ---- | M] () -- C:\Users\Xychor\Desktop\544925_498860223502567_749226110_n.jpg [2013.04.05 08:26:09 | 000,039,122 | ---- | M] () -- C:\Users\Xychor\Desktop\flunkyballfb.jpg [2013.04.05 08:25:39 | 000,509,296 | ---- | M] () -- C:\Users\Xychor\Desktop\flunkyball.jpg [2013.04.03 08:46:39 | 000,200,896 | ---- | M] () -- C:\Users\Xychor\Desktop\Unbenannt.jpg [2013.03.30 06:16:35 | 000,068,783 | ---- | M] () -- C:\Users\Xychor\Desktop\Deskkeller.jpg [2013.03.29 21:59:58 | 000,001,048 | ---- | M] () -- C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.03.29 21:59:46 | 000,001,018 | ---- | M] () -- C:\Users\Xychor\Desktop\Dropbox.lnk [2013.03.24 18:42:39 | 000,394,916 | ---- | M] () -- C:\Users\Xychor\Desktop\Stundenplan SS13.jpg [2013.03.22 04:02:24 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.22 04:02:24 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.22 04:02:24 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.22 04:02:24 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.22 04:02:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.22 04:02:24 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.22 04:02:24 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.22 04:02:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.22 04:02:23 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.22 04:02:23 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.22 04:02:23 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.22 04:02:23 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.22 04:02:23 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.22 04:02:23 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.22 04:02:23 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.22 04:02:23 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.22 04:02:23 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.22 04:02:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.22 04:02:23 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.22 04:02:23 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.22 04:02:23 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.22 04:02:22 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.22 04:02:22 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.22 04:02:22 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.22 04:02:22 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.22 04:02:22 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.22 04:02:22 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.22 04:02:22 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.22 04:02:22 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.22 04:02:22 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.22 04:02:22 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.22 04:02:22 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.22 04:02:22 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.22 04:02:22 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.22 04:02:22 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.22 04:02:22 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.22 04:02:22 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.22 04:02:22 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.22 04:02:21 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.22 04:02:21 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.22 04:02:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.22 04:02:21 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.22 04:02:21 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.22 04:02:21 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.22 04:02:21 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.22 04:02:21 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.22 04:02:21 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.22 04:02:21 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.22 04:02:21 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.22 04:02:21 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.22 04:02:21 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.22 04:02:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.22 04:02:21 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.22 04:02:21 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.22 04:02:20 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.19 18:13:45 | 000,086,044 | ---- | M] () -- C:\Users\Xychor\Desktop\Mohsgedeck.jpg [2013.03.19 18:13:17 | 000,022,034 | ---- | M] () -- C:\Users\Xychor\Desktop\Geologengedeck.odt [2013.03.19 18:04:22 | 000,007,334 | ---- | M] () -- C:\Users\Xychor\Desktop\OpenDocument Text (neu).odt [2013.03.19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.03.19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.03.19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.03.16 19:05:54 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk ========== Files Created - No Company Name ========== [2013.04.11 00:47:46 | 000,005,289 | ---- | C] () -- C:\Users\Xychor\.recently-used.xbel [2013.04.09 21:46:56 | 001,852,928 | ---- | C] () -- C:\Users\Xychor\Desktop\jobst-audio_bausatz_preisliste_2013_mrz0.pdf [2013.04.08 18:14:11 | 000,082,620 | ---- | C] () -- C:\Users\Xychor\Desktop\erpx6utuxb.jpg [2013.04.08 18:07:11 | 000,030,004 | ---- | C] () -- C:\Users\Xychor\Desktop\1_184788.jpg [2013.04.08 11:11:30 | 000,135,431 | ---- | C] () -- C:\Users\Xychor\Desktop\544925_498860223502567_749226110_n.jpg [2013.04.05 08:21:35 | 000,039,122 | ---- | C] () -- C:\Users\Xychor\Desktop\flunkyballfb.jpg [2013.04.05 08:06:02 | 000,509,296 | ---- | C] () -- C:\Users\Xychor\Desktop\flunkyball.jpg [2013.04.03 08:46:39 | 000,200,896 | ---- | C] () -- C:\Users\Xychor\Desktop\Unbenannt.jpg [2013.03.30 06:16:35 | 000,068,783 | ---- | C] () -- C:\Users\Xychor\Desktop\Deskkeller.jpg [2013.03.24 18:42:39 | 000,394,916 | ---- | C] () -- C:\Users\Xychor\Desktop\Stundenplan SS13.jpg [2013.03.22 04:02:22 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.22 04:02:22 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.19 18:10:51 | 000,086,044 | ---- | C] () -- C:\Users\Xychor\Desktop\Mohsgedeck.jpg [2013.03.19 18:07:22 | 000,022,034 | ---- | C] () -- C:\Users\Xychor\Desktop\Geologengedeck.odt [2013.03.19 18:04:22 | 000,007,334 | ---- | C] () -- C:\Users\Xychor\Desktop\OpenDocument Text (neu).odt [2013.01.20 05:12:27 | 000,007,605 | ---- | C] () -- C:\Users\Xychor\AppData\Local\Resmon.ResmonCfg [2013.01.08 22:31:43 | 000,234,674 | ---- | C] () -- C:\Windows\hpoins21.dat [2013.01.08 22:31:43 | 000,005,474 | ---- | C] () -- C:\Windows\hpomdl21.dat [2013.01.06 04:18:49 | 000,005,448 | -HS- | C] () -- C:\Users\Xychor\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl [2013.01.06 04:18:49 | 000,005,448 | -HS- | C] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl [2012.10.23 19:00:59 | 083,023,306 | ---- | C] () -- C:\ProgramData\dapeton.pad [2012.09.20 14:03:36 | 000,003,584 | ---- | C] () -- C:\Users\Xychor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.05.15 16:51:10 | 001,553,426 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.05 07:43:07 | 000,225,720 | ---- | C] () -- C:\Windows\hpoins46.dat [2012.01.03 09:04:03 | 000,016,066 | ---- | C] () -- C:\Users\Xychor\Bewerbung.odt [2012.01.03 09:04:03 | 000,007,334 | ---- | C] () -- C:\Users\Xychor\Bewerbung2.odt [2012.01.03 09:03:50 | 000,043,349 | ---- | C] () -- C:\Users\Xychor\glykaemischer_index_lebensmitteln.pdf [2012.01.03 09:03:47 | 000,015,555 | ---- | C] () -- C:\Users\Xychor\Rechnung.odt [2012.01.03 09:03:26 | 000,026,215 | ---- | C] () -- C:\Users\Xychor\Rechnung.pdf [2012.01.02 18:44:55 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012.01.02 18:44:55 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.04.2013 13:30:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Xychor\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 53,69% Memory free
8,00 Gb Paging File | 5,91 Gb Available in Paging File | 73,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,15 Gb Total Space | 5,01 Gb Free Space | 7,24% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 25,23 Gb Free Space | 12,92% Space Free | Partition Type: NTFS
Drive E: | 102,78 Gb Total Space | 10,19 Gb Free Space | 9,91% Space Free | Partition Type: NTFS
Computer Name: PC-JAN | User Name: Xychor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-1214052748-636940894-3971663584-1001\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DD1B63-1A04-4CEE-9E1E-1626C80D38B5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B3DBA6A-A3E1-4833-BBDD-76DD1A3DF0FC}" = rport=138 | protocol=17 | dir=out | app=system |
"{0DE03724-8981-42C3-B8BF-D81CD9BB8B2A}" = lport=137 | protocol=17 | dir=in | app=system |
"{0EACEEA9-79D6-423C-B52F-9746091A8F05}" = rport=139 | protocol=6 | dir=out | app=system |
"{1083FD71-484E-4777-9B75-E4EED3438ED6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{11273924-94D6-4D75-BCC4-F100D1DFB2DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{28E42B13-E498-4ECB-93CE-9C4097B7E5F9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{346504D6-6E75-43B3-8174-3763B1B18525}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5492327D-21E8-4CE1-BB62-EEED5CAE4C0F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B4E70B8-6FC0-4C87-926A-51FC7785ADC8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6517CFA7-2FE4-4092-AEBE-0301DB3172AD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{755E8AFA-9DF9-4E63-B77A-DBFFE30631F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{75FDA165-A83C-4D05-8C44-A213B3529132}" = lport=138 | protocol=17 | dir=in | app=system |
"{8480D606-C4DB-41FC-838C-CDE6C0D71AE3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{84C6C9AB-2896-47F2-9480-E30F1FB3FE76}" = rport=137 | protocol=17 | dir=out | app=system |
"{8EF1283C-0532-472D-BA49-FABEC3EBED17}" = rport=445 | protocol=6 | dir=out | app=system |
"{9326899C-D151-4A6A-8182-BCF9E3BCC883}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{960D7058-90D5-40D9-8A78-EA002FA73191}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B192EEFC-EB14-49A8-8719-AAA0F525AE0C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BF8D1EF9-31B0-4F28-B5DF-297689E3CA16}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C78BF4E1-B1B1-49CA-ABB3-77C992E5E2B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E01296F3-7545-4018-95ED-634B1824139E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E89F3C35-66C0-48FC-9084-4857459A80C4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F53C8AA7-79BD-437B-AC18-2ADC29F12E90}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FF493069-224C-43ED-BD63-D2B6D03672A4}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0120E808-B1A3-4B76-96F5-73CA1C3C1274}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0218C499-8A14-402D-8F51-56EB32C7CBBF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{03AE3397-1EE0-4D04-AFE4-5D1104D998AD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{07A46694-5128-4AB7-86E4-63A8499895FA}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{08840790-A372-4810-B569-6D5A2A24A464}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{0A3C9383-61C8-44F8-83A4-578EE85F6BFC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{0FD125F6-C49B-4B26-B50A-2082BC8B1564}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{16480000-E701-49E4-8017-B874C602C18C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{18193D54-1301-49AE-B73B-F7C248A8C7AC}" = protocol=6 | dir=in | app=c:\users\xychor\appdata\roaming\dropbox\bin\dropbox.exe |
"{1FD5E4B0-7DCD-43A0-95D7-97FC083C9CB2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{21F9ED7C-6463-430A-9B54-47DBBD3FEE4E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{27BFE2F6-EFA4-4A51-B55F-4FBABD873AC7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{29793F33-E9AF-4563-9E4B-6D3F10C47551}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{2E19A7FA-2503-49BA-94F1-B9874789A790}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{36593680-2C2F-4875-9BE5-985B36AB9DAB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{3C7CDCEB-319A-4783-835A-1239287AE4C5}" = protocol=6 | dir=out | app=system |
"{3CA32A5E-8FAF-43EF-B4AB-CA78C30697F1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{3F5290B1-E702-475A-9EE0-C6E0DD4C12EC}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{44973F01-7D14-4AC8-9016-C22131410866}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4512A9C1-AFC3-47E6-B94C-E0FC29CD6A51}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4F1EA65B-A93F-408E-A35B-34124B8B8CBB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4F53DA95-2D51-4C7C-BA72-E0A3F678A42C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5AADAEA1-300E-42C3-885D-187FE93A783B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{5AE9E57A-C171-4CB4-BC0C-D7D889379000}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{5B824460-11FC-4694-8F1A-680584BBC97E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{607FE0C6-988C-4F6E-A186-6B6862C20527}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{61AC1C2B-BAC2-4CCA-9F78-61DB6642A51F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{67796C72-C673-4665-81A1-B78E53A9FB07}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{69E085FD-3165-4982-A078-C0B9870A341D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{6E91A093-7389-4373-8E5B-824BDB8C7265}" = protocol=17 | dir=in | app=c:\users\xychor\appdata\roaming\dropbox\bin\dropbox.exe |
"{6F6A7DED-58C6-49EF-8C04-54222781E3E2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{6FE89137-F965-4423-8AB7-B87D7C58E2D6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{7186099A-5A40-4D7D-BA18-FEDB01AE4958}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7502CB90-2121-47E2-98CD-A3A0F97CE83C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{7728339A-8D64-4154-82D2-F3377D5BDF16}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{77A8C62E-8A0F-4B9E-8F5B-FC2EA24F5558}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{7BA076EB-6243-4EDE-83BB-A2841BD72E5E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{7E53926B-1547-445F-82B4-E395AF32F758}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{806EB102-10D8-4254-9065-7DA31136BCB6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83EB0E20-33FB-4385-9F56-0B8ABE4B9958}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{868049C1-72DD-45AD-B900-DDC9CF7B3BB1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{94E67719-9DF1-4B88-A99C-F1526C172AB5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{95CF967C-1BC5-47A2-AA1C-325FECD51946}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{96BCDB62-CC36-4D96-A916-A5C8C6F059C3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{974C4ED9-C6F2-42C8-A484-0358CB3E3B62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98A76D19-1A18-4E93-8316-B0C7EE3F0D0E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{98B601FB-84AB-4C90-862D-A06C7AA8390C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A27E4C01-78CF-4DA5-AC63-A9ABD9949FE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{A3043FB9-A4AB-49E1-B8D4-651E54B42126}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{A56F8A46-43CD-4116-84FE-3CD20271C1FC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A9FC2A9B-9B37-45AE-8D4C-C28BAB774B46}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{AA3AE4DC-B9CC-4739-9838-278B7BA19CBA}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{ABE03697-93B2-47F0-91C6-8320DFFA8520}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{AF967A2A-A08A-4FC9-A7B8-34E9D12D0669}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{B043689E-B62B-4AAC-A22E-308BA1E8986B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{B1D3259E-C0B1-48C6-9979-BD0AD01BCA93}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2068583-D179-45BB-8DC7-E965F26C8D43}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B2662EB0-E1DC-44CC-B194-D2D3CFF841E7}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{B349148E-A09F-4226-970E-3E86C5771E04}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{B76B65B7-B57B-45F9-BBE0-6AE13980339E}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{BC486153-1F7A-4F80-8460-A23753C3B6EA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{C1B98A0E-529D-4B11-83DE-EC6A3CD661E7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{C43711F3-08C8-4399-8DC7-10B32477DF8C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{C5630EEB-7887-46BF-8F64-42818172BCF4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{CBAEF101-03FA-4DBD-ACAB-91B5E245173A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{CC582AC6-A60E-4E29-BA5D-E0EE803BE3F6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{CE9C0400-EE11-428B-B71E-77AA72FBA437}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D50E9636-70DF-490A-9F29-B4F9991DC40A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{D530C5DE-4412-4BDC-B1C4-A4A0CB33A237}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{DA0253C0-FE0B-4C20-9D9A-7FBB756C9895}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DF89F614-B9B4-4CBC-8EF2-FD471C4F1A7E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{E062589E-E364-4357-96D5-96ED7ECD1FC9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{E49FEBF0-DA85-4D51-8A47-0CF1291A87C6}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E4CFC9BB-056C-4EA1-B36E-80E9303D1EE0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E5014B25-B1CA-4C11-BF3E-B9DB6AA19BAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{E5253250-7609-48C2-AAE3-BB7DEB1B3BF6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{E5BED1BA-2EA8-494D-B220-07DED84E2C04}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{E78371DB-3144-492E-9BFD-EB3F23C27013}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{E8F0B00C-B1DF-4E14-90D4-6014A1EB2860}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9173598-169D-4248-B6F5-5B5F1D305D04}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{E95295E7-0859-417D-A2CD-A23780C19AC9}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{ED3737F9-3F4F-436D-8E78-A3449750C515}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{EF92F279-F423-42C1-AFA4-D395C6E206CD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{F4EE1CEA-E3C7-4672-8FA2-1E45DA13D6D6}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F545DB75-4D8A-4CDB-8649-C15BCF9A212F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{F6218813-B15C-4334-BC3A-64178336C040}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"TCP Query User{0F313BE4-26D2-4C98-986E-D8ACD2678648}D:\spiele\mark of chaos\warhammer.exe" = protocol=6 | dir=in | app=d:\spiele\mark of chaos\warhammer.exe |
"TCP Query User{10FE2D31-0A24-42BC-8EE6-957ECDEA85BA}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{115A19BB-B455-4486-BC8D-5AED55BB5F86}D:\spiele\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\spiele\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{1199E67A-6513-463F-8BBA-8D2B1E324DBE}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{14270B5C-38A2-415A-B711-14F0CB98EA0E}C:\windows\syswow64\svchost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"TCP Query User{16286DC4-4FB0-472D-84A0-A8EC5E153000}C:\users\xychor\appdata\roaming\boguut\oxog.exe" = protocol=6 | dir=in | app=c:\users\xychor\appdata\roaming\boguut\oxog.exe |
"TCP Query User{27F48E89-A1B9-4BD2-8422-E0AC6CC6EB75}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{36D5D073-87EE-4294-939B-A37591CD6954}D:\spiele\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\spiele\world of warcraft\launcher.exe |
"TCP Query User{75F28CBA-613A-49D3-AE76-99376FF75BB5}C:\program files (x86)\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"TCP Query User{7DB82BD1-978A-4912-926E-1F51785E9DD0}C:\users\xychor\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\xychor\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{8699AE4E-E61B-4854-B69A-DD47319D7ABA}D:\spiele\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=d:\spiele\world of warcraft\launcher.patch.exe |
"TCP Query User{9D1A7B00-0635-4C3A-B268-E54C513D43B8}D:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=d:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{C0D620B4-1755-4A9C-955A-1C6D4A1407A5}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{D10E0B94-46F3-4204-896E-A1A3447FCCB6}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{FB3BEE5C-5D27-4FE2-9664-65A5EA70423D}D:\spiele\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\spiele\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"UDP Query User{0508E8EF-6E40-4F6B-B53E-566ECEDF3F7A}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{1005DD4E-9067-43BA-A248-E24959B7988F}C:\users\xychor\appdata\roaming\boguut\oxog.exe" = protocol=17 | dir=in | app=c:\users\xychor\appdata\roaming\boguut\oxog.exe |
"UDP Query User{131765CA-18CC-4034-8D04-B5D8E5963ED6}D:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=d:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{394446F8-5137-4E02-A2FB-B212336D6B5A}D:\spiele\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\spiele\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{59E77656-48FB-412F-A042-55CF5C5DF95A}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{5E0515CC-D8B6-4CD7-B788-601E0B02B967}D:\spiele\mark of chaos\warhammer.exe" = protocol=17 | dir=in | app=d:\spiele\mark of chaos\warhammer.exe |
"UDP Query User{5FE926F4-8CA3-40B9-8CE5-12E8BF43C403}C:\program files (x86)\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"UDP Query User{68731DE2-FEFB-4676-BCC4-73A6FB931B41}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{7CD0F657-7816-4A0F-98D2-6B365F503D91}D:\spiele\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\spiele\world of warcraft\launcher.exe |
"UDP Query User{841DADBE-6104-422B-9D97-B6624F1A6A7C}C:\windows\syswow64\svchost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"UDP Query User{8772002B-534C-40B7-B677-706E97DAB8A3}D:\spiele\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=d:\spiele\world of warcraft\launcher.patch.exe |
"UDP Query User{AE56F292-C220-4CC6-A720-57D69CF5EF45}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{CAD7BA81-7B20-4098-9387-423A21D60644}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{CEEEF2B8-D48D-404C-8D33-68F253AA82B7}C:\users\xychor\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xychor\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{F72D55AD-DB3C-43B7-96C9-84427EB2E57F}D:\spiele\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\spiele\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{988329F4-A1A1-4D51-803C-EF2725A97627}" = HP Photosmart All-In-One Driver Software 13.0 Rel. 2
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2013
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{442D5880-05B4-4DC8-A038-2EDA79FAE601}" = Warhammer Mark of Chaos Manual Patch
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.11
"{5F374D5D-DB43-4263-9C29-BAB2C93FEFE6}" = Warhammer® Mark of Chaos
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{685B0843-6C8D-4E42-B60D-2B86B45526E0}" = PS_AIO_02_Software_Min
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{94F8D42D-BB31-4858-9705-7D756D8D9655}" = PS_AIO_02_Software
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Bibliographix 9_is1" = Bibliographix 9
"BitTorrent" = BitTorrent
"Diablo III" = Diablo III
"DMXControl" = DMXControl 2.12
"DocRepair" = DocRepair
"Inkscape" = Inkscape 0.46
"IrfanView" = IrfanView (remove only)
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.13.1734" = Opera 12.13
"Pidgin" = Pidgin
"Quantum GIS Wroclaw" = Quantum GIS Wroclaw 1.7.3 Wroclaw
"RealPlayer 15.0" = RealPlayer
"SedLog_is1" = SedLog 2.1.4
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1214052748-636940894-3971663584-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.01.2013 11:50:48 | Computer Name = PC-Jan | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Traktor.exe, Version: 1.2.7.9529,
Zeitstempel: 0x4d36cc12 Name des fehlerhaften Moduls: Traktor.exe, Version: 1.2.7.9529,
Zeitstempel: 0x4d36cc12 Ausnahmecode: 0x40000015 Fehleroffset: 0x00482d74 ID des fehlerhaften
Prozesses: 0x82f20 Startzeit der fehlerhaften Anwendung: 0x01cdff01885c7ef5 Pfad
der fehlerhaften Anwendung: C:\Program Files\Native Instruments\Traktor\Traktor.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Native Instruments\Traktor\Traktor.exe
Berichtskennung:
d029d822-6af4-11e2-b680-001966f9ef91
Error - 30.01.2013 11:52:42 | Computer Name = PC-Jan | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Traktor.exe, Version: 1.2.7.9529,
Zeitstempel: 0x4d36cc12 Name des fehlerhaften Moduls: Traktor.exe, Version: 1.2.7.9529,
Zeitstempel: 0x4d36cc12 Ausnahmecode: 0x40000015 Fehleroffset: 0x00482d74 ID des fehlerhaften
Prozesses: 0x839d0 Startzeit der fehlerhaften Anwendung: 0x01cdff01cbcd93cc Pfad
der fehlerhaften Anwendung: C:\Program Files\Native Instruments\Traktor\Traktor.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Native Instruments\Traktor\Traktor.exe
Berichtskennung:
148bba7b-6af5-11e2-b680-001966f9ef91
Error - 30.01.2013 11:53:06 | Computer Name = PC-Jan | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Traktor.exe, Version: 1.2.7.9529,
Zeitstempel: 0x4d36cc12 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00032ed0 ID des fehlerhaften
Prozesses: 0x83fd4 Startzeit der fehlerhaften Anwendung: 0x01cdff01d8a8f221 Pfad
der fehlerhaften Anwendung: C:\Program Files\Native Instruments\Traktor\Traktor.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 22ac89cd-6af5-11e2-b680-001966f9ef91
Error - 30.01.2013 11:53:32 | Computer Name = PC-Jan | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Traktor.exe, Version: 1.2.7.9529,
Zeitstempel: 0x4d36cc12 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033709 ID des fehlerhaften
Prozesses: 0xb103c Startzeit der fehlerhaften Anwendung: 0x01cdff01e6f9707b Pfad
der fehlerhaften Anwendung: C:\Program Files\Native Instruments\Traktor\Traktor.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 31d8607f-6af5-11e2-b680-001966f9ef91
Error - 02.02.2013 07:35:47 | Computer Name = PC-Jan | Source = .NET Runtime Optimization Service | ID = 1107
Description =
Error - 02.02.2013 07:39:51 | Computer Name = PC-Jan | Source = ESENT | ID = 215
Description = WinMail (3920) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 02.02.2013 07:39:57 | Computer Name = PC-Jan | Source = ESENT | ID = 215
Description = WinMail (3152) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 04.02.2013 18:55:57 | Computer Name = PC-Jan | Source = Application Hang | ID = 1002
Description = Programm Traktor.exe, Version 1.2.7.9529 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 22d4 Startzeit:
01ce0329c1951d71 Endzeit: 23 Anwendungspfad: C:\Program Files\Native Instruments\Traktor\Traktor.exe
Berichts-ID:
e5bb1b6a-6f1d-11e2-9a4e-001966f9ef91
Error - 20.03.2013 19:47:31 | Computer Name = PC-Jan | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: winamp.exe, Version: 5.6.2.3189,
Zeitstempel: 0x4ea85649 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00038dc9 ID des fehlerhaften
Prozesses: 0x4ed0 Startzeit der fehlerhaften Anwendung: 0x01ce25c36569ca9d Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Winamp\winamp.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 87588c5e-91b8-11e2-9be7-001966f9ef91
Error - 23.03.2013 10:29:14 | Computer Name = PC-Jan | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 10.1.1.33,
Zeitstempel: 0x4e64e4e2 Name des fehlerhaften Moduls: AcroRd32.dll, Version: 10.1.1.33,
Zeitstempel: 0x4e64f98b Ausnahmecode: 0xc0000005 Fehleroffset: 0x000218f8 ID des fehlerhaften
Prozesses: 0x35bc Startzeit der fehlerhaften Anwendung: 0x01ce27d2c09765b2 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.dll
Berichtskennung:
08d26b0b-93c6-11e2-8eac-001966f9ef91
[ System Events ]
Error - 09.01.2013 22:27:48 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 09.01.2013 22:27:48 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 09.01.2013 23:03:50 | Computer Name = PC-Jan | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 12.01.2013 04:59:42 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 13.01.2013 10:33:15 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 13.01.2013 14:44:15 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 13.01.2013 14:44:18 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 13.01.2013 14:46:22 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 13.01.2013 14:46:22 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 13.01.2013 18:43:39 | Computer Name = PC-Jan | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
< End of report >
|
|
11.04.2013, 13:30
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | ZeuS/ZBot Telekom Warnung OTL Log files Hallo,
__________________gab es auf dem Rechner, von dem dieses OTL-Log stammt, irgendwann mal eine Schädlingswarnung sprich ist der Virenscanner mal angesprungen?
__________________ |
|
11.04.2013, 13:56
| #3 |
| | ZeuS/ZBot Telekom Warnung OTL Log files Hallo cosinus,
__________________ja, das ist vorgekommen und zwar am 07.01.13 mit folgendem Bericht: "";"Tracking cookie.Tradedoubler gefunden, C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Cookies\49NWVDYG.txt";"Infiziert" "";"Tracking cookie.Mediaplex gefunden, C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Cookies\QRPKQMDA.txt";"Infiziert" "";"Tracking cookie.Atdmt gefunden, C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Cookies\ME0BT1VE.txt";"Infiziert" "";"Tracking cookie.Serving-sys gefunden, C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Cookies\SUMDADXS.txt";"In Virenquarantäne verschoben" "";"Tracking cookie.Serving-sys gefunden, C:\Users\Xychor\AppData\Roaming\Microsoft\Windows\Cookies\F73W2704.txt";"In Virenquarantäne verschoben" "";"Tracking cookie.Oewabox gefunden, C:\Users\Xychor\AppData\Roaming\Opera\Opera\cookies4.dat";"In Virenquarantäne verschoben" AVG konnte die Probleme lt. eigener Angabe aber beheben. |
|
11.04.2013, 14:06
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZeuS/ZBot Telekom Warnung OTL Log files Das sind eh nur Cookies Gab es auf den anderen Rechnern denn Funde?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.04.2013, 14:18
| #5 |
| | ZeuS/ZBot Telekom Warnung OTL Log files Die anderen habe ich bisher noch nicht gecheckt. Der Rechner von meinem Vater ist erst vor 3 Wochen neu angeschafft worden, inkl. AVG Vollversion. Er macht außer Ebay, Email und E-Nachrichten damit auch nicht viel. Würde mich arg wundern, wenn nach so kurzer Zeit bereits eine Infektion vorläge, aber möglich wärs natürlich. Der andere Rechner ist von meiner Schwester und steht nur rum, da sie vor einigen Monaten ausgezogen ist. Davon dürfte in den letzten 2-3 Monaten also keine Aktivität von ausgegangen sein. Ich tippe daher am ehesten auf mich selbst als Verursacher. Bye the way: Was ist denn von dieser komischen "oxog.exe" zu halten? Ich kann damit kein installiertes Programm verbinden und google meint wohl auch es handele sich ggf. um malware  |
|
11.04.2013, 14:51
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZeuS/ZBot Telekom Warnung OTL Log files Das Ding ist mir auch aufgefallen, deswegen fragte ich ja nach Funden. Aber nun gut. Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
 Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> ZeuS/ZBot Telekom Warnung OTL Log files |
|
11.04.2013, 16:38
| #7 |
| | ZeuS/ZBot Telekom Warnung OTL Log files Gesagt getan! Hier die geforderten logs: Gmer: Beim ersten Durchlauf stürzte das Programm ab (Anwendung reagiert nicht); beim 2. mal gings dann aber. Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-11 17:12:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-4 WDC_WD740ADFS-00SLR5 rev.21.07QR5 69,25GB
Running: mievd99n.exe; Driver: C:\Users\Xychor\AppData\Local\Temp\uxldapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff80002dfb000 85 bytes [58, AA, F9, FF, B8, 99, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 646 fffff80002dfb056 29 bytes {XOR AL, AL; JMP 0xfffffffffff79b6b}
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076971465 2 bytes [97, 76]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769714bb 2 bytes [97, 76]
.text ... * 2
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[1996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076971465 2 bytes [97, 76]
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[1996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769714bb 2 bytes [97, 76]
.text ... * 2
.text C:\Users\Xychor\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000076971465 2 bytes [97, 76]
.text C:\Users\Xychor\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000769714bb 2 bytes [97, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076971465 2 bytes [97, 76]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769714bb 2 bytes [97, 76]
.text ... * 2
.text C:\Program Files (x86)\AVG\AVG2013\avgui.exe[3228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076971465 2 bytes [97, 76]
.text C:\Program Files (x86)\AVG\AVG2013\avgui.exe[3228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769714bb 2 bytes [97, 76]
.text ... * 2
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.04.11.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Xychor :: PC-JAN [administrator]
11.04.2013 17:22:17
mbar-log-2013-04-11 (17-22-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 27215
Time elapsed: 4 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (PUM.UserWLoad) -> Data: C:\Users\Xychor\LOCALS~1\Temp\msuyot.exe -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (Trojan.Agent) -> Data: C:\Users\Xychor\LOCALS~1\Temp\msuyot.exe -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Ein 2. Scan verlief ohne Ergebnisse (scan log alles "0 detected") Edith sagt: Bevor ich deinen Anweisungen gefolgt bin, habe ich die Behebungsstrategie aus der Telekommail ausprobiert, d.h. Malwarebyte drüber laufen lassen. Ergebnis waren 3 Funde: 2 unter den Pfaden aus dem MBAR Log und ein "Trojan.Delf" in C:ProgramData/lsass.exe. Alle 3 sollten nach Neustart entfernt worden sein. Geändert von Xychor (11.04.2013 um 16:43 Uhr) |
|
12.04.2013, 12:36
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZeuS/ZBot Telekom Warnung OTL Log files aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.04.2013, 14:16
| #9 |
| | ZeuS/ZBot Telekom Warnung OTL Log files So, dann wollen wir mal. Schon mal danke so weit! aswMBR log: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-12 14:34:57
-----------------------------
14:34:57.594 OS Version: Windows x64 6.1.7601 Service Pack 1
14:34:57.594 Number of processors: 4 586 0x403
14:34:57.594 ComputerName: PC-JAN UserName: Xychor
14:34:59.604 Initialize success
14:37:34.833 AVAST engine defs: 13041200
14:37:42.842 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:37:42.842 Disk 0 Vendor: ST3320620SV 3.ACH Size: 305245MB BusType: 3
14:37:42.850 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-4
14:37:42.860 Disk 1 Vendor: WDC_WD740ADFS-00SLR5 21.07QR5 Size: 70911MB BusType: 3
14:37:42.977 Disk 1 MBR read successfully
14:37:42.985 Disk 1 MBR scan
14:37:43.049 Disk 1 Windows 7 default MBR code
14:37:43.067 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:37:43.100 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 70809 MB offset 206848
14:37:43.141 Disk 1 scanning C:\Windows\system32\drivers
14:37:55.952 Service scanning
14:38:23.959 Modules scanning
14:38:23.977 Disk 1 trace - called modules:
14:38:23.993 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
14:38:23.993 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004a27060]
14:38:24.004 3 CLASSPNP.SYS[fffff8800193e43f] -> nt!IofCallDriver -> [0xfffffa8003adb580]
14:38:24.010 5 ACPI.sys[fffff88000f5d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-4[0xfffffa8003ada060]
14:38:25.446 AVAST engine scan C:\Windows
14:38:27.934 AVAST engine scan C:\Windows\system32
14:43:40.505 AVAST engine scan C:\Windows\system32\drivers
14:43:52.728 AVAST engine scan C:\Users\Xychor
15:13:28.813 AVAST engine scan C:\ProgramData
15:14:42.061 Scan finished successfully
15:15:47.801 Disk 1 MBR has been saved successfully to "C:\Users\Xychor\Desktop\MBR.dat"
15:15:47.809 The log file has been saved successfully to "C:\Users\Xychor\Desktop\aswMBR.txt"
Code:
ATTFilter 15:16:04.0426 7980 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:16:04.0768 7980 ============================================================
15:16:04.0768 7980 Current date / time: 2013/04/12 15:16:04.0768
15:16:04.0768 7980 SystemInfo:
15:16:04.0768 7980
15:16:04.0768 7980 OS Version: 6.1.7601 ServicePack: 1.0
15:16:04.0768 7980 Product type: Workstation
15:16:04.0768 7980 ComputerName: PC-JAN
15:16:04.0776 7980 UserName: Xychor
15:16:04.0776 7980 Windows directory: C:\Windows
15:16:04.0776 7980 System windows directory: C:\Windows
15:16:04.0776 7980 Running under WOW64
15:16:04.0776 7980 Processor architecture: Intel x64
15:16:04.0776 7980 Number of processors: 4
15:16:04.0776 7980 Page size: 0x1000
15:16:04.0776 7980 Boot type: Normal boot
15:16:04.0776 7980 ============================================================
15:16:06.0010 7980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:16:06.0018 7980 Drive \Device\Harddisk1\DR1 - Size: 0x114FF30000 (69.25 Gb), SectorSize: 0x200, Cylinders: 0x234F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:16:06.0026 7980 ============================================================
15:16:06.0026 7980 \Device\Harddisk0\DR0:
15:16:06.0061 7980 MBR partitions:
15:16:06.0061 7980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
15:16:06.0061 7980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1869E598, BlocksNum 0xCD8F129
15:16:06.0061 7980 \Device\Harddisk1\DR1:
15:16:06.0061 7980 MBR partitions:
15:16:06.0061 7980 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:16:06.0061 7980 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8A4C800
15:16:06.0061 7980 ============================================================
15:16:06.0077 7980 C: <-> \Device\Harddisk1\DR1\Partition2
15:16:06.0944 7980 D: <-> \Device\Harddisk0\DR0\Partition1
15:16:09.0758 7980 E: <-> \Device\Harddisk0\DR0\Partition2
15:16:09.0758 7980 ============================================================
15:16:09.0758 7980 Initialize success
15:16:09.0758 7980 ============================================================
15:16:50.0911 8152 ============================================================
15:16:50.0911 8152 Scan started
15:16:50.0911 8152 Mode: Manual; SigCheck; TDLFS;
15:16:50.0911 8152 ============================================================
15:16:54.0137 8152 ================ Scan system memory ========================
15:16:54.0137 8152 System memory - ok
15:16:54.0137 8152 ================ Scan services =============================
15:16:54.0227 8152 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:16:54.0395 8152 1394ohci - ok
15:16:54.0428 8152 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:16:54.0436 8152 ACPI - ok
15:16:54.0452 8152 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:16:54.0569 8152 AcpiPmi - ok
15:16:54.0620 8152 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:16:54.0655 8152 AdobeARMservice - ok
15:16:54.0704 8152 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:16:54.0739 8152 adp94xx - ok
15:16:54.0754 8152 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:16:54.0770 8152 adpahci - ok
15:16:54.0788 8152 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:16:54.0797 8152 adpu320 - ok
15:16:54.0813 8152 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:16:54.0952 8152 AeLookupSvc - ok
15:16:54.0993 8152 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:16:55.0083 8152 AFD - ok
15:16:55.0108 8152 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:16:55.0131 8152 agp440 - ok
15:16:55.0147 8152 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:16:55.0186 8152 ALG - ok
15:16:55.0202 8152 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:16:55.0217 8152 aliide - ok
15:16:55.0231 8152 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:16:55.0241 8152 amdide - ok
15:16:55.0256 8152 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:16:55.0286 8152 AmdK8 - ok
15:16:55.0303 8152 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:16:55.0329 8152 AmdPPM - ok
15:16:55.0352 8152 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:16:55.0370 8152 amdsata - ok
15:16:55.0385 8152 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:16:55.0399 8152 amdsbs - ok
15:16:55.0411 8152 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:16:55.0418 8152 amdxata - ok
15:16:55.0434 8152 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:16:55.0622 8152 AppID - ok
15:16:55.0651 8152 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:16:55.0708 8152 AppIDSvc - ok
15:16:55.0741 8152 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:16:55.0790 8152 Appinfo - ok
15:16:55.0797 8152 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:16:55.0809 8152 arc - ok
15:16:55.0811 8152 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:16:55.0829 8152 arcsas - ok
15:16:55.0844 8152 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:16:55.0877 8152 AsyncMac - ok
15:16:55.0893 8152 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:16:55.0907 8152 atapi - ok
15:16:55.0967 8152 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:16:56.0083 8152 athr - ok
15:16:56.0127 8152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:16:56.0227 8152 AudioEndpointBuilder - ok
15:16:56.0243 8152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:16:56.0266 8152 AudioSrv - ok
15:16:56.0473 8152 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
15:16:56.0682 8152 AVGIDSAgent - ok
15:16:56.0706 8152 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
15:16:56.0731 8152 AVGIDSDriver - ok
15:16:56.0756 8152 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
15:16:56.0764 8152 AVGIDSHA - ok
15:16:56.0776 8152 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
15:16:56.0791 8152 Avgldx64 - ok
15:16:56.0823 8152 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
15:16:56.0833 8152 Avgloga - ok
15:16:56.0852 8152 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
15:16:56.0868 8152 Avgmfx64 - ok
15:16:56.0883 8152 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
15:16:56.0891 8152 Avgrkx64 - ok
15:16:56.0899 8152 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
15:16:56.0918 8152 Avgtdia - ok
15:16:56.0934 8152 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
15:16:56.0954 8152 avgwd - ok
15:16:56.0969 8152 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:16:57.0069 8152 AxInstSV - ok
15:16:57.0104 8152 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:16:57.0153 8152 b06bdrv - ok
15:16:57.0170 8152 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:16:57.0196 8152 b57nd60a - ok
15:16:57.0229 8152 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:16:57.0256 8152 BDESVC - ok
15:16:57.0264 8152 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:16:57.0303 8152 Beep - ok
15:16:57.0362 8152 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:16:57.0420 8152 BFE - ok
15:16:57.0452 8152 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:16:57.0528 8152 BITS - ok
15:16:57.0553 8152 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:16:57.0569 8152 blbdrive - ok
15:16:57.0610 8152 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:16:57.0647 8152 bowser - ok
15:16:57.0657 8152 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:16:57.0680 8152 BrFiltLo - ok
15:16:57.0696 8152 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:16:57.0704 8152 BrFiltUp - ok
15:16:57.0719 8152 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:16:57.0745 8152 Browser - ok
15:16:57.0760 8152 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:16:57.0793 8152 Brserid - ok
15:16:57.0793 8152 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:16:57.0817 8152 BrSerWdm - ok
15:16:57.0817 8152 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:16:57.0834 8152 BrUsbMdm - ok
15:16:57.0838 8152 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:16:57.0846 8152 BrUsbSer - ok
15:16:57.0866 8152 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:16:57.0885 8152 BTHMODEM - ok
15:16:57.0909 8152 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:16:57.0950 8152 bthserv - ok
15:16:57.0969 8152 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:16:58.0010 8152 cdfs - ok
15:16:58.0034 8152 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:16:58.0067 8152 cdrom - ok
15:16:58.0092 8152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:16:58.0133 8152 CertPropSvc - ok
15:16:58.0141 8152 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:16:58.0157 8152 circlass - ok
15:16:58.0186 8152 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:16:58.0202 8152 CLFS - ok
15:16:58.0250 8152 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:16:58.0280 8152 clr_optimization_v2.0.50727_32 - ok
15:16:58.0311 8152 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:16:58.0327 8152 clr_optimization_v2.0.50727_64 - ok
15:16:58.0362 8152 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:16:58.0405 8152 clr_optimization_v4.0.30319_32 - ok
15:16:58.0424 8152 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:16:58.0442 8152 clr_optimization_v4.0.30319_64 - ok
15:16:58.0442 8152 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:16:58.0467 8152 CmBatt - ok
15:16:58.0491 8152 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:16:58.0504 8152 cmdide - ok
15:16:58.0520 8152 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:16:58.0555 8152 CNG - ok
15:16:58.0563 8152 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:16:58.0571 8152 Compbatt - ok
15:16:58.0586 8152 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:16:58.0612 8152 CompositeBus - ok
15:16:58.0627 8152 COMSysApp - ok
15:16:58.0627 8152 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:16:58.0643 8152 crcdisk - ok
15:16:58.0670 8152 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:16:58.0708 8152 CryptSvc - ok
15:16:58.0733 8152 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
15:16:58.0741 8152 CVirtA - ok
15:16:58.0827 8152 [ 98C413E1A2FB6E5A4C101C25B3D0B275 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
15:16:58.0899 8152 CVPND - ok
15:16:58.0936 8152 [ 79AF0E203D089AF442A3F70ED00A37FB ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
15:16:58.0944 8152 CVPNDRVA - ok
15:16:58.0977 8152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:16:59.0043 8152 DcomLaunch - ok
15:16:59.0067 8152 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:16:59.0108 8152 defragsvc - ok
15:16:59.0143 8152 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:16:59.0188 8152 DfsC - ok
15:16:59.0219 8152 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:16:59.0245 8152 Dhcp - ok
15:16:59.0245 8152 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:16:59.0293 8152 discache - ok
15:16:59.0309 8152 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:16:59.0317 8152 Disk - ok
15:16:59.0350 8152 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
15:16:59.0360 8152 DNE - ok
15:16:59.0383 8152 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:16:59.0461 8152 Dnscache - ok
15:16:59.0495 8152 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:16:59.0543 8152 dot3svc - ok
15:16:59.0584 8152 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:16:59.0602 8152 Dot4 - ok
15:16:59.0618 8152 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
15:16:59.0643 8152 Dot4Print - ok
15:16:59.0651 8152 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:16:59.0678 8152 dot4usb - ok
15:16:59.0694 8152 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:16:59.0735 8152 DPS - ok
15:16:59.0745 8152 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:16:59.0768 8152 drmkaud - ok
15:16:59.0801 8152 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:16:59.0881 8152 DXGKrnl - ok
15:16:59.0905 8152 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:16:59.0961 8152 EapHost - ok
15:17:00.0057 8152 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:17:00.0241 8152 ebdrv - ok
15:17:00.0264 8152 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:17:00.0311 8152 EFS - ok
15:17:00.0366 8152 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:17:00.0438 8152 ehRecvr - ok
15:17:00.0459 8152 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:17:00.0493 8152 ehSched - ok
15:17:00.0524 8152 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:17:00.0557 8152 elxstor - ok
15:17:00.0575 8152 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:17:00.0588 8152 ErrDev - ok
15:17:00.0610 8152 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:17:00.0651 8152 EventSystem - ok
15:17:00.0659 8152 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:17:00.0690 8152 exfat - ok
15:17:00.0702 8152 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:17:00.0750 8152 fastfat - ok
15:17:00.0791 8152 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:17:00.0834 8152 Fax - ok
15:17:00.0850 8152 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:17:00.0860 8152 fdc - ok
15:17:00.0875 8152 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:17:00.0907 8152 fdPHost - ok
15:17:00.0918 8152 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:17:00.0950 8152 FDResPub - ok
15:17:00.0959 8152 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:17:00.0967 8152 FileInfo - ok
15:17:00.0975 8152 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:17:01.0008 8152 Filetrace - ok
15:17:01.0016 8152 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:17:01.0024 8152 flpydisk - ok
15:17:01.0041 8152 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:17:01.0057 8152 FltMgr - ok
15:17:01.0110 8152 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:17:01.0159 8152 FontCache - ok
15:17:01.0192 8152 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:17:01.0202 8152 FontCache3.0.0.0 - ok
15:17:01.0217 8152 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:17:01.0227 8152 FsDepends - ok
15:17:01.0243 8152 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:17:01.0250 8152 Fs_Rec - ok
15:17:01.0286 8152 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:17:01.0301 8152 fvevol - ok
15:17:01.0319 8152 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:17:01.0329 8152 gagp30kx - ok
15:17:01.0377 8152 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:17:01.0471 8152 gpsvc - ok
15:17:01.0479 8152 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:17:01.0512 8152 hcw85cir - ok
15:17:01.0545 8152 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:17:01.0569 8152 HdAudAddService - ok
15:17:01.0596 8152 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:17:01.0627 8152 HDAudBus - ok
15:17:01.0635 8152 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:17:01.0653 8152 HidBatt - ok
15:17:01.0661 8152 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:17:01.0668 8152 HidBth - ok
15:17:01.0686 8152 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:17:01.0706 8152 HidIr - ok
15:17:01.0719 8152 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:17:01.0758 8152 hidserv - ok
15:17:01.0784 8152 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:17:01.0799 8152 HidUsb - ok
15:17:01.0807 8152 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:17:01.0850 8152 hkmsvc - ok
15:17:01.0883 8152 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:17:01.0916 8152 HomeGroupListener - ok
15:17:01.0934 8152 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:17:01.0959 8152 HomeGroupProvider - ok
15:17:01.0983 8152 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:17:01.0999 8152 HpSAMD - ok
15:17:02.0043 8152 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:17:02.0092 8152 HTTP - ok
15:17:02.0110 8152 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:17:02.0122 8152 hwpolicy - ok
15:17:02.0153 8152 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:17:02.0161 8152 i8042prt - ok
15:17:02.0202 8152 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:17:02.0217 8152 iaStorV - ok
15:17:02.0270 8152 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:17:02.0290 8152 idsvc - ok
15:17:02.0305 8152 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:17:02.0313 8152 iirsp - ok
15:17:02.0346 8152 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:17:02.0397 8152 IKEEXT - ok
15:17:02.0479 8152 [ F04D22D7A49A1B2210DBADF0B803E870 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:17:02.0553 8152 IntcAzAudAddService - ok
15:17:02.0569 8152 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:17:02.0584 8152 intelide - ok
15:17:02.0602 8152 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:17:02.0618 8152 intelppm - ok
15:17:02.0645 8152 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:17:02.0678 8152 IPBusEnum - ok
15:17:02.0690 8152 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:17:02.0731 8152 IpFilterDriver - ok
15:17:02.0762 8152 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:17:02.0834 8152 iphlpsvc - ok
15:17:02.0864 8152 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:17:02.0895 8152 IPMIDRV - ok
15:17:02.0903 8152 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:17:02.0963 8152 IPNAT - ok
15:17:02.0981 8152 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:17:03.0047 8152 IRENUM - ok
15:17:03.0063 8152 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:17:03.0079 8152 isapnp - ok
15:17:03.0106 8152 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:17:03.0131 8152 iScsiPrt - ok
15:17:03.0163 8152 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:17:03.0172 8152 kbdclass - ok
15:17:03.0192 8152 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:17:03.0206 8152 kbdhid - ok
15:17:03.0215 8152 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:17:03.0231 8152 KeyIso - ok
15:17:03.0249 8152 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:17:03.0256 8152 KSecDD - ok
15:17:03.0272 8152 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:17:03.0282 8152 KSecPkg - ok
15:17:03.0297 8152 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:17:03.0327 8152 ksthunk - ok
15:17:03.0350 8152 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:17:03.0395 8152 KtmRm - ok
15:17:03.0420 8152 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:17:03.0456 8152 LanmanServer - ok
15:17:03.0483 8152 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:17:03.0530 8152 LanmanWorkstation - ok
15:17:03.0555 8152 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:17:03.0579 8152 lltdio - ok
15:17:03.0612 8152 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:17:03.0649 8152 lltdsvc - ok
15:17:03.0659 8152 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:17:03.0690 8152 lmhosts - ok
15:17:03.0704 8152 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:17:03.0719 8152 LSI_FC - ok
15:17:03.0719 8152 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:17:03.0737 8152 LSI_SAS - ok
15:17:03.0737 8152 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:17:03.0745 8152 LSI_SAS2 - ok
15:17:03.0762 8152 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:17:03.0770 8152 LSI_SCSI - ok
15:17:03.0788 8152 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:17:03.0819 8152 luafv - ok
15:17:03.0844 8152 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:17:03.0852 8152 MBAMProtector - ok
15:17:03.0911 8152 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:17:03.0950 8152 MBAMScheduler - ok
15:17:04.0002 8152 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:17:04.0034 8152 MBAMService - ok
15:17:04.0051 8152 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:17:04.0077 8152 Mcx2Svc - ok
15:17:04.0084 8152 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:17:04.0094 8152 megasas - ok
15:17:04.0110 8152 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:17:04.0127 8152 MegaSR - ok
15:17:04.0153 8152 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:17:04.0188 8152 MMCSS - ok
15:17:04.0209 8152 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:17:04.0247 8152 Modem - ok
15:17:04.0272 8152 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:17:04.0295 8152 monitor - ok
15:17:04.0311 8152 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:17:04.0319 8152 mouclass - ok
15:17:04.0340 8152 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:17:04.0350 8152 mouhid - ok
15:17:04.0374 8152 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:17:04.0387 8152 mountmgr - ok
15:17:04.0403 8152 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:17:04.0413 8152 mpio - ok
15:17:04.0428 8152 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:17:04.0463 8152 mpsdrv - ok
15:17:04.0504 8152 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:17:04.0561 8152 MpsSvc - ok
15:17:04.0594 8152 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:17:04.0610 8152 MRxDAV - ok
15:17:04.0635 8152 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:17:04.0668 8152 mrxsmb - ok
15:17:04.0676 8152 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:17:04.0700 8152 mrxsmb10 - ok
15:17:04.0715 8152 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:17:04.0735 8152 mrxsmb20 - ok
15:17:04.0750 8152 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:17:04.0758 8152 msahci - ok
15:17:04.0774 8152 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:17:04.0788 8152 msdsm - ok
15:17:04.0803 8152 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:17:04.0829 8152 MSDTC - ok
15:17:04.0844 8152 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:17:04.0877 8152 Msfs - ok
15:17:04.0877 8152 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:17:04.0913 8152 mshidkmdf - ok
15:17:04.0936 8152 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:17:04.0944 8152 msisadrv - ok
15:17:04.0973 8152 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:17:05.0018 8152 MSiSCSI - ok
15:17:05.0018 8152 msiserver - ok
15:17:05.0034 8152 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:17:05.0075 8152 MSKSSRV - ok
15:17:05.0083 8152 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:17:05.0108 8152 MSPCLOCK - ok
15:17:05.0116 8152 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:17:05.0157 8152 MSPQM - ok
15:17:05.0182 8152 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:17:05.0190 8152 MsRPC - ok
15:17:05.0213 8152 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:17:05.0223 8152 mssmbios - ok
15:17:05.0239 8152 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:17:05.0262 8152 MSTEE - ok
15:17:05.0270 8152 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:17:05.0290 8152 MTConfig - ok
15:17:05.0305 8152 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:17:05.0313 8152 Mup - ok
15:17:05.0348 8152 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:17:05.0397 8152 napagent - ok
15:17:05.0420 8152 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:17:05.0448 8152 NativeWifiP - ok
15:17:05.0547 8152 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:17:05.0598 8152 NDIS - ok
15:17:05.0606 8152 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:17:05.0649 8152 NdisCap - ok
15:17:05.0657 8152 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:17:05.0698 8152 NdisTapi - ok
15:17:05.0721 8152 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:17:05.0749 8152 Ndisuio - ok
15:17:05.0774 8152 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:17:05.0813 8152 NdisWan - ok
15:17:05.0831 8152 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:17:05.0875 8152 NDProxy - ok
15:17:05.0916 8152 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:17:05.0932 8152 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:17:05.0932 8152 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:17:05.0958 8152 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:17:06.0004 8152 NetBIOS - ok
15:17:06.0022 8152 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:17:06.0055 8152 NetBT - ok
15:17:06.0071 8152 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:17:06.0079 8152 Netlogon - ok
15:17:06.0104 8152 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:17:06.0149 8152 Netman - ok
15:17:06.0165 8152 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:17:06.0213 8152 netprofm - ok
15:17:06.0229 8152 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:17:06.0245 8152 NetTcpPortSharing - ok
15:17:06.0252 8152 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:17:06.0260 8152 nfrd960 - ok
15:17:06.0293 8152 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:17:06.0309 8152 NlaSvc - ok
15:17:06.0317 8152 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:17:06.0350 8152 Npfs - ok
15:17:06.0368 8152 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:17:06.0399 8152 nsi - ok
15:17:06.0407 8152 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:17:06.0450 8152 nsiproxy - ok
15:17:06.0540 8152 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:17:06.0624 8152 Ntfs - ok
15:17:06.0641 8152 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:17:06.0680 8152 Null - ok
15:17:06.0973 8152 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:17:07.0364 8152 nvlddmkm - ok
15:17:07.0395 8152 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:17:07.0403 8152 nvraid - ok
15:17:07.0420 8152 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:17:07.0436 8152 nvstor - ok
15:17:07.0477 8152 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
15:17:07.0506 8152 nvsvc - ok
15:17:07.0584 8152 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:17:07.0666 8152 nvUpdatusService - ok
15:17:07.0692 8152 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:17:07.0708 8152 nv_agp - ok
15:17:07.0733 8152 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:17:07.0743 8152 ohci1394 - ok
15:17:07.0766 8152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:17:07.0815 8152 p2pimsvc - ok
15:17:07.0834 8152 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:17:07.0850 8152 p2psvc - ok
15:17:07.0868 8152 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:17:07.0885 8152 Parport - ok
15:17:07.0901 8152 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:17:07.0911 8152 partmgr - ok
15:17:07.0926 8152 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:17:07.0950 8152 PcaSvc - ok
15:17:07.0975 8152 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:17:07.0983 8152 pci - ok
15:17:08.0008 8152 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:17:08.0018 8152 pciide - ok
15:17:08.0036 8152 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:17:08.0051 8152 pcmcia - ok
15:17:08.0067 8152 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:17:08.0075 8152 pcw - ok
15:17:08.0100 8152 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:17:08.0151 8152 PEAUTH - ok
15:17:08.0200 8152 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:17:08.0223 8152 PerfHost - ok
15:17:08.0284 8152 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:17:08.0360 8152 pla - ok
15:17:08.0389 8152 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:17:08.0413 8152 PlugPlay - ok
15:17:08.0436 8152 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:17:08.0452 8152 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:17:08.0452 8152 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:17:08.0471 8152 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:17:08.0487 8152 PNRPAutoReg - ok
15:17:08.0512 8152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:17:08.0528 8152 PNRPsvc - ok
15:17:08.0553 8152 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:17:08.0602 8152 PolicyAgent - ok
15:17:08.0625 8152 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:17:08.0670 8152 Power - ok
15:17:08.0690 8152 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:17:08.0731 8152 PptpMiniport - ok
15:17:08.0750 8152 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:17:08.0774 8152 Processor - ok
15:17:08.0805 8152 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:17:08.0846 8152 ProfSvc - ok
15:17:08.0854 8152 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:17:08.0872 8152 ProtectedStorage - ok
15:17:08.0895 8152 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:17:08.0961 8152 Psched - ok
15:17:09.0004 8152 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:17:09.0061 8152 ql2300 - ok
15:17:09.0069 8152 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:17:09.0084 8152 ql40xx - ok
15:17:09.0102 8152 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:17:09.0118 8152 QWAVE - ok
15:17:09.0135 8152 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:17:09.0155 8152 QWAVEdrv - ok
15:17:09.0170 8152 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:17:09.0211 8152 RasAcd - ok
15:17:09.0245 8152 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:17:09.0268 8152 RasAgileVpn - ok
15:17:09.0278 8152 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:17:09.0317 8152 RasAuto - ok
15:17:09.0336 8152 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:17:09.0368 8152 Rasl2tp - ok
15:17:09.0393 8152 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:17:09.0434 8152 RasMan - ok
15:17:09.0442 8152 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:17:09.0485 8152 RasPppoe - ok
15:17:09.0495 8152 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:17:09.0522 8152 RasSstp - ok
15:17:09.0545 8152 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:17:09.0579 8152 rdbss - ok
15:17:09.0586 8152 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:17:09.0604 8152 rdpbus - ok
15:17:09.0620 8152 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:17:09.0645 8152 RDPCDD - ok
15:17:09.0668 8152 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:17:09.0702 8152 RDPENCDD - ok
15:17:09.0717 8152 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:17:09.0743 8152 RDPREFMP - ok
15:17:09.0768 8152 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:17:09.0838 8152 RDPWD - ok
15:17:09.0864 8152 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:17:09.0893 8152 rdyboost - ok
15:17:09.0911 8152 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:17:09.0950 8152 RemoteAccess - ok
15:17:09.0973 8152 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:17:10.0006 8152 RemoteRegistry - ok
15:17:10.0020 8152 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:17:10.0061 8152 RpcEptMapper - ok
15:17:10.0077 8152 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:17:10.0110 8152 RpcLocator - ok
15:17:10.0127 8152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:17:10.0163 8152 RpcSs - ok
15:17:10.0170 8152 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:17:10.0204 8152 rspndr - ok
15:17:10.0237 8152 [ F65F171165FBB613F7AA3CC78E8CAB42 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:17:10.0290 8152 RTL8167 - ok
15:17:10.0305 8152 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:17:10.0313 8152 SamSs - ok
15:17:10.0340 8152 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:17:10.0348 8152 sbp2port - ok
15:17:10.0383 8152 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:17:10.0424 8152 SCardSvr - ok
15:17:10.0442 8152 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:17:10.0475 8152 scfilter - ok
15:17:10.0526 8152 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:17:10.0616 8152 Schedule - ok
15:17:10.0635 8152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:17:10.0666 8152 SCPolicySvc - ok
15:17:10.0684 8152 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:17:10.0715 8152 SDRSVC - ok
15:17:10.0733 8152 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:17:10.0778 8152 secdrv - ok
15:17:10.0793 8152 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:17:10.0825 8152 seclogon - ok
15:17:10.0834 8152 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:17:10.0877 8152 SENS - ok
15:17:10.0895 8152 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:17:10.0920 8152 SensrSvc - ok
15:17:10.0938 8152 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:17:10.0954 8152 Serenum - ok
15:17:10.0979 8152 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:17:10.0991 8152 Serial - ok
15:17:11.0006 8152 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:17:11.0022 8152 sermouse - ok
15:17:11.0045 8152 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:17:11.0084 8152 SessionEnv - ok
15:17:11.0104 8152 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:17:11.0135 8152 sffdisk - ok
15:17:11.0153 8152 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:17:11.0168 8152 sffp_mmc - ok
15:17:11.0188 8152 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:17:11.0204 8152 sffp_sd - ok
15:17:11.0219 8152 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:17:11.0229 8152 sfloppy - ok
15:17:11.0252 8152 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:17:11.0297 8152 SharedAccess - ok
15:17:11.0333 8152 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:17:11.0374 8152 ShellHWDetection - ok
15:17:11.0381 8152 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:17:11.0389 8152 SiSRaid2 - ok
15:17:11.0407 8152 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:17:11.0416 8152 SiSRaid4 - ok
15:17:11.0432 8152 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:17:11.0465 8152 Smb - ok
15:17:11.0500 8152 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:17:11.0541 8152 SNMPTRAP - ok
15:17:11.0557 8152 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:17:11.0573 8152 spldr - ok
15:17:11.0610 8152 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:17:11.0661 8152 Spooler - ok
15:17:11.0788 8152 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:17:11.0961 8152 sppsvc - ok
15:17:11.0977 8152 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:17:12.0014 8152 sppuinotify - ok
15:17:12.0047 8152 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:17:12.0086 8152 srv - ok
15:17:12.0108 8152 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:17:12.0133 8152 srv2 - ok
15:17:12.0151 8152 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:17:12.0166 8152 srvnet - ok
15:17:12.0200 8152 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:17:12.0243 8152 SSDPSRV - ok
15:17:12.0258 8152 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:17:12.0293 8152 SstpSvc - ok
15:17:12.0350 8152 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:17:12.0368 8152 Stereo Service - ok
15:17:12.0385 8152 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:17:12.0393 8152 stexstor - ok
15:17:12.0434 8152 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:17:12.0469 8152 stisvc - ok
15:17:12.0493 8152 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:17:12.0502 8152 swenum - ok
15:17:12.0528 8152 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:17:12.0573 8152 swprv - ok
15:17:12.0653 8152 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:17:12.0766 8152 SysMain - ok
15:17:12.0782 8152 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:17:12.0801 8152 TabletInputService - ok
15:17:12.0817 8152 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:17:12.0858 8152 TapiSrv - ok
15:17:12.0881 8152 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:17:12.0905 8152 TBS - ok
15:17:12.0999 8152 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:17:13.0079 8152 Tcpip - ok
15:17:13.0120 8152 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:17:13.0153 8152 TCPIP6 - ok
15:17:13.0178 8152 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:17:13.0194 8152 tcpipreg - ok
15:17:13.0202 8152 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:17:13.0270 8152 TDPIPE - ok
15:17:13.0295 8152 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:17:13.0311 8152 TDTCP - ok
15:17:13.0340 8152 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:17:13.0377 8152 tdx - ok
15:17:13.0393 8152 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:17:13.0401 8152 TermDD - ok
15:17:13.0440 8152 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:17:13.0495 8152 TermService - ok
15:17:13.0510 8152 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:17:13.0526 8152 Themes - ok
15:17:13.0541 8152 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:17:13.0573 8152 THREADORDER - ok
15:17:13.0581 8152 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:17:13.0618 8152 TrkWks - ok
15:17:13.0645 8152 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:17:13.0692 8152 TrustedInstaller - ok
15:17:13.0708 8152 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:17:13.0733 8152 tssecsrv - ok
15:17:13.0760 8152 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:17:13.0791 8152 TsUsbFlt - ok
15:17:13.0815 8152 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:17:13.0848 8152 tunnel - ok
15:17:13.0856 8152 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:17:13.0872 8152 uagp35 - ok
15:17:13.0887 8152 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:17:13.0928 8152 udfs - ok
15:17:13.0954 8152 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:17:13.0975 8152 UI0Detect - ok
15:17:13.0991 8152 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:17:13.0999 8152 uliagpkx - ok
15:17:14.0022 8152 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:17:14.0038 8152 umbus - ok
15:17:14.0045 8152 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:17:14.0053 8152 UmPass - ok
15:17:14.0075 8152 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:17:14.0122 8152 upnphost - ok
15:17:14.0141 8152 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:17:14.0165 8152 usbccgp - ok
15:17:14.0190 8152 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:17:14.0206 8152 usbcir - ok
15:17:14.0221 8152 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:17:14.0239 8152 usbehci - ok
15:17:14.0254 8152 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:17:14.0284 8152 usbhub - ok
15:17:14.0299 8152 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:17:14.0325 8152 usbohci - ok
15:17:14.0333 8152 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:17:14.0358 8152 usbprint - ok
15:17:14.0383 8152 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:17:14.0399 8152 usbscan - ok
15:17:14.0434 8152 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:17:14.0475 8152 USBSTOR - ok
15:17:14.0500 8152 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:17:14.0508 8152 usbuhci - ok
15:17:14.0524 8152 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:17:14.0571 8152 UxSms - ok
15:17:14.0584 8152 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:17:14.0596 8152 VaultSvc - ok
15:17:14.0616 8152 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:17:14.0624 8152 vdrvroot - ok
15:17:14.0672 8152 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:17:14.0733 8152 vds - ok
15:17:14.0741 8152 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:17:14.0756 8152 vga - ok
15:17:14.0764 8152 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:17:14.0793 8152 VgaSave - ok
15:17:14.0819 8152 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:17:14.0829 8152 vhdmp - ok
15:17:14.0852 8152 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:17:14.0862 8152 viaide - ok
15:17:14.0877 8152 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:17:14.0885 8152 volmgr - ok
15:17:14.0907 8152 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:17:14.0922 8152 volmgrx - ok
15:17:14.0946 8152 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:17:14.0954 8152 volsnap - ok
15:17:14.0971 8152 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:17:14.0983 8152 vsmraid - ok
15:17:15.0047 8152 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:17:15.0147 8152 VSS - ok
15:17:15.0151 8152 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:17:15.0180 8152 vwifibus - ok
15:17:15.0204 8152 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:17:15.0229 8152 vwififlt - ok
15:17:15.0252 8152 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:17:15.0323 8152 W32Time - ok
15:17:15.0336 8152 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:17:15.0354 8152 WacomPen - ok
15:17:15.0372 8152 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:17:15.0403 8152 WANARP - ok
15:17:15.0403 8152 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:17:15.0434 8152 Wanarpv6 - ok
15:17:15.0502 8152 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:17:15.0584 8152 wbengine - ok
15:17:15.0610 8152 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:17:15.0633 8152 WbioSrvc - ok
15:17:15.0659 8152 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:17:15.0692 8152 wcncsvc - ok
15:17:15.0708 8152 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:17:15.0733 8152 WcsPlugInService - ok
15:17:15.0741 8152 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:17:15.0749 8152 Wd - ok
15:17:15.0790 8152 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:17:15.0817 8152 Wdf01000 - ok
15:17:15.0833 8152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:17:15.0889 8152 WdiServiceHost - ok
15:17:15.0889 8152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:17:15.0905 8152 WdiSystemHost - ok
15:17:15.0920 8152 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:17:15.0954 8152 WebClient - ok
15:17:15.0973 8152 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:17:16.0022 8152 Wecsvc - ok
15:17:16.0038 8152 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:17:16.0077 8152 wercplsupport - ok
15:17:16.0104 8152 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:17:16.0145 8152 WerSvc - ok
15:17:16.0161 8152 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:17:16.0194 8152 WfpLwf - ok
15:17:16.0202 8152 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:17:16.0209 8152 WIMMount - ok
15:17:16.0235 8152 WinDefend - ok
15:17:16.0243 8152 WinHttpAutoProxySvc - ok
15:17:16.0291 8152 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:17:16.0348 8152 Winmgmt - ok
15:17:16.0428 8152 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:17:16.0528 8152 WinRM - ok
15:17:16.0569 8152 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:17:16.0584 8152 WinUsb - ok
15:17:16.0620 8152 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:17:16.0651 8152 Wlansvc - ok
15:17:16.0836 8152 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:17:16.0952 8152 wlidsvc - ok
15:17:16.0967 8152 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:17:16.0985 8152 WmiAcpi - ok
15:17:17.0002 8152 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:17:17.0094 8152 wmiApSrv - ok
15:17:17.0168 8152 WMPNetworkSvc - ok
15:17:17.0182 8152 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:17:17.0219 8152 WPCSvc - ok
15:17:17.0237 8152 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:17:17.0268 8152 WPDBusEnum - ok
15:17:17.0293 8152 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:17:17.0342 8152 ws2ifsl - ok
15:17:17.0350 8152 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:17:17.0383 8152 wscsvc - ok
15:17:17.0383 8152 WSearch - ok
15:17:17.0483 8152 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:17:17.0579 8152 wuauserv - ok
15:17:17.0600 8152 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:17:17.0620 8152 WudfPf - ok
15:17:17.0645 8152 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:17:17.0661 8152 WUDFRd - ok
15:17:17.0678 8152 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:17:17.0698 8152 wudfsvc - ok
15:17:17.0725 8152 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:17:17.0750 8152 WwanSvc - ok
15:17:17.0766 8152 ================ Scan global ===============================
15:17:17.0782 8152 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:17:17.0799 8152 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:17:17.0807 8152 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:17:17.0833 8152 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:17:17.0848 8152 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:17:17.0848 8152 [Global] - ok
15:17:17.0848 8152 ================ Scan MBR ==================================
15:17:17.0916 8152 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:17:20.0360 8152 \Device\Harddisk0\DR0 - ok
15:17:20.0372 8152 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:17:20.0514 8152 \Device\Harddisk1\DR1 - ok
15:17:20.0514 8152 ================ Scan VBR ==================================
15:17:20.0514 8152 [ 98B1B206D9F423B6159D55E8159CEF98 ] \Device\Harddisk0\DR0\Partition1
15:17:20.0624 8152 \Device\Harddisk0\DR0\Partition1 - ok
15:17:20.0670 8152 [ B93975F3DAFD61C08C74C201F06F473A ] \Device\Harddisk0\DR0\Partition2
15:17:20.0698 8152 \Device\Harddisk0\DR0\Partition2 - ok
15:17:20.0706 8152 [ A67E14F1ED6D3E90998A18800EF0AAC9 ] \Device\Harddisk1\DR1\Partition1
15:17:20.0706 8152 \Device\Harddisk1\DR1\Partition1 - ok
15:17:20.0713 8152 [ A4B202F076340C40A34FCAB55401EE5B ] \Device\Harddisk1\DR1\Partition2
15:17:20.0713 8152 \Device\Harddisk1\DR1\Partition2 - ok
15:17:20.0713 8152 ============================================================
15:17:20.0713 8152 Scan finished
15:17:20.0713 8152 ============================================================
15:17:20.0729 7916 Detected object count: 2
15:17:20.0729 7916 Actual detected object count: 2
15:17:50.0810 7916 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:50.0810 7916 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:17:50.0810 7916 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:50.0810 7916 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:18:33.0621 2464 Deinitialize success
|
|
12.04.2013, 23:55
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZeuS/ZBot Telekom Warnung OTL Log files Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.04.2013, 15:14
| #11 |
| | ZeuS/ZBot Telekom Warnung OTL Log files Hier die log.txt von Combofix: Code:
ATTFilter ComboFix 13-04-12.02 - Xychor 13.04.2013 15:40:57.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2366 [GMT 2:00]
ausgeführt von:: c:\users\Xychor\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\dapeton.pad
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\auth.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\burnlib.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\dsp_sps.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\enc_fhgaac.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\enc_flac.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\enc_lame.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\enc_vorbis.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\enc_wav.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\enc_wma.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_classicart.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_crasher.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_ff.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_find_on_disk.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_hotkeys.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_jumpex.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_ml.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_nopro.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_orgler.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_skinmanager.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_timerestore.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_tray.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\gen_undo.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_avi.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_cdda.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_dshow.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_flac.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_flv.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_linein.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_midi.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_mkv.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_mod.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_mp3.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_mp4.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_nsv.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_swf.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_vorbis.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_wav.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_wave.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_wm.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\in_wv.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_addons.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_autotag.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_bookmarks.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_devices.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_disc.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_downloads.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_enqplay.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_history.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_impex.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_local.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_nowplaying.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_online.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_orb.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_playlists.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_plg.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_pmp.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_rg.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_transcode.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ml_wire.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\ombrowser.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\out_disk.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\out_ds.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\out_wave.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\playlist.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\pmp_activesync.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\pmp_android.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\pmp_ipod.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\pmp_njb.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\pmp_p4s.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\pmp_usb.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\pmp_wifi.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\tagz.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\vis_avs.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\vis_milk2.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\vis_nsfs.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\winamp.lng
c:\users\Xychor\AppData\Local\Temp\WLZ902B.tmp\winampa.lng
c:\windows\SysWow64\SETACCE.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-03-13 bis 2013-04-13 ))))))))))))))))))))))))))))))
.
.
2013-04-11 13:26 . 2013-04-11 13:26 -------- d-----w- c:\users\Xychor\AppData\Roaming\Malwarebytes
2013-04-11 13:25 . 2013-04-11 13:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-11 13:25 . 2013-04-11 13:25 -------- d-----w- c:\programdata\Malwarebytes
2013-04-11 13:25 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-11 13:25 . 2013-04-11 13:25 -------- d-----w- c:\users\Xychor\AppData\Local\Programs
2013-04-10 10:15 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 10:15 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 10:15 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 10:15 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 10:15 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 10:15 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 10:15 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 10:14 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 10:14 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 10:14 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 10:14 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 10:14 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 10:14 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 10:14 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 10:14 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-20 22:49 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-11 01:02 . 2012-01-02 17:56 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-02-25 22:32 . 2013-02-25 22:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-25 22:32 . 2012-10-10 20:22 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-25 22:32 . 2013-02-25 22:32 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-25 22:32 . 2013-02-25 22:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-25 22:32 . 2012-01-02 17:34 2826040 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-25 22:32 . 2013-02-25 22:32 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-25 22:32 . 2012-01-02 17:34 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-25 22:32 . 2013-02-25 22:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-25 22:32 . 2013-02-25 22:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-25 22:32 . 2009-07-13 21:59 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-25 22:32 . 2013-02-25 22:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-25 22:32 . 2013-02-25 22:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-25 22:32 . 2013-02-25 22:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-12 05:45 . 2013-03-16 17:18 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-16 17:18 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-16 17:18 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-16 17:18 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-16 17:18 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-16 17:18 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-19 16:58 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-01-19 16:58 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-01-18 15:00 . 2012-01-02 17:35 6390048 ----a-w- c:\windows\system32\nvcpl.dll
2013-01-18 15:00 . 2012-01-02 17:35 3460896 ----a-w- c:\windows\system32\nvsvc64.dll
2013-01-18 15:00 . 2012-01-02 17:35 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-01-18 15:00 . 2012-01-02 17:35 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-01-18 15:00 . 2012-01-02 17:35 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
2013-01-18 15:00 . 2012-01-02 17:35 118560 ----a-w- c:\windows\system32\nvmctray.dll
2013-01-18 06:15 . 2013-01-18 06:15 550176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-01-13 21:17 . 2013-02-28 02:01 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-28 02:01 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-28 02:01 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-28 02:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:01 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:01 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 02:01 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 02:01 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 02:01 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-28 02:01 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:01 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:01 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:01 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:01 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:01 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:01 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-28 02:01 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-28 02:01 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-28 02:01 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-28 02:01 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-28 02:01 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-28 02:01 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-28 02:01 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-28 02:01 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-28 02:01 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-28 02:01 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-28 02:01 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-28 02:01 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-28 02:01 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-28 02:01 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-28 02:01 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-28 02:01 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-28 02:01 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-28 02:01 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-28 02:01 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-28 02:01 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-28 02:01 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-28 02:01 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-28 02:01 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-28 02:01 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-28 02:01 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-28 02:01 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-28 02:01 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-28 02:01 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-28 02:01 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-28 02:01 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-28 02:01 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-28 02:01 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Xychor\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Xychor\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Xychor\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-10-26 74752]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"StereoLinksInstall"="c:\program files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" [2013-01-18 1041696]
.
c:\users\Xychor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Xychor\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-02 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-21 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Xychor\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Xychor\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Xychor\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Xychor\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-18 8067616]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{0886900B-B2F3-452C-B580-60F1253F7F80} - c:\programdata\{BB25779E-744C-48F3-94DE-CD6F60A5AC55}\Controller Editor Setup PC.exe
AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}\Service Center Setup PC.exe
AddRemove-{2AAC4085-DCBF-417B-AEBD-182197839240} - c:\programdata\{5E267FB6-2CB9-4677-A53F-58B022B7B66D}\Traktor Setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1214052748-636940894-3971663584-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1214052748-636940894-3971663584-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-04-13 16:10:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-04-13 14:10
.
Vor Suchlauf: 7.512.190.976 Bytes frei
Nach Suchlauf: 7.987.273.728 Bytes frei
.
- - End Of File - - BAAA082116D9F10B7A84274D2717F0E9
|
|
13.04.2013, 16:15
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZeuS/ZBot Telekom Warnung OTL Log files JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.04.2013, 17:38
| #13 |
| | ZeuS/ZBot Telekom Warnung OTL Log files JRT.txt: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Xychor on 13.04.2013 at 18:24:43,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Xychor\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{00C18AAB-417C-48BD-90B4-FFD84A6839C6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{00DA43B0-C644-4843-A8C7-14BDEA815DFA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{01FAE1AE-913A-4BCF-AA8A-AD52A1C366E9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0213B933-D090-4741-A91E-522ACCEC2AB4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{02BC793F-93A2-4376-ABE4-C3A545BD540A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0300FCB2-A674-4322-8365-7E317385003D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{031FF947-9676-4C6F-A16A-3874A41287BF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{032A2DE8-7676-426E-957C-C361AB3C5AFB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{032D1E81-3AD6-4548-8C94-CA5D7207001E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{033ED9E6-87B5-4BD0-B130-329E1A347F63}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{03711C17-A138-4EF0-93A9-846C4B307939}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0499CF37-AC5E-49E8-B9D0-93B34D8EBE13}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{04AE1F58-0390-4A62-A808-21047228DE6C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{04DBB8B8-75E8-4AA9-81CC-2FECE270F55C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{04E3A02D-9C04-464D-9032-38593BC7D89F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{05600FE2-47AA-4791-9488-3F409848FEAB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{05A38D40-FBC6-4C88-B2B1-2C802A95A677}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{061C667F-C548-4B8D-B41F-DD685A9BFD23}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{06375542-A23D-4C54-BFBE-EBB859476D31}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{06488DC9-C95B-4449-B214-24921CA183A8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{06A6E8F6-3A04-4630-8D37-78374459DD5A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0790A60F-A582-4DE4-91E4-D520F68B5F34}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{07CE4DE4-57EB-4DFA-A3B7-69AF1DBA87B8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{082810EC-30D5-40E4-8ABA-C5B3A946CF0C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0885479A-E2BF-42C7-B98B-4D2F4A161BD5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0918ABDF-11A2-4409-91CC-7F1656A7F4B9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0924F5A0-4F91-4781-8C38-6F20BCB0DF4F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{09802CB4-D908-46C8-A906-9967F8E1CA79}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{09AC6E72-AFB9-4FB3-9ED4-8153112345FE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0A23CA3C-4417-478A-ADDB-0AFDA40B501B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0A24A713-1F57-48AB-B2A1-90E234BF9DBD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0A261948-16DD-4616-8C5F-705884BAFB21}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0A5D9438-8387-4898-8537-372D0B583E69}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0A7A5B49-6769-4E89-A150-105CE7F6B5B7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0AA49A56-1B82-449B-A4C5-A9D7108D6455}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0B744374-9482-4D13-8011-3377A02D448D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0B7A03E8-2328-414C-9207-842CF70AB9BE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0B92467A-95B6-4794-8501-C4AA91BFA4EE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0C4244C7-6EAE-44B3-82E4-9C8BAA98268B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0C898A96-C127-44C8-826A-730415B1F299}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0CA82E9D-B451-4B63-AB9E-6CE6654C8A38}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0CD3D050-DE29-4183-A26D-C02D59BAAE3E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0D7F6F6D-A365-4716-9D2C-55EB0C435016}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0E209466-A812-420F-B7D1-DAFB19307B9E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0E83A931-B885-4C3E-A6D8-FD05EECF7058}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0E867DC0-5F25-4079-8CE8-8E5286E4A4D3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0E9030AE-528A-45D3-87C4-E6D7A54F7A9B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0E9E9287-252D-4E34-922B-FCF9228C622E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0EC604D8-5A48-4616-8C22-92B94F2ED36C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0EED4E32-9560-4579-ACE5-FB8A93FF4EE7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{0FC844FA-F1ED-4C90-82F1-1246ED2CC41E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{10533759-9494-4481-A0A9-38DD4CE9ABC0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{105D2900-B8A6-45A4-A322-7D795EE8E841}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{107F8878-1E8A-4481-B0D3-53E69483C965}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{10C181E2-F0F8-439E-A26C-04EF20A1FC20}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1160601C-FCBF-47A0-A79D-3CB0EA599120}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{11B4372F-9388-4CD2-97CC-AB6FAEC11AB7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{11E1A52C-C896-449E-A8F0-2A3C96D425F1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{12710110-7BFD-4F35-9021-1533EF5E86BC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{128FC3DF-998D-4759-A65B-919816795C1E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{12A8AD04-F28A-4D8A-9B5F-7E959FD2A86D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{12E22BCE-4D02-4AD9-BEE2-B9F0419BA9F2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{13E731EB-A926-4E8C-9660-29E53854E891}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{14CC84D1-CC5D-4562-92A1-BEB61F18C376}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{14E91373-73FB-475E-B01F-EC08A2434114}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1502454A-0898-4EB2-BD80-E8769A108374}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{156754B6-B2FB-431E-A286-905128E2AA6D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{15E3C094-BF96-4397-B2F1-19E117AE1EEB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{15E54439-A535-44CE-B6E0-9C4F718D5088}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1667CE39-26FA-475D-A167-2A046D0A7E23}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{16B4032A-7F29-41E0-8DFD-FC6BE53400AA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{17827547-7E44-4BAC-809B-0766FB540DDB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{18399853-2ED1-4E58-98DF-CFE2723A59A4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1841B1EE-1963-46D4-896E-3FD82D8CF48A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1870C5E5-63E9-4ABD-9CCE-35B5684DFBD7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{19C44B9E-B850-44A0-BA87-B60781AB8B6E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{19E53423-B711-45EE-A0A2-025A33F6FCAB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{19F4EB17-2400-4031-BE81-6418ABAB5F62}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{19F7A144-C6D1-4092-A80D-7486CD35D959}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1AD572B9-6C49-4CD0-9842-FF4C91393BD8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1B0793F9-1CAD-49EE-A203-7A52C48E8610}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1B640989-E499-4B6F-A7A7-2E947D1774EE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1B8AE4DA-A10B-46D6-AFFE-BFCC8A26258F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1BF39D24-3EE9-4CA4-ABCF-9483D9D51FEC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1C2A9E81-F0D0-41C8-AC5A-CB812EED3801}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1C4FAC17-FDFB-4570-A3A8-EAB6EDC686B7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1C793E8C-62FE-4B6D-A71A-1F9969305723}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1C82B0ED-B649-412C-A96C-8DA7BB22C249}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1CA85C93-1B19-478E-9C1D-94BAEC683BD3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1CB81F62-F3EF-44EB-9366-0910FD451068}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1CF78511-937C-4614-864F-28737D80BACB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1D712A20-E4CD-4122-BC1A-8A84384C0227}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1D7B1303-1E73-456C-8DE5-2F10BEFA717E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1D8F126B-8783-4EAB-806A-484468729852}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1D9279EC-6883-45C3-9B48-A1540D5D2E46}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1E0479AF-2A25-4E8E-B952-984B490C032C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1E8483DA-FB2A-4D5B-841F-0E47322D3463}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1EB70703-720F-4DD6-81F1-A02B6FBA222F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1FBE0396-C14C-4A92-8C7A-1F474A73F1D8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{1FE94156-0D47-415C-9464-3B8A5AABE353}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{200A7651-82DD-4E2A-9B18-5C1A3DE1DB68}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{200AF364-F825-4967-BDD8-39FB98558E9C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2026C873-9B0E-4663-A976-432B3C17E6F4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{20406EF4-B15D-44EB-8728-1427D8E654A9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{217D38BF-896D-45E9-9115-38F6F475F181}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2185A77C-8FA9-4ED2-8B99-03FAFC3D9B99}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2209C4CE-17CE-4BE6-A5A6-5358BA619DEB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{221FF95F-A8F7-450B-9152-419B144011FE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2267C16A-D345-4895-9123-2BF3D03A5A9B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{22DD7EC0-E262-4B22-AF6B-EF733BCF50B6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2390DB97-39A9-4996-8D53-CCFC1A26FDC1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{24A275C7-D90A-40D7-B681-6A6437AC7548}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{24C852F1-65A3-49D2-92B6-DD987B504AEB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{24F1577B-9DC8-4CAA-85EE-C9740736D105}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{25448C84-F583-4888-BC18-5F01ACB3BACE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{258DFC43-89B7-4028-978E-EFB736756CBF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{25A7E4CA-E277-42A6-A112-34F774D19938}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{25E431DD-8A22-4FB4-8F63-73D054FA0161}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{25E903E4-816D-4FA6-8A38-36BBFBC2DF4E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{263B9465-A890-454F-9515-D9D30B1315D2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2668562F-2A1B-461F-9991-BCD36CDEE328}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{26F4202F-875F-4D7C-8C11-15353B5DF8A3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{26F443F3-9341-4A20-88ED-4C4F9B33D13C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{271A8324-C42A-4467-8C09-094DF921DEE7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{27686C3A-70B6-447A-9F23-0F1C439D0113}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{27C862B8-BBDB-488A-91E2-1377B50EEF9F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2844C70F-12D7-4929-98EA-D141CB9D971C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{284A7577-4841-495B-BD02-0A1B54AADB2D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{28A26FDE-B014-41B9-B8F7-047634892111}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{28A6343B-4100-4ED7-9B08-88AA735CCC47}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{28D5C49F-0A05-4445-888D-A9B9E5B460FC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2900EEB2-7344-45FC-94F4-A252A03D88B8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2914397A-7C41-4C87-8285-6C849014C08B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{29416585-9C81-4883-8022-3AE9D588F3AA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{29ACE925-E914-4DA7-B6A1-4BE9C1831BA4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{29FF2D27-B793-425D-9A63-418C9751616D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2A3E1648-CA26-4A06-86D7-DEF6A7696281}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2AC1E704-2BC7-4542-B4FE-404C22F8219B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2ADD979F-A6B3-40B1-89C5-86F5C73ADF9A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2AE22264-0EB5-4723-B3CF-F5BAC174083B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2AE38E09-65EA-40EB-B5C3-EDBE08674BBD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2B271289-01E2-4323-83BC-AF34AC0033D2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2B491528-8AA0-4D24-9581-21D3A8A3F5A9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2BC50E52-9B20-4FF0-B0ED-698A49A5F1E4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2BDB4646-47BA-4C66-AED5-3B1AFB0B63A9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2BF759A1-E757-4A3C-9B3A-C6AFE6F33327}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2C4BF22A-1B85-4816-B0DD-18DDD547ED96}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2C98B0E5-7130-4224-8C6A-0DEACF0F6C91}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2DD7ACC9-46D9-48B6-B9B3-E961AB285170}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2E171D71-CB2C-4C18-AC2F-AC2480BE1BC1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2E651E22-97A9-4FD7-A04A-F29E023D64FC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2E7FD20C-1EE6-4F6D-AA2A-E85CEE8D9472}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2F108698-DB03-4794-902A-729BEB990351}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2FC1542F-6B23-4AFA-BE3E-D880077A076F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{2FDFAD2F-1E3A-4F8A-A500-267B76EEB1EC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3007A1CD-0761-4F69-B1EB-1DC98147645C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3029500A-D641-4E2B-B86A-B00A18BA985A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{30A802BF-CF56-40B1-97AD-E51FF8AAA950}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{30C01365-A6B9-417B-9760-DE5ADA39E094}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{30CC38B5-58BC-478F-AC87-131A2D17DD9B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{30ECF19C-50B9-4DD7-AB4B-BF6C69B16B8B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{30FB5188-04DD-47E1-AEB9-B3D65981282F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{317343F1-2F10-4DD5-8E72-4F9F7CDCF024}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{317F345F-4A02-4EEA-BB48-46EA24633286}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{319B813C-9D90-40AA-8AA4-611605CD2DF9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{32965AB2-934A-4889-A077-D55D35D4C297}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{331E5C98-791B-4687-86B8-17DFF8E00E8A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{33ECBD32-9082-4156-98E4-2667B9FF4137}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{33FD8349-69F2-49A5-A57E-5D58143DBA16}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{34007997-FF4D-492E-B258-938A5A830B0D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{34C75458-78E1-405F-A3F8-34E52B972B0A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{34FAB1EE-A182-4264-A64A-2FEEC0EE90E3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{34FF7425-6037-4934-A662-BE2BE5E715A9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3522DA66-D0FF-4A16-9830-DEDFC3F77CD5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{358494A0-D8C6-4F11-A4DA-125F47EC27CA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{361FC393-C0F3-4B3A-897D-1E96D5870765}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{36434DC3-5FD0-4405-BE96-C89D51697616}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{369BEC5E-4A4B-4D42-9035-C7169BD23CD6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{36AD99F7-E011-454C-8E7B-731ABFA15EC4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{370465B3-A6CC-435C-AF8E-0623BC0CD8B9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{376826BF-72B1-43B6-A106-82A9DEC9F00C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{37E1C22A-E9BF-4CAF-8260-52113F038021}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{37F9EB3D-5FE6-446B-86FC-A89681DF8348}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{380A2776-8B66-4F6D-B2B4-F2B4127711F8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{382562A5-598E-4205-B015-20F0535009A7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3942B5CC-CF21-4376-83EC-DE3599F56255}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{39557786-EC19-4C79-8795-DC9246632C25}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{399912AC-5413-4717-9C72-E542727BB989}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{39E4EB2F-A8A2-4357-81C5-C350719D5337}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3A471106-CA4C-4C6C-AFAA-B7167DA81830}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3A848C0C-B6D2-4B2B-8D16-20599F54A1DB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3A85A81A-7CCE-49DF-BA81-926960543C50}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3AFBCDA7-C244-4782-B5A1-0BD37B66529C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3B24FB81-58F9-4C30-8D6D-A02B5249251F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3B702D62-50C3-4867-847E-BBC7F82D33A2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3BE083A6-B977-4800-87BD-CEC60A5E0916}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3C56D807-624C-4080-9018-CCFEE8086684}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3C6403B2-6A08-4B11-82E3-6567CB6AC79D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3C8F76B4-347B-4A9E-A905-741D2FC0DB2B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3E0851B2-5C8E-42E5-9825-098D195EB000}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3E2D2EAE-6D53-446A-8FDC-237D31022F1F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3E72B3F9-1255-4677-91B8-2BE1042D7C8C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3E9A6CA5-23E6-4240-BDCB-F2A556AE216C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3EA7F097-D2A9-47B8-80AF-7EC0235EFF4E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3F311116-E8CA-4CD6-8820-1FBE862F2F36}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3F50A559-D740-4472-B2C7-1DC338195A9D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{3F59454D-5FCD-47E6-BF40-FF0060994CDF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4005C93A-8412-42C3-A52F-54F6F43C1122}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{40482B72-4CEF-4E27-B783-038292322AE8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{405EA47E-705B-40B1-8065-C1D8B3247772}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{40AEA0CE-CA6A-4B78-AB5B-F98BC9E45C6D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{40CB2F42-6A70-426E-ABE9-CBDA1CC88FF3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{41733D8B-4A12-4447-B293-60C99F7C7B1C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{41884B03-0D00-47ED-88B3-1712E3D991D2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{41E15F49-4985-487D-B6B2-7FAEDD7CBA45}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{421A5AAF-FC74-4D4C-AF45-D840F391A194}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{421E44A1-118C-470A-B8E8-760F35D0B858}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4270427C-9682-4306-878A-82B234994359}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{42998214-54DC-4EB7-8480-A0F8DC1AF0B1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{42CEE6F8-095C-4910-8740-DFF3F089AD7E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{42E336A9-7CF2-471F-B84C-80BF0CD402D3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{43304A58-F33C-4514-824C-3DCFBB25821C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{43A71555-6782-4F65-9231-E4D0713A6DE1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{43AD3F33-B9B3-4650-94AD-96C2A498836B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{43E9083C-AF9A-4152-8A3A-1E9A9A01F6A7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{441D988D-0F75-4ED5-93B8-00EF3D14BB79}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4438424E-BE49-4FC9-BBF1-26998FCDD4BF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4457FCEC-B92B-4BDF-8E28-705190712213}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4488173A-BA02-4820-9519-E9031CAB618A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{44B8AA86-C259-42A8-A6DE-8F7E7066BFA1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4518C2DB-97F3-4C97-A835-F1E4DE5927DA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{45241651-7FDE-44D9-9EA1-F525B1FD0F01}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4591C039-18C6-45A8-B113-019B35DD9C01}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{46BA8985-813F-4882-9915-7D7ED03EDC11}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{47520CD5-11CC-440D-A88F-195DD17D3862}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4757A887-78A0-42E8-BA2E-A6C909741011}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{47597434-58C2-48F8-9E73-81A90BB883D8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{48644440-ED1C-4B86-8F5E-EA106AE8D175}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{48AB6701-6D21-404E-A678-C901A3A4C084}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{493D16A1-94F9-40CD-9455-45C830F50031}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{495B3329-01FC-446F-A7D8-CA255E892543}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4A87C110-63AE-40C0-BFE2-087526B7A119}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4ACB9C5C-F75B-44DC-A360-4A8D63424A2F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4B10A77D-F8BD-4AFF-88A0-342B3D05CFDB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4B5F77F0-4C0E-4FF0-91BE-EC639B2B6AA8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4B86362A-67F8-4D1E-80BE-CFD4964B6C9A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4C577686-97CB-4CDD-ADD0-340DD4893A16}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4C588928-5E2A-4AF8-BF3B-F6D014077636}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4CCA9453-01C5-4D25-A6D0-A9DEDBD44E3A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4CD13F40-03BC-4745-85CC-FF86E6F29B91}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4D5045BA-AC08-4F68-AECF-5C66232633B2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4D578D7E-480D-4162-B15E-C36776BC86D3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4D631DAA-E6AF-4C15-97E4-83E91F88B94D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4DF1CDD0-DED8-446B-A202-88403692F835}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4E425BF2-A508-4BB9-9861-AFDC5828082C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4EC91941-F0E4-4F3C-A5AE-9FE152C310B2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4F85F2F9-8148-4B37-BACD-385D334C338F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{4FC3B414-B97B-4993-A283-F0AA87E2B532}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5043B967-F7A1-44F8-9248-073A20965A4C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5046327D-5B33-4E36-8C47-35B2DC926A05}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5082CB67-BA36-40E9-911D-D8835EBBDDC9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{508AF26A-3415-42B0-9491-B47FB686D3EE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{50C4548D-003A-4469-BBED-9C90EFECA149}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{515ABEEB-D029-4E71-9D73-036E14051A96}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{517B6E67-3145-4023-8E11-1FF223777025}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5216681A-773A-41A8-8379-8FD3EF4BA572}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{523F677D-CE25-4514-9C52-BABB0A9BD1A2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{52EA941D-1040-45CC-9FDC-4DB13FBDE8AD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{534FDD77-1B15-4C3B-8940-7648596D0785}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{540D9F5E-F55B-41DC-B914-4A5BDD6EAAA5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{54117943-4386-4C27-8077-DD5AC00CEAD5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{547EEBFD-5EB4-4D0F-B1DF-D1016A076DF1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5505B212-656C-4BD8-BD8E-8007CBD04844}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5550BC31-720E-4E4D-9BEC-AFEF4DDE9357}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{55998C91-426F-4A89-A108-AFC4389D5F46}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{55DD65C8-CD85-437B-B610-7539BB249B71}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{56BBE558-E7D6-4813-B2BF-FEA20559C244}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{56F62617-9747-4F05-9D6F-25B142E872B1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{570188BC-3330-4CC0-B6E4-EAA9AB21E579}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{575EECA6-AB5C-4892-A5CF-7B9BE5027CE0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{578B05ED-50DF-4728-A2F8-80140CBC71A0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{582E85C1-622F-4F88-A541-D3C5A7C5C9F8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{58B024FC-19C5-4FBD-A481-DE6117C4E429}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5906BCF4-EF5C-4269-A2BD-C2F7E617D3D9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{590E3B68-E66B-4825-BF17-0E715176592F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5976C7F6-11C5-42D1-871E-40E77AE2B0C0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5A0E8D26-FBA0-4179-B52C-B5720C93A1C2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5A37BA1F-077E-471F-8EDA-201726496D62}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5ACC953F-E4F3-446A-97BD-76CBD100F52D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5B752C74-FCA8-4832-A828-1C40091C0F84}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5C0E3A9E-2155-474A-A455-FE6A583503DE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5C289DA0-2BC6-4E84-BB88-68223869FF13}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5C2B596C-2136-41C4-93F3-F4FBA45708B5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5C35B4AA-8B82-4A25-B040-1C099A7A72CE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5CC324AC-D12A-41E8-9B77-096A6036CAD6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5D4D8728-24FE-470B-A9EA-AA27E27FBB62}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5D6E72A9-1D66-450A-820C-810668C5AB89}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5D775067-4783-4E18-B4BD-E6E1B0B01645}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5DB89185-E7B7-49E3-ACB0-82BB97AD8E59}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5DD1F072-D3FD-4D47-99AB-ACCFFB5130BB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5DDB1DF7-62AE-429E-8D32-C67502B9D537}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5E822A3F-3688-4FF7-856F-0237CBCDC749}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5E9FB0B4-6130-40A3-858A-88140D4A016F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5EF0A78A-A2F2-4015-B8A6-52554CB791B5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{5F2E4DAB-9A2A-468D-B450-A76C14671AD9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6106A42F-FE87-49C7-BA3E-5FB1BAAA4C91}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6212DCC2-FA01-4B1C-A6AE-815F3E73325F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{62707DFC-22B0-4BFE-87B3-B9A265A91DEA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6277498B-6835-4D62-B73A-30264944C861}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6324ACFB-A364-42DD-86CB-6FD622AE50DE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{632C3DD3-5EF7-407B-9C4B-C72B318E8820}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{63779810-D9F8-40F2-8A9D-26F8F373D4B9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{638C7B8B-F833-4A63-B7EC-30F2C556205B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{639DC56C-EE40-44A3-A6DB-48BB2C8DD6CF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{63C322B7-75B6-42EA-ACBE-EA1703ECBC26}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{64C6759B-3096-4D10-A9A5-C200CB249B12}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{650D05E0-3687-4158-BAC0-9334E3956217}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{659E5C07-5C81-422E-982F-76F0C6C76D1E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{65D55836-A0DB-46A5-A240-E6113CABA914}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{661545D1-E925-462D-9560-560C8D50B40A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{66540D99-E993-4C2D-BA73-769D07E49E15}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{666F7D52-C06C-4EB8-9475-FF0BDAC7277F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{67676AEE-3F94-481A-950E-925CD2D8EEE0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{67C5BC93-294A-4E8C-AC4B-E5E6D5C83F7B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{67C9734F-2597-4E92-81A9-FF46852A7FD8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{67E99194-9654-46FD-9FF8-3A8EF15CED4F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{67FA5660-6262-448A-AF11-3806B21A0D04}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6808C353-4089-4C70-8A13-879860EE4DB5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6857F17F-524E-4F72-AA0C-167D90479ED2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{68806340-CC99-4588-878F-655DEE88F4B3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{68911087-D8C9-4FD1-8176-7FB3C005667D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{690DEC24-DD0F-431F-AC3B-885DECE7FF81}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{69252517-1DEA-400F-8A3C-3F7A1835B784}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{69A1E622-4C95-4C17-BEE5-695CD55F2BE2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{69F19B4B-331E-4F5F-84C5-C53DCF96A956}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6A108AE6-6D3C-4ABA-9365-A5F8E044CDB5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6A5021CC-05ED-477B-9AAB-EF9EBFE888C1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6A6FC6C7-ABAB-4D97-B73F-8699C57FA03C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6AE3DA27-4673-407F-BB55-0D28F04F25A9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6B9E2290-53D3-40FB-B701-3FC59293E90B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6BAA8D6B-24E7-455A-ADB2-33EC4DCDE747}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6BD716AE-5830-4E9A-87F4-270F294B2227}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6BE5F363-6789-4B20-BD3B-491A4D635045}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6C148E6C-DC93-4CA5-84D5-445898D3BEE5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6C4238D1-4CAC-4840-9692-E339D43C2A18}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6C58DC0C-2C1B-4771-BE91-AB4E9E5DAC82}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6C7C1AF5-1113-4EBB-8811-50F98B85B30C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6CA8F7C7-5340-42E4-AC5F-EBD61A719E6B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6CCED6A0-B2C9-450E-8011-70FD7025015B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6D9A14AF-EF5C-4A00-8646-B9B7759553B9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6E6F6835-0DA0-498F-8158-6BCFF44FA87A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6E8FBA16-FF87-42C9-93E6-0C941D8DD665}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6F20DE9A-8603-48E6-BF70-064A7323E9CD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{6F3D0D9B-F9D6-49A4-B9C4-24E25497AD23}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{70086CBC-3391-4EBC-AA6D-1919E92E9A1A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{700BFF87-C148-4909-BCD5-9B11F62726B4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{701ABBDE-69E1-438E-985B-C39ED9CCF11A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{70635E2E-3AC9-42D3-8300-1ECA0609D1FE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{713D0932-9AE3-468C-8306-C7A425CFF72C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{71943708-5ED6-4391-A8BE-B215F35E104C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{71AAC8F7-4882-4757-83E5-90F10A2AF923}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{71C109E2-A418-4BEE-B413-15D02083B347}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{72154209-B80A-4C0A-BB71-762A442CFCA5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{726CD78B-EFA7-442F-B034-056011373901}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{729AADCF-1775-40D4-BBBE-7C2E6A5CBBBA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7310E0D8-FA01-4A5A-B7F8-3717FC09A9F0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{734BD171-1EC9-48CE-A88A-518D99DDAAFF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{736111D8-C526-4C93-8AA6-23B0056CEB2A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{73C86FF1-4649-4153-929F-729C4A828835}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{741BDBD1-2FE1-4CAF-AA0D-146C5F161DC0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7426E6F6-5BAA-43B1-BE15-C9EC99D6000A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{74717F6D-B55D-40C4-9E7E-D64FB8480BD8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{75229BC8-3715-4FFF-9B14-E263A0945C09}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{754965B8-6473-468F-8C75-5D2F8FF17937}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7559CF24-3668-4371-83B3-970DBB909130}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{757F9C8A-655C-4DFB-A240-1523B10D61F2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{75A4F196-B1D5-418D-8C26-6502C611AD4F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{75F06620-212C-4347-8912-A5AE9A7AFD76}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{76187244-F489-482B-AAE9-77DDABDE9B3B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7634103E-BC17-44EE-B936-FA2E47A0E9CF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{763856C6-F3CB-4C91-BFBC-85C6DD10B3CC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7682024C-18F7-4384-9279-0E9F722E81CE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{768690D4-1B4D-457A-8142-2A591BC7CD9E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{76C22769-2993-44FB-8F2D-B5D0A5AE937B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7701E32D-5FFE-4674-A8B7-96E59207552F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{77503A08-EF01-4F4F-939E-2DC9D5A957CB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{778D38F8-6ED0-4F35-A6A4-8813DE0E6509}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{779BD112-74C0-47A5-AB50-6C20B5D836A3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{77B41D72-8435-454C-B5EF-5CB9164F5AE3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{77E1E3C8-47AB-4D71-8999-BD9DDDCC4E5F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7802A612-01DF-4F27-8632-F7A80D5FB01B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{787FFA82-5444-4425-8118-FCC377F62B78}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{78B3D24A-E2C0-4373-B1CB-0A344EE622E7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{79EA3FCD-1BE8-4E2C-BDFE-6042BC2DFD5D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7A61E4E3-5D66-42CB-A767-2B928CBF05C6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7A9FEA45-3192-444A-A382-E33F9BACA2C2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7AD609F6-CCB1-4ADD-8FF8-6E0329C1A699}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7B7A6789-5DD3-4D99-A792-DEB13C85CC95}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7B7A693F-7D36-411E-A2DA-DF9DEEBBBFB7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7C165032-425A-417C-8ACA-CE867FC1403D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7C67C31E-4935-48DF-B7C3-870D18C0E8D9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7CB0095B-6212-47D3-B81F-E76DDC75AEB0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7CB3CD24-E16F-4AEC-A401-3FAB295922BC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7CF3875A-371D-4368-BF77-17F3F4219409}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7CFD64BD-1E98-42BA-915E-F18F3088DE94}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7D2983B5-CBEF-4F66-97E8-D9B8874E4D06}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7D7A45F5-CFEE-40BF-85E9-C022B40AE274}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7D9CCCAF-2FD0-4DBA-BD2D-29DE2C082F61}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7DFDDDF2-BF81-43D0-B99C-67BF9C99F4F2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7E08872D-7373-4258-8F97-636511BA5581}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7E2A72A7-13D2-47F8-83D9-982755E516D6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{7E3FB026-7DC3-4233-8AEB-4287DFDEEE41}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8002865B-0D3E-45E9-9C01-72BCF76FBF09}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{80122364-EB38-411E-87B6-DD0AC3A1F10B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{806CDC56-4779-4DCC-9BD4-884B323E4DF7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{807C06CD-A71E-436E-B7AE-DC98D00FE36C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{80E461BA-40FC-4CCE-9584-D5E47645C880}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8109271B-2708-461E-A4E1-68C5FC01FE14}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{810A1F70-4394-431D-AEE3-C346E2144885}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{814381ED-9E50-49C5-B7A5-D4037E7ABF69}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{817C13E1-21D0-47D0-8483-2E97556B7DC2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{818D50A3-02AC-4177-99F0-1CA775F7C2C9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{81A983C8-19CB-4403-82C8-163EFEE618A4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{81D1DAB0-61D1-4D67-8D93-BE43115C5887}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{81DD6869-830D-4E0D-B5AA-C429ED537228}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{81F147A7-343D-412B-BD80-C81791C78657}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8222B8E0-DD7E-456F-B621-4641C09E7CBE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{82D96C4E-61F0-4CB2-9333-E96F703CF2EB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{834EEBF2-AACA-46E0-A8A9-C15A9B416197}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{83FEBF0B-6A24-4BC8-880A-8A4B2FED855C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{842CDB28-93F1-4CAF-960D-76A222D54D3C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8450748A-1817-44F7-BB04-66AFF0979CCE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{84525B37-68A8-4AB5-B013-1B8BB37C008C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{84D833F1-5C1D-4625-8CE3-D4F523120B3C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{84FFD680-F4F9-4766-8B38-AC106993C061}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{850B3473-234B-4C22-AF11-552508C9952E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8522EEC9-B1AD-4A31-9068-40CB5C0E3EFE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{855EB1ED-EE6C-4B24-9707-AEC7CDBFF466}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8581154F-4ED3-4CDC-B733-B3BF40FB6EA3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{85916747-FD26-4AF5-96B0-21D8C8F468A3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{85EA437F-CF9C-47A3-9965-D4D6FDB0B26F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8610150F-7D4B-4A9F-A477-2869019D9403}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{862265F0-690A-4E9F-A809-28A87A7D48AC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8642F33D-D3CF-400D-832F-C6A1EFF841CD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{868C1327-03C9-4B9E-8A8D-8A440454CFC9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{86ACF132-E8B9-4ADE-9816-D2B7F0BB2853}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{876AA544-70F1-4427-B36C-81AEC5443202}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8A44C821-96C4-4DAD-B2F3-9A1C449D9F1D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8A65C481-A9D9-49BF-A34A-D9D86A9FC607}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8AE10E25-A340-4683-8E49-58B2FA39846D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8B2CB58B-462C-475D-8B16-53453CCC9E16}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8B3A1BFC-FB40-492F-8744-0BE08C6A723A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8B750D22-46AB-4BE7-AD92-A7966A508B0C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8B75ECA3-F666-4324-AEC1-3D229227E2D6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8B7626E3-1CF9-4C5B-A7AE-D4268C956E14}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8B81401F-F4E5-4E35-85D7-F0E4185EAC2B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8BC8A812-6080-4EBF-89E3-FC0D35B66C9E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8C0E143C-3F1F-45AD-98BE-30580BFED75D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8C88E408-B06F-4117-9C6B-5F625084851F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8C9629E4-B9EA-4F59-B670-5089C5514C0B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8CC21BD5-6225-48BA-AF2D-C5D79C143CFC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8D2FE5E7-492C-4334-819D-D8845DB22122}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8D3D1F64-1A31-4F84-B8FF-1B67409F80FA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8D8DA816-DC1C-4ABC-9B22-8CFA80BE5473}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8E1F43AC-FE60-4D79-9391-8F24D02719C1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8E742759-B37B-4763-8109-B8622D9298CB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8E951C32-5017-4567-AE71-97BC64A22C5A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8F71E00F-E4F5-483E-BA42-90032CC4A060}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8F7BD6A0-2BF1-4B3C-BC58-2ACFBCECF3C2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8FB2C667-96F4-4527-BAFB-DFBD3A6EB601}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{8FFBCB3A-3D12-4E77-B185-6EC1ED1C45B2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9007ABBC-6FF2-4BB8-8487-88376619B501}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{90B95132-942D-4F2F-A24E-D1CDD04CAE6E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{91965562-8262-4C30-AD11-52B38F4E271A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{91A1C7A0-245A-4EA5-924D-6E70818CECBE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{91DE2FEF-76ED-4FD5-A67A-E7F87463D246}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{91EA818B-37ED-4832-85EB-1A5694A5ECDC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{934C1EC9-E2B4-4D36-A798-2454FE838E54}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{93E76B23-DC98-4200-9D40-7A0F22505105}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{942C997A-8D66-4D3C-B3EE-D545E82287B8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9431AA7B-5C84-4B36-8E1F-87950B3539EF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{943676B0-0AF6-413F-A24B-3CCEF4C1633E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9439FFEA-E4A7-48DF-B16D-032C6B0FF26B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{947ED6C5-A521-49F4-BBF8-9A01C34062BD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9487A901-F23A-4C39-839E-656714C86E31}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{95187D3B-DAA8-4D14-9786-09ADC87BB364}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{95551082-0E3A-4CBD-B4A4-9DFEB8C7B4DD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9556538A-B5BC-4FFB-A0E8-52467D22C98E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{95758236-1362-4ABE-A1D3-4940DBB86E1E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{958CAE67-AB58-4A0B-AFED-D42876946A27}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{95A1B195-4A81-44B2-8328-A13853A340DE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{95DAEB6F-28AB-4011-A29A-4844F8E5CC5A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{964C8E5D-5469-466B-8028-7DD9AC7263D8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{966D530F-BEB1-4812-9D13-83F31478F0E0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{96DFB8FE-AA74-4A5C-877D-61CC31FA56EB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{96EE9500-2110-406C-8B29-1812C8DAD7E8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{970F6A7C-9EBC-4FD6-AFBB-3548C7FF9496}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9737109A-E14C-4621-B542-86BD496D692D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9738D988-6195-49BB-B316-C4C781908988}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{978CC28D-7487-4968-8681-4C6854078B0A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{97BFD76B-FF63-4280-97A1-FA00FDB739B2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{98A8A1E8-F8B4-4E4B-998B-2F7D079C4B0F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{98FF33D2-2FE3-4DA5-B678-7950F2C73555}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9916EA97-FCDC-49E8-A29B-9F6744509E9F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{992B16C8-F7CC-4491-9AFF-D99EC023C4F4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{995C80D4-9632-4E33-B926-015267CEA2E2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{99754FF3-1924-4CB8-B63B-6627CF43105D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{99A9A9CD-27AC-4758-94E7-591E803F4A43}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9A09CCC9-4B22-47B7-9C59-930BF34CD040}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9B10870E-3097-46B3-974C-95346391CC04}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9C2AE8F1-7F5B-450D-BC25-1796F309C5B1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9C5E5615-3B77-4366-B126-E4AA9CFE694C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9CC8D174-FF6B-45BE-84E9-556A8E263CF9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9CF748DB-ABAE-4DB5-B0B4-F6614715F433}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9D61E619-38C3-49A7-9D0E-3347F6774256}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9D8736D8-2D70-4C4A-AFDA-6FE83BFE9B96}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9DACBCED-2303-4800-B666-CBD1DBCAC1B5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9DCC058B-E39E-4AC7-8157-2927926AA49C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9DF0206B-89CB-45A4-86A8-B83EEB213D18}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9EE27B0A-A682-4176-8859-0E31E5711C9F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9EE8E482-9583-47D0-A87C-2F302A30C042}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{9F2E8FE3-8C24-41DE-ABB8-DF2E115BC965}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A07EDCB4-568A-4267-A437-944687B93220}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A140B0AD-04BA-4AB0-B925-F57D1B1076D4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A18AC677-8FE5-4E8A-9A4F-2C9E98CB347A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A197F194-AEF8-4665-808C-7A851A6FFEC4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A2533175-D46A-448A-B8D5-494A1A40D8C7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A25FF71E-DA38-4585-9F15-19670F3C6AAE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A2693348-2415-4D4F-9321-A9AB56A15B10}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A2E574CA-2A2D-4469-B6EC-976983B6FA35}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A2F9B42C-F467-4948-A6A3-8D752D40672A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A35BEA2C-D34E-47D7-B444-8D8980169AF2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A3A44427-8AE4-4995-8567-F1761F00B90C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A408AFFA-0C45-4F6B-9010-5A68AD3E5E1E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A45F6516-2005-485B-B7E5-067659FC296C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A47937C7-461D-4573-8278-D0DEF9044FF6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A4A5EB63-126C-41E9-8246-8A9AB277FD7A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A4B410D9-7EE5-41A0-8F68-8B0F2D7B5A50}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A56FDD0F-0337-4318-AB9E-4B63C20420EC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A58D5851-0399-4C3C-AC9B-9E5CF6AD4DE9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A606B227-AE1D-492C-ACFA-C4FA09DC3720}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A60C0397-0D52-4558-8D9C-08FC4F13D622}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A633535A-9C75-4EA8-9A8E-2F95E51E5425}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A648234A-FEBC-40A7-BC07-84578867D732}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A6894798-E224-4727-9A7D-96DA69B08998}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A6D27031-B41C-4330-AE1A-7B9B152D4ECF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A700E4E5-9BAB-48F7-91CF-14103DDA2DF6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A70FF2CF-1E68-4F10-92F0-8F92FD660EBE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A7522B5A-C14C-467F-ABBB-61735F457B3B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A7C1974D-A6FB-46AD-8B71-FCBF8DCBAD24}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A84D33C6-57E0-49B6-8EEF-67F34A932DCA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A86ED54A-CAAD-42A9-A068-5D1E711E715B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A89A52DF-1B94-4524-AD4E-4C4CC0BDF458}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A8ABE749-5B86-4CE9-A3F8-07B8AEBA06F1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A8FF416E-D3C1-441B-A134-58E9C162CBEB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A94EF875-DCC0-400A-A43D-605A43C82A45}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A95B1DDB-1F00-41A6-8EAC-659A063D81F1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{A9B816F4-3B84-4781-9C29-F021091A4294}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AB370D30-931C-4531-A33E-185B398FF430}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AB6D6707-83D2-4F13-B504-6CF8FAB282A3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AB750317-EB85-408B-AD4D-A594A9E37B0A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AB968AFB-3EF5-46C7-B267-5627AEB7A4D1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{ABC0F377-1146-4F8D-A2F7-4F1EA8907A42}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{ABCB4670-D52C-49BD-8381-B9EB0FFAA250}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{ABEC21EE-0E9A-48C1-94B5-207584CA0272}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{ABF3B88E-B444-43EB-AF87-67DA5C10A880}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AC2DD14E-CBD4-4C21-B136-184C92FE2694}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AC6D7004-D7A5-48AF-BB74-6216D8411500}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AD257CCE-C103-4F79-A58F-57DCAC87BCF1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{ADF08929-7312-4E82-8C54-FC48A200C253}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AE85BC34-F252-46C9-B02A-5772B3E5EEE6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AEEECE6F-217C-4801-B111-9645330ED1C6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AEF345D9-519A-4541-9319-7726A6CBA1B5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AF2194C0-BAB3-4356-9980-83680204EF24}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AF2C3F94-3244-48DC-A951-7C2994C08BCF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AF2E35F9-2288-433F-915A-22673D139F29}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{AFDE84AC-659D-4CFE-A0E6-78FBD2B528D5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B0C268E3-96B4-46CB-8A5F-7887CAEB893C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B0D69EDE-8465-4B83-92A8-0C11F3C03EA2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B13BCB00-EF40-4324-8910-14A0B5EE3586}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B16C7C7C-44AB-45AA-A8F4-CF0BCEDB6AE2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B1A989F0-A6D2-4FC9-A5CD-059C37B8C384}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B1DD525B-BFD2-4376-BB52-B78C73696794}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B1E075F8-2DA2-4441-9EB6-275A6807C139}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B1F08D0B-94CC-45CA-ACB6-A72B3C52BAE0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B21E4800-ED45-4421-9D57-0BE9475D6FDD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B22498D1-77B9-42CE-980E-2F15127A28A8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B2359CB3-6E03-4CC4-BE85-5F7DA9C21478}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B34DE5CA-1893-4C86-929A-7A35CC083687}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B37E4713-32CA-4706-8DDD-E54740C4CBE9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B3FB30B7-6FA5-4C7A-90FE-AA41336ECDFC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B40E7E4C-C7C3-45B5-A2F4-FE650579812B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B438527B-B7E8-4C7D-8AD0-713C7FAFF444}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B4E8D77E-C9FD-4963-9126-B0714625A2EC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B546E3FE-2A48-49F8-A68A-559CF4EB2C55}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B5981EF4-9FCF-45D2-911B-2E19A3B9A48D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B60A4899-09D9-4301-8F44-8CF20F971564}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B650BFF6-1EE9-421F-A37A-9893E6BB1BBA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B65BC451-A80B-44E3-BC09-48009FA5DDA3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B6E1F121-745B-4FA6-BCD1-D9F10F3066A3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B79FE621-77E2-4C6C-A60F-1B782CFFBA45}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B7B4F1B8-A4A2-46C6-A9C3-8FBF34EDC473}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B7C5253E-FD22-4843-8969-9B9E66E85F46}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B80956DA-8621-4C2E-B8DC-F4C5EAC2100D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B80AF208-2248-4823-85BF-D4BF46CE309C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B80E08C5-76AA-4C59-BAF3-2972B64F92F5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B81FF2C6-FE0F-478E-9040-DF8A390DA446}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B8667179-5A35-42C7-9710-D597844216F5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B8885F2D-FB4C-4518-83E0-A5D8DF8A6318}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B8AED3A1-6AA4-47B5-8474-8E4F4E5E5419}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B8EEC9A6-0B8C-45C6-BC91-F14071A77B80}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B9081EE2-EF35-4F21-8A0E-456F65DF2781}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{B90B072A-ABFF-4526-A9D6-9CE546CD41CD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BA7E0727-8DE6-4D46-AA12-4572DFC6CD97}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BAB763B3-CBF4-4913-A7D5-6BCE312B6FF5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BAD4B816-1963-4BEE-83EA-6208F2658F36}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BBF2BFF7-FC3D-40E6-A70D-352BE3090854}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BC295DD9-3E91-425F-B2F4-3F2B6F1FCACE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BD0C3F25-DD55-4AD0-AB08-1422BD937ED8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BD6C5D1B-09A2-43B6-AC6C-512191A4AC5D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BD7FD897-6AD1-42FF-B32D-5BE1C590F904}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BDA08EC0-AC0B-45CF-B4DE-A1241066BF55}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BE0A87EC-D7F7-47E2-8E38-4A322071E03C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BE3E2DCB-07D3-4419-BB6F-E5794581F5A8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BE529BCF-BC26-48A3-BE07-7570D0BAEB7E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BEAF6313-3C1F-4D0C-89EA-9FC0F2CB97B8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BEC33A55-6EAE-4F18-8AAD-8EFD2CAD2986}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BF1EE9E6-24FA-4269-91BA-7898DA76805D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BF217971-E6AC-4CBD-96BE-A36A3B1EB903}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{BF7B6A22-FC8A-400E-8F03-BBC92B8671DD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C0A14A3B-3530-46E8-8576-AA074D2854DF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C114A51F-636A-4087-B17E-CBBBC461755F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C1415099-B8DC-4687-BB31-15A9F3B67E1E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C148C44C-0245-4AFF-9DE0-B4D4DAB1FD83}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C1839F3A-B0D5-447F-A69E-CC9824344D1E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C1CE6638-BE4B-480E-9AC3-DE5DACC575B2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C1D7A628-5973-4F27-821F-5CF443B26B7A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C205A233-143F-48A3-88C6-40E5E380187F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C20DBE69-AD72-4B7E-8B6F-34297CA4C084}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C23C410F-E7C3-4644-B19A-DD7E1B2DF4D1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C2A954C5-A631-45FE-98DE-D3F56EFC5688}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C3512884-5D3C-4AB4-ABC1-76AB55C5E0F9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C41A9D36-3A0B-49E8-AF9D-AFC87F778F31}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C4758262-444A-4461-B42B-B6313FEAEE08}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C4CF8D83-1A53-4E01-AF82-C7930EBB4EF1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C575623F-1C54-4B3E-BB71-C4EA0278A80D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C5AA7CF1-ED57-452F-91BE-AC3707F7F0B3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C5BBB235-323F-4F0D-B46C-80141A8B2947}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C5BFDB15-3D4D-467C-A6BB-4E4137F1AFD5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C5C2646E-0867-4757-A648-477D0C5B2CF0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C5E3F6A9-149E-4A88-BA41-B579D54586C6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C605B3C8-6160-4E0E-9575-CE8E76041A41}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C6473A82-25E0-4CBF-A927-15B42EB108EE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C69BFDFC-0AFC-41F6-B839-CE444649024D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C6C14027-A4ED-4C81-9F07-5A8057A5E97D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C6E93D7A-E68B-49BE-AE22-5DA1945276A4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C6EDBFC6-899C-4FFA-8345-A17CFFF98EBE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C71E00F8-9921-4C8C-B806-123DF132DC1A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C74197C4-737A-4C5D-B666-87D07940B2E5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C7C3E42F-CD75-4DBC-86F5-DE619827E221}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C8209FF8-63D3-48D9-A208-5265850AFBEF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C82B7710-7E89-45C5-A180-CED28F172BA2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C861E396-8F6F-40C7-B353-3EF7FFF8380C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C870FC91-80E0-4260-8862-C17B871737D9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C8F2D82C-2D14-48DC-9661-9FA2FE7D9F6C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C972A1F4-225F-4C48-ABE8-46D548F26EA6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{C9E95AB9-F595-4C15-972B-CCEE5294D214}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CA0DF3A0-8F71-4589-8635-723CC5096327}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CA369210-391A-47C4-91D4-723022B89372}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CA9F63D4-17B0-436C-BD3B-6CD1A0231934}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CABE1C12-D6AE-4A3B-A302-ACAF0C99FB87}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CAFE79EF-4E8C-4CFC-ACD0-5612FF67D80E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CB21C18B-0D76-44DB-B224-FFD708EA6559}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CB270704-91F5-4C12-B1D9-4606DD77C48D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CB2BCFCB-5468-4D1E-85F2-A922E5A3FB33}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CB2F4564-75D7-4EBA-B8FF-19451BAF37C3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CB55F36C-8886-4E6F-A4B6-27266EF271BA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CC03FDBF-6CFD-40A4-B23F-5F5CDF79D93B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CC30C688-C46B-4444-93BB-F18A0BCCDBB2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CC3102F5-1C4C-4B4E-A1A8-572AB51AB3F8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CC962543-F294-4023-925B-3539B4C9E357}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CCA15864-23C4-4430-B699-6FBE69BCB503}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CD104C9D-B7D3-4D2D-8294-8680757AAB42}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CF40967F-9586-43AF-93A3-6D1F2DCEBB2C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CF8501E5-2F98-40BD-97DE-9E167224A444}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CF8D6B01-99EB-4538-954D-8F22E2BE9F6A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CFBF96B6-11C1-4BA9-9FD1-120E53D0A5A4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{CFCE658D-6252-4004-94DE-C28C33D1C3A4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D0287969-8BEB-4056-9771-145F6D64A50A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D0733EC3-2DCD-4496-8C5B-25C0B35A339B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D1B9C389-3D88-438E-BEF9-CC580901CF37}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D1BB3843-27B1-4C1B-A1C1-6C9A2CAA626A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D1E2EE53-6D0B-4EA7-A030-75B576852EE7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D239D9FF-D75A-4CED-9113-3B2727116447}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D2835197-A303-4A58-868E-061924262F20}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D31B0FFF-E90B-482F-9431-134DA8F57E15}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D347FB0D-02A8-46B6-8D89-07C493A845DE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D3E14E60-7A5D-4DAD-A3F1-D1AE1CBD5128}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D3E40CEB-F7FF-4A30-8894-264568B96E96}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D4EE98CD-712A-4993-B025-029D3D64B1B1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D5819C11-A0A5-45D5-8379-5F72B6ED870C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D61FE4EE-7D05-48CE-8349-1A76E5D3BDAB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D682BE71-EBFE-4B04-9316-70D66E9571C6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D68426E9-3230-4920-BF05-61CA1BF9BD5D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D69EED4C-ECE6-4BBE-BB1B-0A5865E4CE90}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D70AA77F-0756-4CC8-9982-E526B3AD70BD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D743E688-E4F3-4981-8F18-6AF239883C39}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D74EE0A1-CF2D-4B66-8E17-1623522B4C2F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D7D546DC-4CC2-4F6E-BBE6-54158E0E912E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D7EB438E-1CBB-471F-BEB6-1A2928E49D18}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D8325BCE-213C-423D-9E11-2E420BC6CAF2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D99D9B94-49F4-4873-B4CE-FF9E85F80D67}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D9C092C1-E497-4090-8801-3D6FC86DA435}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{D9D6FC9A-AD93-42BF-A443-4A751737FB4E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DA24D66D-E4E1-45FE-B503-2CD9A660F483}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DACC2AFC-015D-46CC-9243-C4CBE6B7CD6C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DACCD880-1588-45FA-AA14-559DF9F6289C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DB7457AC-6169-4325-B369-BFB474A42FA5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DBB3A81A-0A2A-4B9A-8EE8-F1017238BDCA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DBB45B6A-ED92-4E45-A82C-1F55CBB0FAC7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DBE343D6-BDB1-44F1-B8D9-FB58ADDABEF3}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DCAA623A-57BE-45C6-8E13-4BD7C695BB1A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DCDC78A5-D4C6-4260-9D3B-C323A988C546}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DD0A8BAB-40F4-4399-9EF6-EF8E1ECFF3B9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DD177F72-AA28-4580-B099-E4F1C8DBEB35}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DD36A7B6-E6D9-48B7-9F72-61DBFFACFBB9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DD81EC80-DF07-49F0-915E-9FB68B252990}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DD9363ED-AA04-4B22-820E-CE86706D7543}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DDBA7187-960E-4678-9C82-7F1058527804}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DDCE21C5-D760-4603-9AF6-FAFA16F68FF9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DE347EE0-3B3E-4788-8D51-2217522ACF35}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DE4DAAC8-559D-4ED9-A6B5-507482846760}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DE7A41BA-BE9E-4A4A-A8BD-9163F9FC93CE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DF34FF09-6EFD-4DAD-8BCF-368E07BEC214}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DF448996-1241-4261-9A08-526820A5F5E5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DF6782F3-DC04-40F9-880F-3D5070E376EE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DF6DDD00-04EB-441D-8CEE-ABA15F540E33}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DF74D9AF-B17C-4F2B-A71C-A1857D074439}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DF7B7B4C-E326-4806-95A4-E0367A4913FF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DFA55ADF-D4C2-4F81-9196-CEBEF78D4116}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DFB34C57-5EFE-471E-B24B-D2B37D5D77C6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{DFFB53D0-77C2-49AD-8629-34FA4BF8ED33}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E0077A66-1D39-485A-893C-2A4CD8CB9CA2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E081612B-328A-4E37-A55E-AF1B35934180}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E0BC2A9C-523A-49C1-BC8A-7E5348672ADF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E0DB0163-79CA-481C-AA0E-499C61C18433}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E15C5258-356D-40D2-B06F-B3104DCC5CB2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E1A00AC8-D49F-4AAD-A2A1-601F3DC2AF31}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E1E366E4-EA86-41F8-9B0D-CA9B17B8EBDD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E210D78D-4FB0-4DE1-A151-15E49D2A08A7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E2D8BAEE-6261-435D-ACEE-AF51E8DB6A20}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E2FE4F43-4D1B-404B-837F-8BEFC3E91C12}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E325AFE3-28E5-42A8-BC4F-8D87572382FE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E392E359-9ACE-443E-9285-48DF76C7690B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E3F65324-EFC9-40C7-93DA-0945E3B2BC2D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E405F666-BB49-43DC-8619-2624DDEBFC69}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E40CC29F-AB5E-4B07-812E-999230EDB5A1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E4C5FFC7-14FE-4EA7-B1C4-480CFDEA716A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E4CD579D-624E-40C0-A917-B32E91DEC3A5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E4CF910E-9563-4A40-BD4B-7CA04BE72701}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E513FE32-DDA5-4E69-8684-A6CDD7FA75A2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E59D2A76-6E67-4AC3-87C4-FABF4ABCEF70}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E5B6023B-3AFD-4963-B1A3-9834B1C80067}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E6530C19-E940-4FB6-BD53-30145A894E8A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E6CB473B-3E77-4730-BAF9-D122824B45BC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E7190D37-AA3F-4D71-A38E-C98922454B2A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E753E86F-A331-42CD-BA9B-9BCA51FE5D36}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E77E32F0-84CC-4A80-83F7-8A2C7594041F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E792B155-F66B-4FD0-9B15-8F71B5830976}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E7BB2F77-56FA-405A-BC8E-DFE7DCB6706D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E7E5CC8F-8250-402A-B3EF-29024D236B8C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E8046BDF-D29E-4834-8B33-F1CD7521973E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E84B8E86-7B4C-44D1-8D73-A40D598BD9F4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E896AAE5-7268-41EC-9BB1-3B7A888CA20A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E89E021D-EC14-4385-B61B-7C770F37281D}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E8B35BDF-384E-4680-A5DC-35E2EB17276A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E8C7C372-F582-4F32-8C5F-3EE645B9B805}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E8F35104-EF83-41D8-8A44-C7AC5DD1B600}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E93F4F6E-5EFD-412F-92E6-A9564311E795}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E945A6A2-A42D-4A6C-9DAD-3188D1F2EB45}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{E99C06BF-B703-4BD0-A36A-6B0902F8C70F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EA13F108-6653-4EC4-94B3-623FF2413817}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EA5DE00C-B7B6-4925-941C-739B291371ED}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EA6F2BB1-F817-4E88-B741-7466C3D54887}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EAA2A6FA-27D9-4E5A-B948-8FAB32602C65}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EB147284-F4D7-4303-B456-2FF7771B98CA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EB58D718-5375-43A6-A69C-BDA28ED83468}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EB58ECDA-1DDB-4283-859B-5A2335620FF0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EB9EB09E-513A-4B02-87FB-DCF0D6C78C08}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EBAF749B-17A7-4D4E-A890-E3E8857FE795}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EBE38F69-730D-436E-BE24-52810A8034F8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EC41B880-5FCD-4822-A819-F9ACE7526955}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EC456F80-1225-4E51-88EC-A51D51E94252}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EC9A1720-E563-4EFE-BF89-A40733D473FD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{ED76A74B-7EB0-463D-80A0-CCD8CB1B24C4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{ED9D50FA-ED45-4C2D-A97C-25E71CFFC206}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EDBAECF7-B04E-4F02-9A05-DDC52CD4B7CD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EE75FB14-031C-4CF9-8F0B-2CD94F183929}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EEBD5628-DB17-4CDC-9706-1B3F8C92E747}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{EF917151-85F1-4D0F-846B-D66CAD44681C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F0EC0EE1-CF47-4800-B521-901B8D2249F4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F1069E2A-4AF5-470F-A7FC-A639B286B56A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F18C7DB9-027B-45CC-9292-1FA72BB3680A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F26C7B34-CC39-44C0-AB60-4F9B0FE11195}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F2AD2A6A-9A5F-4432-AB1C-253FC8AC7EE6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F3226CC0-43EA-47FD-ACF0-B481FCA8E253}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F342D198-ED60-4BE7-B0A5-C6C4C645ECAD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F3B65156-E903-4D24-8BAA-0426B3D68D39}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F3D0EF72-9CC1-4399-8D3A-886E801C784E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F421E764-7ED4-4F2E-9040-FAA4CF5F9863}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F4886988-5698-4D8C-8C9F-E1CBEBC127F9}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F48FA3B6-9CC5-486C-8A09-FD2ED11140B6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F4B1A908-FD68-4973-A6F1-00F3E1C70CA2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F547E637-C6ED-454F-A00E-5A086AD36553}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F5851EBB-0903-4162-B5F7-72AA6F57AB69}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F5B4F5DA-6682-45DC-9434-CB285049611E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F5D39D0A-EB45-4E81-AB05-89B999CAF0DE}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F5FF12FF-B37D-4A17-8306-6D3297A659B1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F60A1179-F19E-446F-8663-7A4D52FA9BCD}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F60A3625-38C7-4DF3-B2F3-536263D97D47}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F6FA1A60-1E32-4B76-BAF7-39FA48AFBE22}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F7B0A7E7-3DE7-4ED7-A85F-ABED7CFF3222}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F7BF7642-18DB-49D1-88E1-85A0C95FA4F1}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F7FE825D-08BC-45A5-B5C3-85C6FD8B2718}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F8A575B5-C14A-475E-89AD-57AFC6616A97}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F8C9973B-1670-4C6E-8138-A1BC02ABA248}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F8D32DA2-4F17-4777-846F-A75C12DF4BA0}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F901CB2B-6A65-4ED5-B1CA-F25BBC6C29D4}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F912A682-2BF3-4975-89EF-D11633DEAF58}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F938050A-EFC1-4B9C-B5E8-7CF3DECD8AA6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{F9EDFF30-631F-4E2F-A7C4-8E6810007B6B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FA0F11D9-E53F-4B23-B972-8584658F637C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FA538ACD-3029-40D9-A608-D5764D3F7706}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FA71626C-52DA-439F-9AD3-F5301E2C5678}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FA724837-2CAA-433A-B551-1FC8FB627B74}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FA7E4208-46FF-458D-9C6E-79F1F16C8F1A}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FA80A51C-F036-4F0A-B8FA-CD6350D9928C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FA87AD7C-7625-4D4F-9ED2-DC1E507C96E6}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FAC8AF76-86E4-4AB7-8893-AAE87662DAFA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FAF3B359-1928-460D-A560-E6D33714C96C}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FB276938-F627-407B-9BDE-11DBA1F2745B}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FB29CD29-5BC8-463D-A444-50296FB3E626}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FBA59107-2D95-4B6A-A0E9-CC117A28A7FC}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FBC055FF-01D7-4E5C-A990-CB80E69A0D04}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FBFC0A47-E36F-4C2C-812B-8BAE91B9D885}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FC1567AE-A454-43B2-9F73-4195F91DF746}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FC26BAFC-6119-483E-81A0-C3092D2D65EF}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FC42EEEE-AB55-49AC-B764-35978CA8FE87}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FC47D298-BA46-4286-8FAE-8375923777D8}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FC6775C7-46CC-4C10-B65A-ABBEC139D999}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FCC6F4BA-5B05-4A69-92CC-345B05887EE5}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FCD05000-5AD9-4761-A829-94F2FE7859CB}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FD337632-64EA-4A59-AC23-0B9AD0230F5E}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FD614FAB-429D-469C-A643-D608238315A2}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FD8A9C18-9E7B-4A4C-8E09-0DABD478F898}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FDD5361A-87A2-4303-B039-1DBFBB67EEDA}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FE32DAE2-EEC0-4630-AA72-4CD13D49F98F}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FF855C66-58BC-4340-A155-A34BF8947DF7}
Successfully deleted: [Empty Folder] C:\Users\Xychor\appdata\local\{FFA5EEE8-1DBE-42E6-889C-3890068B575B}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.04.2013 at 18:29:57,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 13/04/2013 um 18:31:51 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Xychor - PC-JAN
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Xychor\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Opera v12.13.1734.0
Datei : C:\Users\Xychor\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1474 octets] - [13/04/2013 18:31:51]
########## EOF - C:\AdwCleaner[S1].txt - [1534 octets] ##########
"Exception EOLesSysError in module OTL.exe at 000584A5. Das angegebene Modul wurde nicht gefunden"  |
|
14.04.2013, 15:27
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZeuS/ZBot Telekom Warnung OTL Log files Hast du Windows nochmal neugestartet? Obwohl adwCleaner das für dich tun sollte. Starte Windows nochmal neu und probier OTL bitte nochmal
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2013, 18:24
| #15 |
| | ZeuS/ZBot Telekom Warnung OTL Log files Hallo Cosinus, Neustart ändert leider nichts an der Problematik. Derselbe Fehler mit Verweis auf das fehlende Modul. |
|
| Themen zu ZeuS/ZBot Telekom Warnung OTL Log files |
| autorun, battle.net, bho, e-mail, error, firefox, flash player, format, homepage, iexplore.exe, install.exe, log file, logfile, netzwerk, ntdll.dll, pando media booster, plug-in, pum.userwload, realtek, registry, scan, security, svchost.exe, teamspeak, telekom warnung, trojan.agent, udp, visual studio, warnung, windows, wrapper, zeus/zbot warnung von der telekom |
Linear-Darstellung
