| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Wörter sind verlinkt und führen clickcompage.infoWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.06.2013, 02:37
| #1 |
| |  Wörter sind verlinkt und führen clickcompage.info Hallo Trojaner Community, also seit einigen Tagen tauchen bei mir im Firefox immer unterstrichene Wörter die verlinkt sind und auf "clickcompage.info" führen. Ich habe mal gegooglet und bin dadurch auf euer Forum gestoßen wo jemand schonmal das Problem hatte (http://www.trojaner-board.de/131236-...pare-info.html) Außerdem denke ich das mein Laptop bzw. System schon sehr "kaputt" ist und echt lahm läuft wie ich finde. Aber am besten schaut ihr mal rüber und fragen beantworte ich selbstverständlich. Ich danke schonmal vorab! |
|
05.06.2013, 07:21
| #2 |
| /// the machine /// TB-Ausbilder    | Wörter sind verlinkt und führen clickcompage.info Hi,
__________________Logs bitte in Codetags in den Thread posten. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches OTL log bitte.
__________________ |
|
05.06.2013, 14:56
| #3 |
| | Wörter sind verlinkt und führen clickcompage.info Hallo,
__________________hier die gewünschten Logs: Code:
ATTFilter # AdwCleaner v2.301 - Datei am 05/06/2013 um 15:19:53 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : *** - ALLINONE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\user.js
Ordner Gelöscht : C:\Program Files (x86)\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\Funmoods
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\OCS
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\953db8db16de515
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\foxydeal_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\foxydeal_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\953db8db16de515
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aiennapmieppnpfhhogglccgepbdajan
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=120519&tt=gc_&babsrc=HP_ss&mntrId=BE5D485D60F91B03 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www.delta-search.com/?affID=120519&tt=gc_&babsrc=NT_ss&mntrId=BE5D485D60F91B03 --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkr4r5x5.default\prefs.js
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkr4r5x5.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
Datei : C:\Users\Karoline\AppData\Roaming\Mozilla\Firefox\Profiles\97mw3px3.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\Nathalia\AppData\Roaming\Mozilla\Firefox\Profiles\2l4ro212.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [10147 octets] - [05/06/2013 15:19:30]
AdwCleaner[S1].txt - [10026 octets] - [05/06/2013 15:19:53]
########## EOF - C:\AdwCleaner[S1].txt - [10087 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by *** on 05.06.2013 at 15:25:14,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15020DB3-2C13-45CE-85A0-49473517429A}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\***\AppData\Roaming\wondershare"
Successfully deleted: [Folder] "C:\Users\***\appdata\local\wondershare"
Successfully deleted: [Folder] "C:\Program Files (x86)\driver-soft"
Successfully deleted: [Folder] "C:\Program Files (x86)\wondershare"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\Wondershare"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"
Successfully deleted: [Folder] "C:\Users\***\AppData\Roaming\microsoft\windows\start menu\programs\free window registry repair"
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{003D5FB4-E1BE-4A15-9921-E7AD62404F2C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{018C37D4-3F21-4945-970E-3033597A1CC9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{018DD8A3-B35D-4BB8-9D99-26E44746F3B2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0248E6EA-E4B6-44A7-8712-F72A1ECFB2FC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{02626D5F-8267-406B-ADE2-C93C4A66956D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{02D0BA54-F850-4184-BE69-FDB513F6F62C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{03408923-E2FC-4AE5-BD9B-CC8E843E6945}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{04CF4C1B-4A28-436D-B96A-B805A1F4668A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{04D1E29A-3651-4B55-8FE4-9E8D18FCF682}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{05CC84B3-F22A-4EC2-94E0-117B39D6DB9B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{05FE1768-2034-477C-BA61-996715FBA7DE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{068C00D9-087C-4336-9419-F2A1AA072FF7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{071ED2F2-77A3-4C18-945B-7D5240E017C8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{07E878D2-1F5A-4AE7-9F3E-5A02AEFBA689}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{098429E9-84A8-4E02-9486-45BFF74D12A2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{09FDF758-58CD-431F-9A29-54D58BC719C4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0A09EB99-D522-4DC5-A3AE-120BB01D4C1F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0BCFB0E0-A6C4-4732-93AC-135A2249AFCD}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0CB45AD4-8756-4866-8AC2-F20D029E9377}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0DC0E4E4-7607-4DB7-A6E7-5079AF88F5C9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1127C69E-1FC9-437E-A2D6-80E671D98AB2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{117047FC-D17F-4111-AA37-FC05EC7A358B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{117B9347-AB72-429B-83A7-1EC2F43027F1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{12312565-2B2F-4343-AB39-9B455FE050B2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{13EB9D68-371C-4858-A8FC-015791AE2FD4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1472B044-F911-4F0F-AA03-4E25F0965D3B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{14F28BB2-1F5F-45E3-B36A-252194A35887}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{15192D15-1BAC-485A-B764-D169E4002FA3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{157497E6-2C68-4258-BBBA-16A7BEEB57F2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{15764ECB-6082-404F-A719-9110301BF955}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{16536B44-C527-471C-81F3-A256BD861992}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{173D57BE-FA41-4A44-9462-333DABEA60D1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{17FC2DF9-B5A7-415F-8F92-AF762372C7BB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{18347653-AFC6-45F9-990B-49E203C53CF2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{186B5FBC-915B-4A2C-B9AD-362F7759D5E9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1C1ED399-E4A2-48AD-A62E-F7450FEB9DC4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1CAB735F-BC9F-4686-9245-90897D248A15}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1D3DA493-5A57-4B10-A918-BB4F8C622EDB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1DB3CCAE-1282-45F9-82C2-CF78F93ED066}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1E83DE18-87F0-4508-BA82-967654402BDA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1FC8F110-7B1C-412F-A7E5-61F2BAC8844E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2012B69E-399C-4243-AE74-C7131A21FA9D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{20B9F91D-401A-4EA0-8CF0-B8F2B4B79654}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{20BA9AEE-2DF8-4033-A4ED-5840199DD7A4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{211B68D6-1C52-41B9-A9C3-C285C2476869}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{216708DC-1443-4DC0-9C2C-04DCCF721222}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2178A3B4-35D0-4D48-A63B-941C3BA4506A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2270904B-F1AB-4E60-BB5A-144FA6682249}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{227D6030-ABDE-4B62-B04D-95A8876FF7D9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{23CBB74F-816D-4C6D-9EB8-15F4001E8E09}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{27B99778-1406-4DEC-B648-CCEF46D88674}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2A4A15DD-B47F-489F-AF81-84B87F3912DC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2AA828D9-BA80-4F54-BD95-FB8B63D56ED3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2B51E33D-159D-4EF1-9A3D-68145AC66103}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2B8FE399-CBFE-4EBB-9E7A-0788178C4B97}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2BF5DEE8-B060-419A-9A8B-EF9161292A63}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2C93C73D-F95D-4B06-BE2A-6103693602FB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2CEFCAAE-991E-4515-83C6-1978B4702B5C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2D3934F0-3434-4266-904F-92E76454007B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2D916A54-4ADC-4DF7-A2E6-AD3C8B30348F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2DF3AA2B-6999-4916-92CF-081604FACB5C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2E1A31A1-F269-4678-9A53-3A500F29AA2B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2ED1EE90-83CE-4776-B317-2CD81814A5CB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2F392E57-1A9F-4FFB-A3EA-9266F4D778FC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{30158F86-D712-4E19-AE35-FA88D55152E5}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{30DC695D-B797-4766-83C1-BC4171A84CEB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{314F0491-6F5B-4558-B7BF-9358391718F8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{326DF591-7B8C-4EF8-B4D1-E9F5A2C01F49}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{32D0E7CF-E033-412E-BEF7-DE17150EF6F7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{32EACB49-6938-49F7-9540-3BC9F4714B40}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{337A39A0-8D56-4A4B-8E42-A9375E009806}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{33B73D0B-E9B7-4A7C-AD1E-CAC22C323390}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{34B71F4B-1E00-42AB-B6A2-29EC3813E6D8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{35194828-2109-45B2-BC6C-8204993EB8FC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{35BC2AF5-C997-433C-919B-95CF68C961C2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{368B3538-434A-4775-9EE0-36F48A19120A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{376BF0A6-C957-491C-93E7-C46604A3F6F3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{38773DC9-4205-4485-9B6F-2999BEE22EEC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3B99011B-78A7-471C-BA8C-2BA8BE1D3969}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3DAA6DC8-B6E2-4138-9F9C-2498C04B7306}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3DC56206-4CD6-4E86-B855-1C3200FE9827}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3DE3F28E-1AF7-48BA-81D1-7070967B2769}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{415D1019-2616-4CDD-9390-AAB13BEE6D75}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{429626E3-A0B2-4474-AFF2-B32629E08962}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4326816C-7FAD-4AAF-8151-DAEB47052D2A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4453E251-12EB-449C-9582-7EB6BE16B1FE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{45662186-D071-41CD-803E-DAD1E9A37D6A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{46855D4B-927D-4885-946E-A8C6547DA536}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{48556177-2AC3-462B-A2D3-F170A4AD2457}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{48DE505A-6939-469E-B5D7-BB165A92B771}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4A585780-7511-469F-BA01-CB2BF2421E66}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4BE030B0-18C3-4EF5-9EE1-694DF1C1895C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4CB8C579-6DE3-429D-9E16-3957531047AB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4DCC917C-E05D-43B0-B2F2-5FEF1E21945C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4DF2F988-9A04-44E7-8211-E78A1E7FD011}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4FBBF45C-34A5-4AE0-9022-2BB256F00758}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5275BAE8-35B8-48D9-A744-E2680FA7279D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{52E31D67-2A02-4ACD-9F03-7901F8956E49}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{543530F4-CEB2-4667-9050-3702A8CE005A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{55391B19-9790-4D0E-8EBE-55E5246437F0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{557DBC36-4AC8-4082-BADC-FEE6FECCFC47}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{56AB7D4F-E73D-4128-9040-75C4E0A652E6}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{56B9150C-CD5B-457C-8C1F-74FD2A24E19D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{56FEA971-76B0-47DC-AFAA-AB0A436951A8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{57B56D07-A15D-4721-952D-D822B1A73EB8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{58A30225-6276-466D-94F3-8BF8963E8210}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5C8A671E-FEF2-49EB-A839-01135D73DC4A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5E4DF337-DE97-488A-80FA-0EB8D2FB6810}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{600DA9E5-D83D-47ED-8AEF-881F88D729AB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6114F5E6-1CA9-43AF-B747-055388E4512F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6121A045-FDA5-45B1-A625-EC86E5AFBAD6}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{61A20F4A-5BF4-41A7-8AAD-239FCB1B477C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{62BFB6C5-C3B0-4C07-9114-B4F191285D7D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{64226638-55E5-46E9-9125-92F18F99937B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{64A8CBF1-03A1-4C0E-94E1-E1EAD9012A4E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{66B3A8CC-1A6C-4645-9764-CD4671C83FE3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{678DE034-F525-438C-89F8-1D96E2584B0E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6BF6B786-A115-402C-A2A0-0CCAA8BE057A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6D670974-1895-41AF-AF96-696CF2193289}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6F8F1B35-EB3D-4FFC-BAB7-138EFDBB0FFD}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6FD01CAF-DC15-49FF-A65D-7128DF35DD64}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{720348EB-A219-4522-A1B4-366CC906097F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{72196EB8-0926-4373-8127-0864411CC43C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{724467E9-3759-4B90-B864-1C5F8183160F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{727F16A2-E724-479D-9466-3A4F5BE36C6D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{72BB87C9-EDDA-435D-9DBE-9D327A2009AA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{72F0E2E1-B644-4943-86A3-E3B21C119629}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{746B1816-5101-4915-824B-1B47C4BB75C2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{748A6B1C-BD27-471D-9327-1C057E23A580}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{74F5B8F6-C793-42D1-9834-CA4AAF444A13}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{75E961F9-6776-4B64-A24D-1FD4F50C4A51}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{761D476A-53A3-4C88-B2F8-34CFEDB2F4C3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7642CF7F-809B-4010-88C3-59DF1FAAB4AB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{771025D0-E83B-439E-866D-7072336F7B96}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{778A0233-1B03-4FCD-9184-4D5E7738B7BF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{77EABBED-CC58-4013-933D-1BB21CD91718}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{78339BEA-7996-4C78-85C7-33F3E8332E55}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7858CFD4-5EAC-4C2B-8E1D-C3F8057BA8E1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7881FFA4-E92B-4C8C-A24E-FD253BB3E33A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{795346BD-47DB-4E30-A632-B1E491D32935}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7AE80016-513E-4BF7-A8A6-DD588C78DFB8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7AF28E62-1501-4708-B7EA-D48977DA9EA7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7B0461E8-ADC6-4BE0-9181-961ADF847194}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7BB91D83-D6AC-4823-AA7A-03BDAD88C84A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7C72FF2F-88DE-4D8B-B054-A782A712AEAE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7D48EFC5-90DD-45D0-8ABB-79038F21EA77}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7D48F20D-CA2A-471B-B00A-9829EC07DD83}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7F3583CD-FCC8-4DC5-8BED-C5510A6D7780}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7F4C8FF8-297F-4568-A216-28CA36DC3528}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7F7CD337-35DF-4390-9AE5-52F24ECB7162}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{80AC632B-AE1A-43C2-AC0A-1FCE069641AB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{82DDAF10-C15C-4DEC-8001-EAE762F74E0A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{83E63D74-06C3-43BA-A8ED-CE6EDD22BAC4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{844D33FF-799D-406C-AF7A-94999A70733A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{85968142-ADA9-4874-88AC-1D239BA5D528}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{860DCCD7-230B-49FD-8EEF-BAFA10B4C8F1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{86712237-876F-43ED-9710-2F1105C3BF6E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{868BCB1B-621C-4785-8071-F53F76F6626D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{89AB8814-601F-402A-BF57-7F26A933C227}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{89C76F71-CC70-4976-9C90-DBA8AD24F897}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{89FA9E53-1227-442B-8EFA-AD82F3861A58}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8B54B3CA-7F36-4CCC-8E35-4C18234A4A1C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8B5F49A3-3C2D-4F9C-BD17-E388BC63EAD7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8B6F92B9-BE32-41D6-96B6-472D26CCA603}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8BECFFBC-C1BC-4C06-A1BA-EADA4FF01C9E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8C3ADD6B-82EA-4C2F-AA52-1D567547DDD8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8F3A1432-D323-4F6E-A1ED-E7C610536838}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{935BBBD4-3044-444F-94BB-5A50F46C9365}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{935F7391-54AE-45B3-B949-759FD3C1BB7C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{93664E58-45CF-43D5-9067-2F7686B052A2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{94C960A6-4FAB-4F6D-A5A4-BC91EC93D1C3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{94E96791-E766-4D70-937D-877EFED176D4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{95D9C245-734A-4A59-93AE-8D6F18081D03}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{96D5B046-CE85-49B4-8017-DDDF980A02FE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{96EB2645-3EB9-4A77-A775-A009930B2890}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9A7B1AD5-524F-4C8A-BB93-4F22674668B7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9A999232-77CA-429F-84CA-A741DE1D7869}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9AA44DE1-1973-46EF-B503-FE2176C9B7EB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9B4FBA3E-9B90-459D-BE74-5750D59B01CB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9C019581-515E-42D1-A1AF-B33C6B8ADF13}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9C325FC0-6FD7-4452-8F22-2D8A2E7FA61B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9CB8BA2E-F373-47B1-852C-1B8F52496101}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9D167C66-F0E7-419B-AFC6-6AC235D942F2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9E3BAB5E-EA2A-477D-97BC-5E53AD8A391B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9EA8506F-5BFC-496A-94DE-9FA192A80076}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9EAC7BDA-FEBD-4CED-8351-237FB89083A6}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9EB4AB50-0D4F-4AE8-B395-4B5DC976923E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9F13BCAA-638C-4CC9-87AD-737F82A1D539}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A13E0416-3331-4AED-82ED-C2910B2F1216}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A16C1665-6F0D-4081-840B-B9AC5E4B009B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A1E913A8-C6FC-4F76-BD3A-8ED6A1D7181C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A49FFA7F-78E6-45CB-B3C6-3D2F6C266627}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A4A10244-AEC5-4B34-BA5E-2084AAA0F577}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A5465C28-2131-48B0-9039-AB1D3D9697F7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A642D8D9-81AD-4E5D-9FE6-581404E5E1E7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A888B43B-D2B6-4ADC-BFD5-416101CEDD59}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A963F9A6-6F01-4F80-8EC9-8BB3EB8CC8CE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AC97F2ED-C3E5-4158-B723-3033956C8658}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{ACBD3F99-948A-4DFF-A9D8-574A827444A1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{ADC23AB5-20CE-4729-A4B4-8AC38FB44449}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AE6D8B9B-9919-496C-A0C3-B8DB59AFFD70}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AF4147DB-15D8-4B94-A7EF-8C0DA18FF8B4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AF87AD91-C969-412B-8BFB-07F7EBF13E40}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B02B6F74-B77D-4129-86C1-1F3020F2BC61}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B164E96A-1446-4714-AB6B-D4DB8C49D444}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B274D0CA-F128-4991-9C55-7C2C1F8FAA2E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B2C170A8-8F2E-4E05-80A0-F823018FE508}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B33138A6-A64D-43D7-A547-A89345055871}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B3358171-27E1-4E55-B1AD-55C51E95A663}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B5668ECF-91D4-4B42-8020-66AFDE2966D1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B6D06B74-9FB0-4764-8884-A714966D3D29}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B8D1907B-F1B2-48EE-886B-7B96F3BDB232}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B963B92D-BA4E-490A-A45A-AF978A629BA3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B971B8D0-35DE-4DE2-99CD-D5E3429C4566}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B9B4270F-7D26-4056-A56E-E892E2ABF9AB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BBA3E21A-092A-466F-A4CF-28A801DB3283}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BBA5B797-7161-43C2-A600-165F054B6700}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BDD31003-2093-4F03-89EE-7E45E8C71633}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BF068B76-C733-4A64-8B3C-3AC896AA2BEB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BF4C5566-5B4A-44BC-9716-139B0A791B16}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C07D460B-BBDA-4205-A83A-2A5F8E651918}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C141C8ED-55A3-42E1-8E81-4D48F3888FB3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C3642FBB-4984-42F2-94F1-7D086C1B9CD8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C4240766-CC7F-4195-9AE9-CAB5010B7BEE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C56F14C8-2116-4913-89BF-2BD865C097A4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C6ACEE70-FBE1-46BE-910F-5809F28E4CBC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C6F2F72C-3BAD-49C1-9725-363080D1C964}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C6F361F8-B7DD-498B-8785-36BF4E0B660B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C96622BA-A4D2-4A8B-BEAA-0C1A6A8EC5E0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CB542A4B-0A93-4FB9-B8B8-7CF9A328E734}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CBE55852-3B80-4219-9CF5-AB5B6B42CF02}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CD6F540D-A869-43A7-8302-1050ED19647A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CFCE7CA1-FDE2-47F0-B31D-56C73CAA6919}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D186E041-0AAE-48F0-84A2-B7EA4A2DA87E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D22625D8-28CF-427B-9CB5-5746A52455A1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D318D942-BCE5-45DF-8A2C-7AA8955E2FC0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D37CC3F4-D1CF-4E0F-8DCF-0E2E730A5BE6}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D3D2E4A9-85EB-4E6D-823C-77560834E932}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D497C0EB-29DF-4708-BC7D-BEE1B74A6118}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D52B7459-4C0D-4C3A-9ADD-D705ABAD4CCA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D532F912-02F2-4A9D-8BE7-439CDE28BE88}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D7475FA7-7B48-44ED-8F27-ECDE6FF22F69}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D7F0B87A-8A4B-4D68-948E-016625263305}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D84558AB-F3DB-4D6B-B047-1BA1F60C8218}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D86C7785-85F0-497B-8E94-1C195964503B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D9289455-342A-4EA7-884D-C83A15DC08B4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DD033A65-6122-416E-9F14-74D6815A8DEF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DD69D6A2-78AE-490C-95DA-99DCF0E5FBDC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DF8133FC-83CC-42D9-9F60-ABCAC1DD2DED}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E2CB42B2-EB9A-4A8D-81F9-1F632C0B5747}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E51828AA-C236-4CD2-98B2-B44576CD31F2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E5776163-CBE4-414E-80E8-EB23C3B98386}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E595FF95-C0B0-48E4-8A30-FF0C9E848CDB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E6CA256E-5362-4F92-B346-849128D5F30C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E727F44D-6EB9-43F6-AF1F-233FA2049548}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E7784DDD-C67D-4215-9A16-83A17532AAF5}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E7E30C8A-8AD1-4965-9A1C-4A5CD1835A8C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E8573A95-846C-4409-8491-28D751C9C5E1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{EBD85B22-ED6F-4E8A-8DA7-8AFB756C90D5}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{EE147558-8A45-4349-9603-86D69C6B8EF1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{EE1F6786-0470-476C-8EA2-FDB9C9591546}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F32F7511-71F6-4B95-8D70-516342EF8C90}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F52D8443-858F-44EC-AD6C-7857F4A8F179}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F566D3F8-E207-4072-8D13-9AC13C9CB23B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F5B4188A-E7AE-4DDE-B171-B805D6CE1536}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F7DAEA3E-C852-47F0-86FD-0F046DA65E04}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F7FFA869-3838-4267-93A4-46994BAEB87D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F837BBA7-8E9F-4CCB-96C8-7CB8D1F5E877}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F8447E64-1663-49FA-888A-4EE65FC9CAD3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F86CC139-D200-4C54-874F-52941A35C443}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FA949F28-8F1B-4A65-A8D9-89104934ADC2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FACC0D2F-4276-44F9-BB50-EC05A1EF7125}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FB96A213-703F-4854-A9BC-966C984369E3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FC48EF84-CA23-40C3-9F4B-6DFC116E0B10}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FC759302-2EA4-4350-B455-B2396DEBA058}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FDC30ED1-BA90-45EB-B657-8C32390A8DF3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FDCD56E0-7FA0-49F8-9E40-9FD695F88CA6}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FE519669-36B5-475B-BEC2-0D4B1F30CEA8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FF1D7BDA-0506-4974-9D22-52F2B4F08106}
~~~ FireFox
Successfully deleted: [File] "C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ@jetpack.xpi"
Emptied folder: C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\minidumps [17 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.06.2013 at 15:30:49,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter OTL logfile created on: 05.06.2013 15:32:04 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,91 Gb Total Physical Memory | 4,70 Gb Available Physical Memory | 79,46% Memory free 11,83 Gb Paging File | 10,55 Gb Available in Paging File | 89,20% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 238,47 Gb Total Space | 142,71 Gb Free Space | 59,85% Space Free | Partition Type: NTFS Drive D: | 332,70 Gb Total Space | 332,45 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Computer Name: ALLINONE-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.04 23:48:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2013.05.31 22:10:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2011.05.24 06:13:05 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2010.10.07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2010.09.24 01:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Modules (No Company Name) ========== MOD - [2013.05.12 00:26:24 | 003,128,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2012.04.02 20:24:56 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll MOD - [2010.09.24 01:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Services (SafeList) ========== SRV - [2013.05.31 22:10:22 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013.05.25 03:14:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.04.19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.03.22 11:14:30 | 000,279,024 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.04.24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.10.06 06:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.10.06 06:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.15 07:53:06 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2013.03.12 20:30:22 | 000,314,016 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2013.03.12 20:30:21 | 000,043,680 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2013.03.12 16:10:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2013.03.08 20:10:18 | 005,358,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2013.01.08 11:36:20 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys -- (WsAudioDevice_383S(1) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.08.02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.07.28 17:23:46 | 000,117,888 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmnsusbser.sys -- (cmnsusbser) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.13 15:12:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.15 00:53:12 | 001,147,232 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:64bit: - [2010.09.21 18:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.08.24 11:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.08.11 08:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2010.07.26 22:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetProfile = 512100112 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 515197855 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: info%40convert2mp3.net:2.2 FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.8.307 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2 FF - prefs.js..extensions.enabledAddons: videosaver%40videosaver.net:1.114 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\***\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.25 17:07:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\videosaver@videosaver.net: C:\Program Files (x86)\VideoSaver\FF\ [2013.05.21 02:31:10 | 000,000,000 | ---D | M] [2013.05.26 04:56:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.06.05 15:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fkr4r5x5.default\extensions [2013.05.26 05:15:14 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fkr4r5x5.default\extensions\donottrackplus@abine.com [2013.05.26 05:15:12 | 000,043,066 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\info@convert2mp3.net.xpi [2013.05.30 04:20:14 | 000,534,261 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.05.26 05:02:06 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.03.07 02:06:18 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js [2013.05.25 18:39:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions [2013.05.26 04:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.26 04:56:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.05.21 02:31:10 | 000,000,000 | ---D | M] ("VideoSaver") -- C:\PROGRAM FILES (X86)\VIDEOSAVER\FF ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: https://www.google.de/ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.4_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.05.26 00:34:23 | 000,000,794 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (VideoSaver) - {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll (VideoSaver) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe File not found O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" File not found O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" File not found O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe File not found O4 - HKLM..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" File not found O4 - HKLM..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" File not found O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found O4 - HKCU..\Run: [Google Update] "C:\Users\Natascha\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found O4 - HKCU..\Run: [Internet Security 2012] C:\Users\***\AppData\Roaming\isecurity.exe File not found O4 - HKCU..\Run: [MAgent] C:\Users\Natascha\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU File not found O4 - HKCU..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28C25ED6-8158-4B44-9B8B-99F8C909CD01}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DB414DC-7A21-4D00-BBB7-BFAE29360EBD}: DhcpNameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B87F973A-B0FA-485A-9733-EB661825E3C3}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{c07c07ca-85ba-11e0-b576-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c07c07ca-85ba-11e0-b576-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe O33 - MountPoints2\{d9d79b30-c960-11e0-b7c8-f46d044c67aa}\Shell - "" = AutoRun O33 - MountPoints2\{d9d79b30-c960-11e0-b7c8-f46d044c67aa}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.05 15:25:10 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.05 15:23:56 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.05 15:16:22 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\***\Desktop\JRT.exe [2013.06.05 15:10:00 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\ASUS WebStorage [2013.06.05 04:07:38 | 002,565,392 | ---- | C] (SANDBOXIE L.T.D) -- C:\Users\***\Desktop\SandboxieInstall.exe [2013.06.05 00:03:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\gtk-2.0 [2013.06.04 23:48:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.04 19:52:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr [2013.06.04 19:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr [2013.06.04 19:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pidgin-otr [2013.06.04 19:52:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin [2013.06.04 18:35:49 | 000,000,000 | --SD | C] -- C:\Users\***\Google Drive [2013.06.04 18:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.06.02 23:49:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\1&1 [2013.06.02 23:49:54 | 000,102,400 | ---- | C] (1&1 Internet AG) -- C:\Windows\SysNative\UI_11TSP.TSP.1 [2013.06.02 17:34:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.06.02 08:28:23 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2013.06.02 08:09:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2013.06.02 08:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.02 05:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013.06.02 05:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013.06.02 00:27:45 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2013.05.31 22:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2013.05.31 21:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GBoost [2013.05.31 21:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GBoost [2013.05.31 21:28:46 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Battlefield 3 [2013.05.31 21:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2013.05.31 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2013.05.31 21:25:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ESN [2013.05.31 21:25:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2013.05.31 21:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2013.05.31 21:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2013.05.31 21:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 [2013.05.30 22:27:39 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Szene [2013.05.29 03:34:17 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys [2013.05.28 02:00:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\LiveGBoost [2013.05.28 02:00:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\GZero [2013.05.28 02:00:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\GZero [2013.05.27 17:02:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.05.27 17:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.05.27 17:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.05.26 15:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.26 04:56:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.05.26 03:03:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apps [2013.05.25 18:39:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\player [2013.05.25 18:10:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends [2013.05.25 18:10:02 | 000,000,000 | ---D | C] -- C:\xampp [2013.05.25 02:27:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\All Data [2013.05.25 01:58:08 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Muzik [2013.05.23 02:58:09 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\My Games [2013.05.23 02:57:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten [2013.05.23 02:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sauerbraten [2013.05.23 02:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sauerbraten [2013.05.22 18:47:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft Help [2013.05.22 18:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.21 20:18:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\InfinityWar [2013.05.21 03:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2013.05.21 03:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2013.05.21 02:37:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2013.05.21 02:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2013.05.21 02:37:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Notepad++ [2013.05.21 02:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++ [2013.05.21 02:31:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\PSpad [2013.05.21 02:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoSaver [2013.05.21 01:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.05.21 01:28:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.21 01:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.18 18:55:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2013.05.18 04:22:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\.minecraft [2013.05.17 03:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.05 15:28:54 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.05 15:28:54 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.05 15:21:26 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\VideoSaver Update.job [2013.06.05 15:21:25 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2013.06.05 15:21:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.05 15:20:58 | 467,787,775 | -HS- | M] () -- C:\hiberfil.sys [2013.06.05 15:16:22 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\***\Desktop\JRT.exe [2013.06.05 15:15:27 | 000,632,031 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.06.05 15:10:23 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.05 04:07:41 | 002,565,392 | ---- | M] (SANDBOXIE L.T.D) -- C:\Users\***\Desktop\SandboxieInstall.exe [2013.06.05 04:00:02 | 118,670,006 | ---- | M] () -- C:\Users\***\Desktop\All Data.rar [2013.06.05 02:17:33 | 563,916,730 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.06.05 02:11:04 | 000,014,910 | ---- | M] () -- C:\Users\***\Desktop\logs.rar [2013.06.05 00:15:33 | 000,000,218 | ---- | M] () -- C:\Users\***\.recently-used.xbel [2013.06.04 23:48:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.04 21:31:13 | 000,016,224 | ---- | M] () -- C:\Users\***\Desktop\Bewerbung.odt [2013.06.04 19:57:27 | 000,000,993 | ---- | M] () -- C:\Users\***\Desktop\Pidgin.lnk [2013.06.03 22:31:02 | 001,645,788 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.03 22:31:02 | 000,708,962 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.03 22:31:02 | 000,664,240 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.03 22:31:02 | 000,152,308 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.03 22:31:02 | 000,125,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.03 02:34:31 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2013.06.03 02:34:31 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013.06.03 02:34:21 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2013.06.02 08:22:55 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2013.05.31 22:10:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013.05.31 22:00:53 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2013.05.31 21:44:50 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\GBoost.lnk [2013.05.31 21:23:52 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2013.05.26 04:56:06 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.26 04:40:20 | 000,007,598 | ---- | M] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2013.05.25 03:16:36 | 000,294,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.23 02:57:42 | 000,001,961 | ---- | M] () -- C:\Users\***\Desktop\Sauerbraten.lnk [2013.05.22 02:03:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.05.19 23:44:15 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013.05.19 18:49:35 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat [2013.05.19 18:49:34 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2013.05.17 03:00:38 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.05.09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.05 15:15:26 | 000,632,031 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.06.05 04:31:16 | 000,002,062 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2013.06.05 03:59:42 | 118,670,006 | ---- | C] () -- C:\Users\***\Desktop\All Data.rar [2013.06.05 02:11:04 | 000,014,910 | ---- | C] () -- C:\Users\***\Desktop\logs.rar [2013.06.05 00:15:33 | 000,000,218 | ---- | C] () -- C:\Users\***\.recently-used.xbel [2013.06.04 20:40:18 | 000,016,224 | ---- | C] () -- C:\Users\***\Desktop\Bewerbung.odt [2013.06.04 19:57:27 | 000,000,993 | ---- | C] () -- C:\Users\***\Desktop\Pidgin.lnk [2013.06.04 19:52:28 | 000,000,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk [2013.06.02 17:34:31 | 563,916,730 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.06.02 08:22:55 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2013.05.31 22:00:53 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2013.05.31 21:44:50 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\GBoost.lnk [2013.05.31 21:23:52 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2013.05.26 04:56:06 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.05.26 04:56:06 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.23 02:57:42 | 000,001,961 | ---- | C] () -- C:\Users\***\Desktop\Sauerbraten.lnk [2013.05.21 02:31:11 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\VideoSaver Update.job [2013.05.19 23:44:15 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013.05.19 19:14:06 | 000,007,598 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2013.03.28 07:13:28 | 000,226,014 | ---- | C] () -- C:\ProgramData\1364447556.bdinstall.bin [2013.03.28 06:08:31 | 000,630,311 | ---- | C] () -- C:\ProgramData\1364443361.bdinstall.bin [2013.03.28 05:15:30 | 000,000,680 | RHS- | C] () -- C:\Users\***\ntuser.pol [2013.03.08 20:10:10 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013.03.08 20:06:46 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2013.03.08 20:06:46 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.11.14 14:07:16 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll [2012.02.05 07:41:43 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193} [2011.09.14 13:16:10 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2011.09.14 13:16:10 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2011.09.14 13:16:10 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2011.09.14 13:16:10 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2011.09.14 13:16:10 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2011.09.14 13:16:10 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2011.09.14 13:16:10 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2011.09.14 13:16:10 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2011.09.14 13:16:10 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2011.09.14 13:16:10 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2011.09.14 13:16:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2011.09.14 13:16:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2011.09.14 13:16:10 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2011.09.14 13:16:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2011.09.14 13:16:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2011.09.14 13:16:10 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2011.09.14 13:16:10 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2011.09.14 13:16:10 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2011.09.14 13:16:10 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2011.08.25 14:31:57 | 001,623,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.08.02 14:35:21 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.08.02 14:35:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.08.02 14:35:17 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.07.29 04:11:11 | 000,089,048 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.01.12 18:02:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.05.18 04:27:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft [2013.06.05 01:44:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.purple [2013.06.04 20:24:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\1&1 [2011.07.28 17:21:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Asus WebStorage [2013.03.30 05:28:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BANDISOFT [2013.05.18 18:55:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2013.06.04 20:22:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla [2013.05.31 21:44:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GZero [2012.11.15 03:00:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ [2011.07.29 03:18:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient [2011.11.25 14:06:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Need for Speed World [2013.05.21 02:38:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++ [2011.10.31 12:31:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nuance [2013.04.29 13:45:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2012.09.03 19:03:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera [2013.03.31 03:58:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Origin [2012.04.02 14:14:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PhotoScape [2013.05.25 18:42:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\player [2012.11.14 14:11:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Proxifier [2013.03.28 06:04:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan [2013.02.05 22:22:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client [2011.08.25 14:32:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP [2013.06.01 02:34:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client [2013.04.07 04:45:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2013.03.12 20:57:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft [2011.08.23 15:55:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Zeon ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC < End of report > |
|
05.06.2013, 14:58
| #4 |
| /// the machine /// TB-Ausbilder | Wörter sind verlinkt und führen clickcompage.info Sieht schon besser aus. Noch Probleme? ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches OTL log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.06.2013, 19:30
| #5 |
| | Wörter sind verlinkt und führen clickcompage.info Hallo, leider nicht, die verlinkungen sind immer noch. Hier einmal die neuen Logs: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=56fe9aa5d0d1414488037a9d77b2d4be
# engine=14005
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-05 05:56:17
# local_time=2013-06-05 07:56:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776574 66 94 42182110 122084827 0 0
# scanned=332170
# found=4
# cleaned=0
# scan_time=7297
sh=71F0B933C709F65CFA5BE0CD94776C6BE884D7D3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y1NY2USS\updatevideos_com[1].htm"
sh=1574A9C7440D9941D68F4C0E6ACCDE68063B5934 ft=1 fh=e3349bd8bc1a76dd vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\***\AppData\Local\Temp\SingAlong.exe"
sh=372BA1ACD1E57D5F185713D83B15B280945E367A ft=1 fh=41beb9eb0f94c4e1 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\***\AppData\Local\Temp\DIQM\FlashPlayer_151\software\Addlyrics.exe"
sh=82643F2F28BC11AAA3F2A1FDBABC12CB08C8B0EC ft=1 fh=86f0dd8a22aaf596 vn="a variant of Win32/SpeedingUpMyPC.B application" ac=I fn="C:\Users\***\AppData\Local\Temp\DIQM\FlashPlayer_151\software\OptimizerPro.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.64
Windows 7 Service Pack 1 x64 (UAC is enabled)
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities Language Pack (de-DE)
Java 7 Update 21
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.7.700.202
Mozilla Firefox (21.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter OTL logfile created on: 05.06.2013 20:21:06 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,91 Gb Total Physical Memory | 3,26 Gb Available Physical Memory | 55,20% Memory free 11,83 Gb Paging File | 9,44 Gb Available in Paging File | 79,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 238,47 Gb Total Space | 141,49 Gb Free Space | 59,33% Space Free | Partition Type: NTFS Drive D: | 332,70 Gb Total Space | 332,45 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Computer Name: ALLINONE-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.05 16:04:37 | 000,890,839 | ---- | M] () -- C:\Users\***\Desktop\SecurityCheck.exe PRC - [2013.06.04 23:48:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2013.05.31 22:10:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2013.05.25 03:14:50 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe PRC - [2013.05.12 00:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.05.05 19:59:06 | 001,716,224 | ---- | M] (Don HO don.h@free.fr) -- C:\Program Files (x86)\Notepad++\notepad++.exe PRC - [2013.04.19 15:19:04 | 018,678,376 | R--- | M] (Skype Technologies S.A.) -- C:\Users\***\Desktop\Skype.exe PRC - [2011.05.24 06:13:05 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2010.11.20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe PRC - [2010.10.07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2010.09.24 01:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Modules (No Company Name) ========== MOD - [2013.06.05 16:04:37 | 000,890,839 | ---- | M] () -- C:\Users\***\Desktop\SecurityCheck.exe MOD - [2013.05.25 03:14:49 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll MOD - [2013.05.12 00:26:24 | 003,128,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013.05.06 01:15:12 | 001,392,640 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\DSpellCheck.dll MOD - [2012.04.02 20:24:56 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll MOD - [2011.09.21 22:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll MOD - [2011.07.18 23:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll MOD - [2010.09.24 01:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Services (SafeList) ========== SRV - [2013.05.31 22:10:22 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013.05.25 03:14:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.04.19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.03.22 11:14:30 | 000,279,024 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.04.24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.10.06 06:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.10.06 06:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.15 07:53:06 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2013.03.12 20:30:22 | 000,314,016 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2013.03.12 20:30:21 | 000,043,680 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2013.03.12 16:10:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2013.03.08 20:10:18 | 005,358,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2013.01.08 11:36:20 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys -- (WsAudioDevice_383S(1) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.08.02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.07.28 17:23:46 | 000,117,888 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmnsusbser.sys -- (cmnsusbser) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.13 15:12:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.15 00:53:12 | 001,147,232 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:64bit: - [2010.09.21 18:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.08.24 11:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.08.11 08:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2010.07.26 22:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetProfile = 512100112 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 515197855 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: info%40convert2mp3.net:2.2 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2 FF - prefs.js..extensions.enabledAddons: videosaver%40videosaver.net:1.114 FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.520 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\***\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.25 17:07:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\videosaver@videosaver.net: C:\Program Files (x86)\VideoSaver\FF\ [2013.05.21 02:31:10 | 000,000,000 | ---D | M] [2013.05.26 04:56:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.06.05 17:53:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fkr4r5x5.default\extensions [2013.06.05 17:53:44 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fkr4r5x5.default\extensions\donottrackplus@abine.com [2013.05.26 05:15:12 | 000,043,066 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\info@convert2mp3.net.xpi [2013.05.30 04:20:14 | 000,534,261 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.05.26 05:02:06 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.05.25 18:39:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions [2013.05.26 04:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.26 04:56:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.05.21 02:31:10 | 000,000,000 | ---D | M] ("VideoSaver") -- C:\PROGRAM FILES (X86)\VIDEOSAVER\FF ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: https://www.google.de/ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.4_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0\ CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.05.26 00:34:23 | 000,000,794 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (VideoSaver) - {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll (VideoSaver) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe File not found O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" File not found O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" File not found O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe File not found O4 - HKLM..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" File not found O4 - HKLM..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" File not found O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found O4 - HKCU..\Run: [Google Update] "C:\Users\Natascha\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found O4 - HKCU..\Run: [Internet Security 2012] C:\Users\***\AppData\Roaming\isecurity.exe File not found O4 - HKCU..\Run: [MAgent] C:\Users\Natascha\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU File not found O4 - HKCU..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\PrxerDrv.dll (Initex) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28C25ED6-8158-4B44-9B8B-99F8C909CD01}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DB414DC-7A21-4D00-BBB7-BFAE29360EBD}: DhcpNameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B87F973A-B0FA-485A-9733-EB661825E3C3}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{c07c07ca-85ba-11e0-b576-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c07c07ca-85ba-11e0-b576-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe O33 - MountPoints2\{d9d79b30-c960-11e0-b7c8-f46d044c67aa}\Shell - "" = AutoRun O33 - MountPoints2\{d9d79b30-c960-11e0-b7c8-f46d044c67aa}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.05 16:03:59 | 002,347,384 | ---- | C] (ESET) -- C:\Users\***\Desktop\esetsmartinstaller_enu.exe [2013.06.05 15:25:10 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.05 15:23:56 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.05 15:16:22 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\***\Desktop\JRT.exe [2013.06.05 15:10:00 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\ASUS WebStorage [2013.06.05 04:07:38 | 002,565,392 | ---- | C] (SANDBOXIE L.T.D) -- C:\Users\***\Desktop\SandboxieInstall.exe [2013.06.05 00:03:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\gtk-2.0 [2013.06.04 23:48:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.04 19:52:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr [2013.06.04 19:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr [2013.06.04 19:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pidgin-otr [2013.06.04 19:52:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin [2013.06.04 18:35:49 | 000,000,000 | --SD | C] -- C:\Users\***\Google Drive [2013.06.04 18:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.06.02 23:49:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\1&1 [2013.06.02 23:49:54 | 000,102,400 | ---- | C] (1&1 Internet AG) -- C:\Windows\SysNative\UI_11TSP.TSP.1 [2013.06.02 17:34:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.06.02 08:28:23 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2013.06.02 08:09:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2013.06.02 08:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.02 05:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013.06.02 05:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013.06.02 00:27:45 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2013.05.31 22:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2013.05.31 21:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GBoost [2013.05.31 21:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GBoost [2013.05.31 21:28:46 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Battlefield 3 [2013.05.31 21:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2013.05.31 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2013.05.31 21:25:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ESN [2013.05.31 21:25:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2013.05.31 21:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2013.05.31 21:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2013.05.31 21:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 [2013.05.30 22:27:39 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Szene [2013.05.29 03:34:17 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys [2013.05.28 02:00:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\LiveGBoost [2013.05.28 02:00:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\GZero [2013.05.28 02:00:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\GZero [2013.05.27 17:02:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.05.27 17:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.05.27 17:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.05.26 15:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.26 04:56:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.05.26 03:03:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apps [2013.05.25 18:39:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\player [2013.05.25 18:10:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends [2013.05.25 18:10:02 | 000,000,000 | ---D | C] -- C:\xampp [2013.05.25 02:27:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\All Data [2013.05.25 01:58:08 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Muzik [2013.05.23 02:58:09 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\My Games [2013.05.23 02:57:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten [2013.05.23 02:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sauerbraten [2013.05.23 02:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sauerbraten [2013.05.22 18:47:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft Help [2013.05.22 18:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.21 20:18:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\InfinityWar [2013.05.21 03:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2013.05.21 03:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2013.05.21 02:37:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2013.05.21 02:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2013.05.21 02:37:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Notepad++ [2013.05.21 02:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++ [2013.05.21 02:31:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\PSpad [2013.05.21 02:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoSaver [2013.05.21 01:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.05.21 01:28:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.21 01:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.18 18:55:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2013.05.18 04:22:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\.minecraft [2013.05.17 03:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.05 20:10:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.05 17:58:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.05 17:58:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.05 17:51:57 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\VideoSaver Update.job [2013.06.05 17:51:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2013.06.05 17:51:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.05 17:51:06 | 467,787,775 | -HS- | M] () -- C:\hiberfil.sys [2013.06.05 17:33:18 | 561,898,012 | ---- | M] () -- C:\Users\***\Desktop\sommer_2011.rar [2013.06.05 16:04:37 | 000,890,839 | ---- | M] () -- C:\Users\***\Desktop\SecurityCheck.exe [2013.06.05 16:04:02 | 002,347,384 | ---- | M] (ESET) -- C:\Users\***\Desktop\esetsmartinstaller_enu.exe [2013.06.05 15:16:22 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\***\Desktop\JRT.exe [2013.06.05 15:15:27 | 000,632,031 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.06.05 04:07:41 | 002,565,392 | ---- | M] (SANDBOXIE L.T.D) -- C:\Users\***\Desktop\SandboxieInstall.exe [2013.06.05 02:17:33 | 563,916,730 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.06.05 02:11:04 | 000,014,910 | ---- | M] () -- C:\Users\***\Desktop\logs.rar [2013.06.05 00:15:33 | 000,000,218 | ---- | M] () -- C:\Users\***\.recently-used.xbel [2013.06.04 23:48:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.04 21:31:13 | 000,016,224 | ---- | M] () -- C:\Users\***\Desktop\Bewerbung.odt [2013.06.04 19:57:27 | 000,000,993 | ---- | M] () -- C:\Users\***\Desktop\Pidgin.lnk [2013.06.03 22:31:02 | 001,645,788 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.03 22:31:02 | 000,708,962 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.03 22:31:02 | 000,664,240 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.03 22:31:02 | 000,152,308 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.03 22:31:02 | 000,125,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.03 02:34:31 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2013.06.03 02:34:31 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013.06.03 02:34:21 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2013.06.02 08:22:55 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2013.05.31 22:10:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013.05.31 22:00:53 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2013.05.31 21:44:50 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\GBoost.lnk [2013.05.31 21:23:52 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2013.05.26 04:56:06 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.26 04:40:20 | 000,007,598 | ---- | M] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2013.05.25 03:16:36 | 000,294,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.23 02:57:42 | 000,001,961 | ---- | M] () -- C:\Users\***\Desktop\Sauerbraten.lnk [2013.05.22 02:03:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.05.19 23:44:15 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013.05.19 18:49:35 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat [2013.05.19 18:49:34 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2013.05.17 03:00:38 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.05.09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.05 17:31:08 | 561,898,012 | ---- | C] () -- C:\Users\***\Desktop\sommer_2011.rar [2013.06.05 16:04:37 | 000,890,839 | ---- | C] () -- C:\Users\***\Desktop\SecurityCheck.exe [2013.06.05 15:15:26 | 000,632,031 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.06.05 04:31:16 | 000,002,062 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2013.06.05 02:11:04 | 000,014,910 | ---- | C] () -- C:\Users\***\Desktop\logs.rar [2013.06.05 00:15:33 | 000,000,218 | ---- | C] () -- C:\Users\***\.recently-used.xbel [2013.06.04 20:40:18 | 000,016,224 | ---- | C] () -- C:\Users\***\Desktop\Bewerbung.odt [2013.06.04 19:57:27 | 000,000,993 | ---- | C] () -- C:\Users\***\Desktop\Pidgin.lnk [2013.06.04 19:52:28 | 000,000,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk [2013.06.02 17:34:31 | 563,916,730 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.06.02 08:22:55 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2013.05.31 22:00:53 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2013.05.31 21:44:50 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\GBoost.lnk [2013.05.31 21:23:52 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2013.05.26 04:56:06 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.05.26 04:56:06 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.23 02:57:42 | 000,001,961 | ---- | C] () -- C:\Users\***\Desktop\Sauerbraten.lnk [2013.05.21 02:31:11 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\VideoSaver Update.job [2013.05.19 23:44:15 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013.05.19 19:14:06 | 000,007,598 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2013.03.28 07:13:28 | 000,226,014 | ---- | C] () -- C:\ProgramData\1364447556.bdinstall.bin [2013.03.28 06:08:31 | 000,630,311 | ---- | C] () -- C:\ProgramData\1364443361.bdinstall.bin [2013.03.28 05:15:30 | 000,000,680 | RHS- | C] () -- C:\Users\***\ntuser.pol [2013.03.08 20:10:10 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013.03.08 20:06:46 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2013.03.08 20:06:46 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.11.14 14:07:16 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll [2012.02.05 07:41:43 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193} [2011.09.14 13:16:10 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2011.09.14 13:16:10 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2011.09.14 13:16:10 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2011.09.14 13:16:10 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2011.09.14 13:16:10 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2011.09.14 13:16:10 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2011.09.14 13:16:10 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2011.09.14 13:16:10 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2011.09.14 13:16:10 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2011.09.14 13:16:10 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2011.09.14 13:16:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2011.09.14 13:16:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2011.09.14 13:16:10 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2011.09.14 13:16:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2011.09.14 13:16:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2011.09.14 13:16:10 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2011.09.14 13:16:10 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2011.09.14 13:16:10 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2011.09.14 13:16:10 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2011.08.25 14:31:57 | 001,623,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.08.02 14:35:21 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.08.02 14:35:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.08.02 14:35:17 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.07.29 04:11:11 | 000,089,048 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.01.12 18:02:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.05.18 04:27:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft [2013.06.05 17:30:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.purple [2013.06.04 20:24:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\1&1 [2011.07.28 17:21:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Asus WebStorage [2013.03.30 05:28:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BANDISOFT [2013.05.18 18:55:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2013.06.04 20:22:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla [2013.05.31 21:44:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GZero [2012.11.15 03:00:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ [2011.07.29 03:18:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient [2011.11.25 14:06:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Need for Speed World [2013.05.21 02:38:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++ [2011.10.31 12:31:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nuance [2013.04.29 13:45:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2012.09.03 19:03:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera [2013.03.31 03:58:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Origin [2012.04.02 14:14:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PhotoScape [2013.05.25 18:42:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\player [2012.11.14 14:11:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Proxifier [2013.03.28 06:04:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan [2013.02.05 22:22:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client [2011.08.25 14:32:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP [2013.06.01 02:34:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client [2013.04.07 04:45:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2013.03.12 20:57:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft [2011.08.23 15:55:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Zeon ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC < End of report > |
|
05.06.2013, 20:02
| #6 |
| /// the machine /// TB-Ausbilder | Wörter sind verlinkt und führen clickcompage.infoFixen mit OTL
Code:
ATTFilter :OTL
FF - prefs.js..extensions.enabledAddons: info%40convert2mp3.net:2.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2
FF - prefs.js..extensions.enabledAddons: videosaver%40videosaver.net:1.114
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.520
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
[2013.05.26 05:15:12 | 000,043,066 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\info@convert2mp3.net.xpi
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.4_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
:Commands
[emptytemp]
__________________ --> Wörter sind verlinkt und führen clickcompage.info |
|
05.06.2013, 20:15
| #7 |
| | Wörter sind verlinkt und führen clickcompage.info Hallo, hier der Log: Code:
ATTFilter All processes killed
========== OTL ==========
Prefs.js: info%40convert2mp3.net:2.2 removed from extensions.enabledAddons
Prefs.js: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2 removed from extensions.enabledAddons
Prefs.js: videosaver%40videosaver.net:1.114 removed from extensions.enabledAddons
Prefs.js: donottrackplus%40abine.com:2.2.9.520 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 removed from extensions.enabledAddons
C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkr4r5x5.default\extensions\info@convert2mp3.net.xpi moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\vi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\uk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\th folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ro folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_BR folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\no folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ms folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lt folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\id folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\he folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fil folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\et folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es_419 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_US folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_GB folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\el folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\da folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\cs folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ca folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\bg folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ar folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\vi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\uk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\th folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ro folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_BR folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\no folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ms folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lt folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\id folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\he folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fil folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\eu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\et folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es_419 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_US folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_GB folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\el folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\da folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\cs folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ca folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\bg folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ar folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\vi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\uk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\th folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\sv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\sr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\sl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\sk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\ro folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\pt_BR folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\ms folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\lv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\lt folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\hu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\hr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\he folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\fr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\fi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\fa folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\et folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\es_419 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\es folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\en_US folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\en_GB folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\el folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\da folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\cs folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\ca folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\bg folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales\ar folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\skin folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\lib folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\jquery-ui\js folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\jquery-ui\css\smoothness\images folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\jquery-ui\css\smoothness folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\jquery-ui\css folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\jquery-ui folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\icons folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\vi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\uk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\th folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ro folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_BR folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\no folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lt folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\id folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\he folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fil folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\et folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es_419 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_US folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_GB folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\el folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\da folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\cs folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ca folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\bg folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ar folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.4_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\en_US folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\plugin\jquery.rte\images folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\plugin\jquery.rte folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\plugin folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\js folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\images folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0\css folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.4_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0\js folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0\img folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0\css folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0\_locales\en folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0\i folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm\1.0_0 folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales folder moved successfully.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Karoline
->Temp folder emptied: 1270799 bytes
->Temporary Internet Files folder emptied: 7920149 bytes
->FireFox cache emptied: 146980534 bytes
->Flash cache emptied: 63082 bytes
User: Nathalia
->Temp folder emptied: 1971525 bytes
->Temporary Internet Files folder emptied: 3585975 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 25519079 bytes
->Flash cache emptied: 62512 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: ***
->Temp folder emptied: 92608041 bytes
->Temporary Internet Files folder emptied: 51153815 bytes
->Java cache emptied: 109657575 bytes
->FireFox cache emptied: 61178582 bytes
->Google Chrome cache emptied: 72557901 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 61555 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 37664 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 232448 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 102427 bytes
RecycleBin emptied: 119579324 bytes
Total Files Cleaned = 662,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06052013_210859
|
|
06.06.2013, 08:52
| #8 |
| /// the machine /// TB-Ausbilder | Wörter sind verlinkt und führen clickcompage.info Immer noch Verlinkungen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.06.2013, 23:23
| #9 |
| | Wörter sind verlinkt und führen clickcompage.info Hallo, hat sich erledigt, habe Windows komplett neu installiert. Trotzdem vielen dank für deine Hilfe! *Edit: Könnten Sie die von Ihnen und mir geposteten Logs löschen? Möchte nicht das die hier so öffentlich anschaubar sind.. Dankeschön! |
|
07.06.2013, 06:34
| #10 |
| /// the machine /// TB-Ausbilder | Wörter sind verlinkt und führen clickcompage.info Dafür bitte per PM an den Admin Da Guru wenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Wörter sind verlinkt und führen clickcompage.info |
| beste, besten, community, firefox, forum, frage, fragen, html/scrinject.b.gen, kaputt, lahm, laptop, limited.com/facebook, problem, schonmal, system, tagen, tauchen, troja, trojaner, unterstrichene wörter, verlinkt, win32/adware.addlyrics.f, win32/speedingupmypc.b, worte, wörter |
Textbox. 
Linear-Darstellung
