| |
| |||||||
Log-Analyse und Auswertung: WIN7: Avira meldet Fund tr/agent.143516.1Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.10.2013, 19:29
| #1 |
 |  WIN7: Avira meldet Fund tr/agent.143516.1 Moin Moin, ich brauche da eure Hilfe. Als heute der Virenscanner AVIRA einen Fund meldete, hab ich umgehend beim Trojaner Board nachgelesen und die Schritte befolgt. Fund: tr/agent.143516.1 Schritt 1: Laufwerksemulationen abschalten mit Defogger ->hat geklappt Schritt 2: Systemscan mit FRST ->hat geklappt ...und nun die beiden Files im Anhang Schritt 3: Scan mit GMER -> hat geklappt ...und auch hier der File im Anhang Schritt 4: Bericht aus AVIR im Anhang Vielen Vielen Dank für eure Hilfe Jens |
|
17.10.2013, 20:40
| #2 |
| /// the machine /// TB-Ausbilder    | WIN7: Avira meldet Fund tr/agent.143516.1 Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
17.10.2013, 20:49
| #3 |
| | WIN7: Avira meldet Fund tr/agent.143516.1 Moin Moin,
__________________so, nun posten in Code Tags....danke für dein Hilfe :-) FRST Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Jens aaaaaaa at 2013-10-17 19:57:16
Running from C:\Users\Jens aaaaaaa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
AccelerometerP11 (x32 Version: 2.00.11.22)
Adobe AIR (x32 Version: 3.2.0.2070)
Adobe Digital Editions 2.0 (x32 Version: 2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Advanced Audio FX Engine (x32 Version: 1.12.05)
Advanced System Protector (x32 Version: 2.1.1000.12150)
Akamai NetSession Interface (HKCU)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
BitGuard (x32)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0)
CANON iMAGE GATEWAY MyCamera Download Plugin (x32 Version: 3.1.1.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.9.0.9)
Canon MOV Decoder (x32 Version: 1.8.0.7)
Canon MOV Encoder (x32 Version: 1.6.0.1)
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.7.0.4)
Canon Utilities Digital Photo Professional 3.10 (x32 Version: 3.10.2.0)
Canon Utilities EOS Sample Music (x32 Version: 1.0.0.204)
Canon Utilities EOS Utility (x32 Version: 2.10.2.0)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (x32 Version: 1.0.0.10)
Canon Utilities Movie Uploader for YouTube (x32 Version: 1.2.0.7)
Canon Utilities PhotoStitch (x32 Version: 3.1.22.46)
Canon Utilities Picture Style Editor (x32 Version: 1.9.0.0)
Canon Utilities ZoomBrowser EX (x32 Version: 6.7.0.24)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.5.0.9)
CCleaner (Version: 4.04)
D3DX10 (x32 Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.61)
Dell DataSafe Local Backup (x32 Version: 9.4.61)
Dell DataSafe Online (x32 Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell Mobile Broadband Manager (x32 Version: 6.1.24.2)
Dell MusicStage (x32 Version: 1.5.201.0)
Dell PhotoStage (x32 Version: 1.5.0.67)
Dell Stage (x32 Version: 1.7.209.0)
Dell Stage Remote (x32 Version: 2.0.0.50)
Dell System Detect (HKCU Version: 3.3.2.0)
Dell VideoStage (x32 Version: 1.2.0.1712)
Dell Webcam Central (x32 Version: 2.00.44)
Digital Line Detect (x32 Version: 1.21)
DirectX 9 Runtime (x32 Version: 1.00.0000)
Doko Chrome Toolbar (x32)
Doko toolbar (x32 Version: 1.8.26.9)
eBay (x32 Version: 1.4.0)
ElsterFormular (x32 Version: 13.2.0.8623p)
ESET Online Scanner v3 (x32)
ffdshow v1.1.3978 [2011-08-25] (x32 Version: 1.1.3978.0)
Flight Simulator X (x32)
Flight Simulator X Service Pack 1 (x32)
FMS (x32)
FSX Bonus Multiplayer Racing Missions (x32 Version: 10.0.61219.0)
Google Chrome (HKCU Version: 30.0.1599.69)
Google Update Helper (x32 Version: 1.3.21.165)
GPSinfo version S-0PC-07-1109022 (x32 Version: S-0PC-07-1109022)
Grib-Wetter V7.0 (x32)
High-Definition Video Playback (x32 Version: 11.1.11500.4.273)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 3.0.0.021)
HTC Sync (x32 Version: 3.2.20)
Intel PROSet Wireless
Intel PROSet Wireless (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2455)
Intel(R) PROSet/Wireless WiFi-Software (Version: 14.2.1000)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 27 (64-bit) (Version: 6.0.270)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kobo (x32 Version: 3.3.11)
LiveUpload to Facebook (x32 Version: 3.2.3.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight Simulator X (x32 Version: 10.0.60905)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser und SDK (x32 Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
My Dell (Version: 3.4.6308.28)
MyPC Backup (Version: )
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0)
Nero Control Center 10 (x32 Version: 10.6.13000.0.11)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800)
Nero Core Components 10 (x32 Version: 2.0.20000.9.12)
Nero Update (x32 Version: 11.0.13300.42.0)
Netwaiting (x32 Version: 2.5.59)
NVIDIA Grafiktreiber 307.21 (Version: 307.21)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA Systemsteuerung 307.21 (Version: 307.21)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Open It! (x32 Version: 1.1.1)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
PDFCreator (x32 Version: 1.3.2)
PhotoShowExpress (x32 Version: 2.0.063)
PL-2303 USB-to-Serial (x32 Version: 1.3.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Quickset64 (Version: 11.0.10)
RBVirtualFolder64Inst (Version: 1.00.0000)
RC Logger Viewer (x32 Version: 1.10.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6312)
RegClean Pro (x32 Version: 6.21)
Roxio Activation Module (x32 Version: 1.0)
Roxio BackOnTrack (x32 Version: 1.3.3)
Roxio Burn (x32 Version: 1.8)
Roxio Creator Starter (x32 Version: 1.0.439)
Roxio Creator Starter (x32 Version: 12.1.77.0)
Roxio Creator Starter (x32 Version: 5.0.0)
Roxio Express Labeler 3 (x32 Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Shared C Run-time for x64 (Version: 10.0.0)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (x32)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (x32 Version: 6.5)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_2) (x32 Version: 6.5)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_3 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_3) (x32 Version: 6.5)
Skype™ 5.10 (x32 Version: 5.10.116)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0)
Speed-Link Vibration Joystick (x32)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.2.6.0)
SyncUP (x32 Version: 1.12.11200.10.102)
SyncUP (x32 Version: 10.2.15400)
t@x 2012 (x32 Version: 19.00.7303)
t@x 2013 (x32 Version: 20.00.8137)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Zip Extractor (HKCU)
Vistanaut Light (x32 Version: 1.1.3)
Whilokii 1.0.0 (Version: 1.0.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)
Windows-Treiberpaket - FotoNation (CoachAud) MEDIA (03/10/2009 4.82.0.0) (Version: 03/10/2009 4.82.0.0)
Windows-Treiberpaket - FotoNation (CoachUsb) Image (03/10/2009 4.82.0.0) (Version: 03/10/2009 4.82.0.0)
XMind 2012 (v3.3.1) (x32 Version: 3.3.1.201212250029)
Xvid 1.2.2 final uninstall (x32 Version: 1.2)
Zinio Alert Messenger (x32 Version: 4.0.2570)
Zinio Reader 4 (x32 Version: 4.2.4164)
==================== Restore Points =========================
02-10-2013 10:01:12 Windows Update
09-10-2013 04:58:25 Windows Update
09-10-2013 05:15:43 Windows Update
16-10-2013 04:56:41 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2012-06-18 22:42 - 00442922 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {073FFAFC-917C-4742-BFC5-443C7358EB05} - System32\Tasks\EPUpdater => C:\Users\Jens aaaaaaa\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] ()
Task: {19D888DF-2ED6-485C-BF5F-AC9F0B71C905} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-10] (Google Inc.)
Task: {1E2C3F59-F482-49D4-84BD-CF82E1640C5D} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {29ED26FE-5AAD-4545-9F07-1C7D9CB669DC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {2A9938FA-2097-4952-A0FD-A540DCEBBD32} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core => C:\Users\Jens aaaaaaa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-31] (Google Inc.)
Task: {2DE431B1-48FA-492D-B89E-6AF6BECE263B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {2FF55AA8-F41E-47FE-9908-F5BEE6CD728B} - System32\Tasks\{EB127DA3-04CB-4CCE-B9D3-DA40813F4626} => C:\Program Files (x86)\Vistanaut\vistanaut.exe [2010-09-14] (Team GmbH)
Task: {32E82EF1-0DB0-4312-B4B8-41ED0B386F13} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-22] (Systweak Inc)
Task: {3B9B77FB-CBB4-46AD-A8CA-58F09F83ECD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {509ECA8A-F8FB-43CF-987F-960CAE2921FA} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2013-10-04] (Systweak)
Task: {52910F80-BCC0-4D97-947A-BDD711B3BE74} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5AD4425F-5092-455D-9F9D-51ABFE29C96F} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-17] (BonanzaDeals)
Task: {6204ED5E-1BCE-46BF-AB38-87FBE5A194A3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA => C:\Users\Jens aaaaaaa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-31] (Google Inc.)
Task: {6AA72CD1-8D02-4582-BD9F-0F13AFAB0D38} - System32\Tasks\{13624EE1-81B5-4CB4-AE7B-2C5FA948A924} => C:\Program Files (x86)\Vistanaut\vistanaut.exe [2010-09-14] (Team GmbH)
Task: {70C0136D-8590-4906-BDC2-EFA3E132420A} - System32\Tasks\DigitalSite => C:\Users\Jens aaaaaaa\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {71F45F3F-9202-4B3F-B12B-D06DE16B6C6C} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-17] (BonanzaDeals)
Task: {75B10A15-6ACD-4FF1-AB67-45A3379AD09B} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe [2012-09-17] (Systweak Inc )
Task: {84F81F41-E36A-45EB-AAB2-C4080C6E981E} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-22] (Systweak Inc)
Task: {87C3CB91-F490-4B36-9805-B3843F2EF897} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-10] (Google Inc.)
Task: {8C5EE5FC-EAFB-4EA6-9603-7D6C28833BF7} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-22] (Systweak Inc)
Task: {A33636FB-4B78-4690-985A-FECA712677F7} - System32\Tasks\Launch HTC Sync Loader => c:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {AE6DFA67-A093-43A3-88CB-E7F891DEDD2E} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {BB65913D-ECA7-4A4E-B49F-2EA583FD35BF} - System32\Tasks\{ACCC80B1-C8AE-458C-9A77-37D9CC65702F} => C:\Users\Jens aaaaaaa\Downloads\WindowsXP-KB822603-x86-DEU.exe
Task: {CC846114-27D3-421E-9C0F-3E454354B708} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {E5765246-CC29-422E-A3D8-A8BA02B1555E} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {FD115846-70F8-4B27-9159-530F6B04B4C4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\JENSVA~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core.job => C:\Users\Jens aaaaaaa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA.job => C:\Users\Jens aaaaaaa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
==================== Loaded Modules (whitelisted) =============
2011-12-27 16:28 - 2011-07-20 15:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-16 01:46 - 2011-09-16 01:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-09-20 00:37 - 2013-09-20 00:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-20 00:32 - 2013-09-20 00:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-10-27 22:37 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 15:52 - 2010-03-22 15:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 20:28 - 2010-03-16 20:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-24 23:20 - 2011-06-24 23:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-07-17 10:35 - 2011-07-17 10:35 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-07-21 08:35 - 2011-07-21 08:35 - 00328256 _____ () C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll
2010-03-11 19:52 - 2010-03-11 19:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 15:07 - 2010-03-05 15:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 15:07 - 2010-03-05 15:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 19:52 - 2010-03-11 19:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2011-07-17 10:36 - 2011-07-17 10:36 - 00032832 _____ () C:\Program Files (x86)\Dell\Stage Remote\ServiceProxy.dll
2007-04-13 09:39 - 2007-04-13 09:39 - 00252672 _____ () C:\Program Files (x86)\Dell\Stage Remote\kgl.dll
2007-04-19 08:28 - 2007-04-19 08:28 - 00436992 _____ () C:\Program Files (x86)\Dell\Stage Remote\fpxlib.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2010-02-12 14:53 - 2010-02-12 14:53 - 00058880 ____R () C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\MBMDebug.dll
2013-03-05 16:56 - 2013-09-06 13:12 - 08929360 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wgui13.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 00028672 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rsdcom48.dll
2013-03-05 16:56 - 2013-09-06 13:10 - 00308816 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rscorewinapi48.dll
2013-03-05 16:56 - 2013-09-06 13:10 - 00321104 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rsguiwinapi48.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 03464784 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wcore13.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 00136272 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rsodbc48.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 02196048 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wfvie13.dll
2013-03-05 16:56 - 2013-09-06 13:10 - 01610320 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wsteu13.dll
2013-03-05 16:56 - 2013-09-06 13:12 - 01732176 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wreli13.dll
2013-03-05 16:56 - 2013-09-04 22:48 - 04157520 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wauff13.dll
2013-01-17 15:30 - 2013-03-15 16:09 - 01041408 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\clucene-core.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 00094208 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\clucene-shared.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 00251392 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\clucene-contribs-lib.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01499728 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wmain13.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 04967504 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae113.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01368656 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae213.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01748048 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae313.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01577552 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae413.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01146960 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\whau113.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01229904 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\whau213.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01307216 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wwerb13.dll
2013-03-05 16:56 - 2013-09-06 13:12 - 06773328 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wkont13.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01249792 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wimp13.dll
2013-03-05 16:56 - 2013-09-06 13:11 - 01314384 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wfabu13.dll
2010-11-25 06:44 - 2010-11-25 06:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 12:44 - 2012-02-01 12:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00103936 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00516599 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00094208 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00389120 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00151552 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00172032 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 00559244 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll
2012-04-17 15:05 - 2012-04-17 15:05 - 01515520 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll
2010-11-17 18:35 - 2010-11-17 18:35 - 00657904 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\BBEngineAS.dll
2011-07-06 16:53 - 2011-07-06 16:53 - 00068160 _____ () C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\DMRUI.dll
2011-07-08 01:13 - 2011-07-08 01:13 - 00251688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
2011-07-08 01:14 - 2011-07-08 01:14 - 00891688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-10-05 23:57 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-05 23:57 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-05 23:57 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-05 23:57 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-05 23:57 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-10-17 19:43 - 2013-09-23 13:55 - 02704352 _____ () C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-10-17 19:43 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2013-10-17 19:43 - 2013-10-04 18:20 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2013-10-17 19:43 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2013-10-10 18:20 - 2013-10-10 18:20 - 13584776 _____ () C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/17/2013 07:55:18 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bd0
Startzeit: 01cecb310a692085
Endzeit: 16
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 42b50fde-3755-11e3-b202-848f69bf851e
Error: (10/17/2013 07:43:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dokotoolbar4ffx.exe, Version: 1.8.26.9, Zeitstempel: 0x4b1ae3cc
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x52402c3e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x26e4
Startzeit der fehlerhaften Anwendung: 0xdokotoolbar4ffx.exe0
Pfad der fehlerhaften Anwendung: dokotoolbar4ffx.exe1
Pfad des fehlerhaften Moduls: dokotoolbar4ffx.exe2
Berichtskennung: dokotoolbar4ffx.exe3
Error: (10/17/2013 07:43:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dokotoolbar4ffx.exe, Version: 1.8.26.9, Zeitstempel: 0x4b1ae3cc
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1694.246, Zeitstempel: 0x52402c3e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017966f
ID des fehlerhaften Prozesses: 0x26e4
Startzeit der fehlerhaften Anwendung: 0xdokotoolbar4ffx.exe0
Pfad der fehlerhaften Anwendung: dokotoolbar4ffx.exe1
Pfad des fehlerhaften Moduls: dokotoolbar4ffx.exe2
Berichtskennung: dokotoolbar4ffx.exe3
Error: (10/17/2013 07:43:20 PM) (Source: MsiInstaller) (User: DELL-XPS502_JV)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi
Error: (10/17/2013 02:04:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2013 07:20:37 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StageRemote.exe, Version: 2.0.0.50, Zeitstempel: 0x4e3fb38b
Name des fehlerhaften Moduls: MP4Muxer.ax, Version: 1.0.0.87, Zeitstempel: 0x4e1bf1b1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002a95
ID des fehlerhaften Prozesses: 0x1070
Startzeit der fehlerhaften Anwendung: 0xStageRemote.exe0
Pfad der fehlerhaften Anwendung: StageRemote.exe1
Pfad des fehlerhaften Moduls: StageRemote.exe2
Berichtskennung: StageRemote.exe3
Error: (10/17/2013 07:17:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2013 06:32:37 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StageRemote.exe, Version: 2.0.0.50, Zeitstempel: 0x4e3fb38b
Name des fehlerhaften Moduls: MP4Muxer.ax, Version: 1.0.0.87, Zeitstempel: 0x4e1bf1b1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002a95
ID des fehlerhaften Prozesses: 0x124c
Startzeit der fehlerhaften Anwendung: 0xStageRemote.exe0
Pfad der fehlerhaften Anwendung: StageRemote.exe1
Pfad des fehlerhaften Moduls: StageRemote.exe2
Berichtskennung: StageRemote.exe3
Error: (10/17/2013 06:28:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2013 08:59:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/17/2013 02:22:09 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/17/2013 02:12:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application User Notification Service" wurde nicht richtig gestartet.
Error: (10/17/2013 02:10:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (10/17/2013 02:06:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/17/2013 02:06:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/17/2013 02:05:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (10/17/2013 07:20:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/17/2013 07:20:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/17/2013 07:20:08 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070420
Error: (10/17/2013 07:19:33 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/17/2013 07:55:18 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17567bd001cecb310a69208516C:\Windows\Explorer.EXE42b50fde-3755-11e3-b202-848f69bf851e
Error: (10/17/2013 07:43:39 PM) (Source: Application Error)(User: )
Description: dokotoolbar4ffx.exe1.8.26.94b1ae3ccbitguard.dll2.6.1694.24652402c3ec00000050017966f26e401cecb6068473c24C:\Users\JENSVA~1\AppData\Local\Temp\Doko-Toolbar\dokotoolbar\1.8.26.9\dokotoolbar4ffx.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dlla778a79e-3753-11e3-b202-848f69bf851e
Error: (10/17/2013 07:43:37 PM) (Source: Application Error)(User: )
Description: dokotoolbar4ffx.exe1.8.26.94b1ae3ccbitguard.dll2.6.1694.24652402c3ec00000050017966f26e401cecb6068473c24C:\Users\JENSVA~1\AppData\Local\Temp\Doko-Toolbar\dokotoolbar\1.8.26.9\dokotoolbar4ffx.exec:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dlla6599eda-3753-11e3-b202-848f69bf851e
Error: (10/17/2013 07:43:20 PM) (Source: MsiInstaller)(User: DELL-XPS502_JV)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/17/2013 02:04:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2013 07:20:37 AM) (Source: Application Error)(User: )
Description: StageRemote.exe2.0.0.504e3fb38bMP4Muxer.ax1.0.0.874e1bf1b1c000000500002a95107001cecaf83ba39920C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exeC:\Program Files (x86)\Dell\Stage Remote\Codec\MP4Muxer.axdadc3794-36eb-11e3-b244-848f69bf851e
Error: (10/17/2013 07:17:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2013 06:32:37 AM) (Source: Application Error)(User: )
Description: StageRemote.exe2.0.0.504e3fb38bMP4Muxer.ax1.0.0.874e1bf1b1c000000500002a95124c01cecaf1b3521a8aC:\Program Files (x86)\Dell\Stage Remote\StageRemote.exeC:\Program Files (x86)\Dell\Stage Remote\Codec\MP4Muxer.ax25ec5e04-36e5-11e3-b208-848f69bf851e
Error: (10/17/2013 06:28:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2013 08:59:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-03-07 10:34:32.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-07 10:34:32.477
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-07 10:34:32.477
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-06 13:26:03.457
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-06 13:26:03.453
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-06 13:26:03.450
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-02-04 15:36:49.719
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-02-04 15:36:49.715
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-02-04 15:36:49.713
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-28 22:55:07.839
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 8086.17 MB
Available physical RAM: 4226.99 MB
Total Pagefile: 16170.52 MB
Available Pagefile: 10971.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:679 GB) (Free:574.66 GB) NTFS
Drive d: (MuJ_bear) (CDROM) (Total:0.09 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=679 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Jens aaaaaaaa (administrator) on DELL-XPS502_JV on 17-10-2013 19:56:18
Running from C:\Users\Jens aaaaaaaa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(Akamai Technologies, Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe
(Ericsson AB) C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
(Akamai Technologies, Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
() C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
() C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Whilokii) C:\Program Files (x86)\Whilokii\updateWhilokii.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] ()
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [483424 2012-02-01] ()
HKLM-x32\...\Runonce: [Del20353824] - cmd.exe /Q /D /c del "C:\Users\JENSVA~1\AppData\Local\Temp\0.del" [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Google Update] - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-31] (Google Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [WirelessManager] - C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [194600 2010-07-28] (Ericsson AB)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-02-06] ()
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] ()
HKLM-x32\...\Run: [HTC Sync Loader] - c:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-25] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-25] (NVIDIA Corporation)
Startup: C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GM_DevUpdate.lnk
ShortcutTarget: GM_DevUpdate.lnk -> C:\Program Files (x86)\Speed-Link Vibration Joystick\GM_DevUpdate.exe ()
Startup: C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
BootExecute: autocheck autochk * lsdelete
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038
SearchScopes: HKLM - DefaultScope {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL =
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038
SearchScopes: HKCU - {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files (x86)\Whilokii\Whilokiibho.dll (Whilokii)
BHO-x32: dokotoolbar Helper Object - {3B9F6E59-04CA-43FF-92DF-F6E66D3A8D82} - C:\Program Files (x86)\Doko-Toolbar\dokotoolbar\1.8.26.9\bh\dokotoolbar.dll (Doko-Toolbar)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - dokotoolbar Toolbar - {339E1B37-76D3-4A64-A988-E81425DF831C} - C:\Program Files (x86)\Doko-Toolbar\dokotoolbar\1.8.26.9\dokotoolbarTlbr.dll (Doko-Toolbar)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038
CHR RestoreOnStartup: "hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038"
CHR DefaultSearchURL: (Doko Search) - hxxp://www.doko-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038
CHR DefaultSuggestURL: (Doko Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Doko Toolbar) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\edcikfknpchdehdlmjpbofgkoaonaijg\1.6.2_0
CHR Extension: (Whilokii) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0
CHR Extension: (BonanzaDeals) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [edcikfknpchdehdlmjpbofgkoaonaijg] - C:\Users\Jens aaaaaaaa\AppData\Roaming\BabSolution\CR\Doko.crx
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-20] (Just Develop It)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] ()
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-17] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-17] (BonanzaDeals)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 CoachUsb; C:\Windows\System32\DRIVERS\CoachUsb.sys [78472 2009-05-06] (FotoNation Inc.)
S3 CoachVid; C:\Windows\System32\DRIVERS\CoachVid.sys [72968 2009-05-06] (FotoNation Inc.)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-10-28] (Lavasoft AB)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284008 2012-10-25] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
S3 GMFilter; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
U3 awldrfog; \??\C:\Users\JENSVA~1\AppData\Local\Temp\awldrfog.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-17 19:56 - 2013-10-17 19:56 - 00000000 ____D C:\FRST
2013-10-17 19:55 - 2013-10-17 19:56 - 01954124 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST64.exe
2013-10-17 19:54 - 2013-10-17 19:54 - 01087213 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST.exe
2013-10-17 19:53 - 2013-10-17 19:53 - 00377856 _____ C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe
2013-10-17 19:52 - 2013-10-17 19:52 - 00000488 _____ C:\Users\Jens aaaaaaaa\Downloads\defogger_disable.log
2013-10-17 19:52 - 2013-10-17 19:52 - 00000000 _____ C:\Users\Jens aaaaaaaa\defogger_reenable
2013-10-17 19:49 - 2013-10-17 19:50 - 00050477 _____ C:\Users\Jens aaaaaaaa\Downloads\Defogger.exe
2013-10-17 19:47 - 2013-10-17 19:48 - 00001179 _____ C:\Users\Jens aaaaaaaa\Desktop\Continue Zip Extractor Installation.lnk
2013-10-17 19:47 - 2013-10-17 19:47 - 00753504 _____ C:\Users\Jens aaaaaaaa\Downloads\ZipExtractorSetup (1).exe
2013-10-17 19:43 - 2013-10-17 19:48 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-17 19:43 - 2013-10-17 19:48 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-17 19:43 - 2013-10-17 19:43 - 00003936 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-17 19:43 - 2013-10-17 19:43 - 00003684 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-17 19:43 - 2013-10-17 19:43 - 00003422 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-17 19:43 - 2013-10-17 19:43 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-17 19:43 - 2013-10-17 19:43 - 00003402 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-17 19:43 - 2013-10-17 19:43 - 00003364 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-10-17 19:43 - 2013-10-17 19:43 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-17 19:43 - 2013-10-17 19:43 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-10-17 19:43 - 2013-10-17 19:43 - 00003070 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-10-17 19:43 - 2013-10-17 19:43 - 00002914 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-10-17 19:43 - 2013-10-17 19:43 - 00001203 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00001112 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00001089 _____ C:\Users\Jens aaaaaaaa\Desktop\MyPC Backup.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00001052 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00000300 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-10-17 19:43 - 2013-10-17 19:43 - 00000292 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Systweak
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Doko-Toolbar
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\BabSolution
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\BonanzaDealsLive
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\avgchrome
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\ProgramData\Systweak
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Doko-Toolbar
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-10-17 19:43 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-10-17 19:43 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2013-10-17 19:42 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-10-17 19:42 - 2013-10-17 19:42 - 00753504 _____ C:\Users\Jens aaaaaaaa\Downloads\ZipExtractorSetup.exe
2013-10-17 19:42 - 2013-10-17 19:42 - 00003282 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-17 19:42 - 2013-10-17 19:42 - 00000314 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-17 19:42 - 2013-10-17 19:42 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\DigitalSite
2013-10-17 19:42 - 2013-10-17 19:42 - 00000000 ____D C:\ProgramData\Babylon
2013-10-17 19:39 - 2013-10-17 19:52 - 00000000 ____D C:\Users\Jens aaaaaaaa\Desktop\AAA_Virus
2013-10-17 14:19 - 2013-10-17 14:19 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{189BAC47-08CE-49E6-98B3-9550098A37EE}
2013-10-17 14:03 - 2013-10-17 14:03 - 00000056 _____ C:\Windows\setupact.log
2013-10-17 14:03 - 2013-10-17 14:03 - 00000000 _____ C:\Windows\setuperr.log
2013-10-16 21:35 - 2013-10-16 21:35 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{C207FA2B-EE1D-464C-9AE2-A70EED64D1B8}
2013-10-15 22:16 - 2013-10-15 22:16 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{29186EF2-0E70-4123-BB36-8D9BE61D9C47}
2013-10-14 20:55 - 2013-10-14 20:55 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{E12D723F-617A-4EBF-AD5F-05E823034C5E}
2013-10-13 22:38 - 2013-10-13 22:38 - 00001520 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (5).acsm
2013-10-13 22:38 - 2013-10-13 22:38 - 00001514 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (4).acsm
2013-10-13 22:07 - 2013-10-13 22:07 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{31E29715-CAFE-423C-9636-98032B237242}
2013-10-13 09:04 - 2013-10-13 09:04 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{75C7BA22-5E61-4705-8F1C-49098BA7A209}
2013-10-12 21:03 - 2013-10-12 21:03 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{1DF6946D-B657-4E09-8020-9CAFBBF989A5}
2013-10-12 09:03 - 2013-10-12 09:03 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{07A91E5F-D90B-4E7A-85D3-1F5384DC35D1}
2013-10-11 12:00 - 2013-10-11 12:01 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{C0C3F775-3509-405B-8D6B-1EBFC643DA9E}
2013-10-10 20:02 - 2013-10-10 20:02 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{7C96C415-BA63-40E2-823F-6A7CEE78EF35}
2013-10-09 07:24 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 07:24 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 07:24 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 07:24 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 07:24 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 07:24 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 07:24 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 07:04 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 07:04 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 07:04 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 07:04 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 07:04 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 07:04 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 07:04 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 07:04 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 07:04 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 07:04 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 07:04 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 07:04 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 07:04 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 07:04 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 07:04 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 07:04 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 07:04 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 07:04 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 07:04 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 07:04 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 07:04 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 07:04 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 07:04 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 07:03 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 07:03 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 07:03 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 07:03 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 07:03 - 2013-09-04 03:37 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 07:03 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 07:03 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 07:03 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 07:03 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 07:03 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 07:03 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 07:03 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 07:03 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 07:03 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 07:03 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 07:03 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 07:03 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 07:03 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 07:03 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 07:03 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 07:03 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 07:03 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 07:03 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 07:03 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:03 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 06:56 - 2013-10-09 06:56 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{D8EAC539-51AA-46A1-9CB8-CCEC48146729}
2013-10-08 23:42 - 2013-10-08 23:42 - 00171520 _____ C:\Users\Jens aaaaaaaa\Downloads\Reibung_zw_festen_Stoffen.pps
2013-10-08 16:46 - 2013-10-08 16:46 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{676E4413-F15F-45A8-A11D-7C83E0C0F739}
2013-10-07 17:53 - 2013-10-07 17:54 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{AF546ADC-CA6C-4EE8-9783-6513EDA0F68D}
2013-10-06 23:04 - 2013-10-06 23:05 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{BAAC30EC-59EC-4709-BD34-15F22FBAED10}
2013-10-05 23:52 - 2013-10-05 23:52 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{D1696466-7CD1-40F7-B648-D5699E5A8D05}
2013-10-04 21:34 - 2013-10-04 21:35 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{78B83DB9-5279-4B8E-B81D-F3F114786F99}
2013-10-04 09:27 - 2013-10-04 09:28 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{FAB7CFFD-7BCA-4BD9-B710-BE163AED3AC5}
2013-10-03 16:25 - 2013-10-03 16:25 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{1BE64BAE-F842-431B-A8A7-800491F00370}
2013-10-02 20:52 - 2013-10-02 20:52 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{C0A6576F-EE4A-4AAD-8FD8-3DF5678E117F}
2013-09-17 04:49 - 2013-09-17 04:49 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{9827D96C-32C2-49BA-9C3A-915A25560047}
==================== One Month Modified Files and Folders =======
2013-10-17 19:56 - 2013-10-17 19:56 - 00000000 ____D C:\FRST
2013-10-17 19:56 - 2013-10-17 19:55 - 01954124 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST64.exe
2013-10-17 19:54 - 2013-10-17 19:54 - 01087213 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST.exe
2013-10-17 19:53 - 2013-10-17 19:53 - 00377856 _____ C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe
2013-10-17 19:52 - 2013-10-17 19:52 - 00000488 _____ C:\Users\Jens aaaaaaaa\Downloads\defogger_disable.log
2013-10-17 19:52 - 2013-10-17 19:52 - 00000000 _____ C:\Users\Jens aaaaaaaa\defogger_reenable
2013-10-17 19:52 - 2013-10-17 19:39 - 00000000 ____D C:\Users\Jens aaaaaaaa\Desktop\AAA_Virus
2013-10-17 19:52 - 2011-12-30 16:16 - 00000000 ____D C:\Users\Jens aaaaaaaa
2013-10-17 19:50 - 2013-10-17 19:49 - 00050477 _____ C:\Users\Jens aaaaaaaa\Downloads\Defogger.exe
2013-10-17 19:48 - 2013-10-17 19:47 - 00001179 _____ C:\Users\Jens aaaaaaaa\Desktop\Continue Zip Extractor Installation.lnk
2013-10-17 19:48 - 2013-10-17 19:43 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-17 19:48 - 2013-10-17 19:43 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-17 19:47 - 2013-10-17 19:47 - 00753504 _____ C:\Users\Jens aaaaaaaa\Downloads\ZipExtractorSetup (1).exe
2013-10-17 19:43 - 2013-10-17 19:43 - 00003936 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-17 19:43 - 2013-10-17 19:43 - 00003684 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-17 19:43 - 2013-10-17 19:43 - 00003422 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-17 19:43 - 2013-10-17 19:43 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-17 19:43 - 2013-10-17 19:43 - 00003402 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-17 19:43 - 2013-10-17 19:43 - 00003364 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-10-17 19:43 - 2013-10-17 19:43 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-10-17 19:43 - 2013-10-17 19:43 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-10-17 19:43 - 2013-10-17 19:43 - 00003070 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-10-17 19:43 - 2013-10-17 19:43 - 00002914 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-10-17 19:43 - 2013-10-17 19:43 - 00001203 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00001112 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00001089 _____ C:\Users\Jens aaaaaaaa\Desktop\MyPC Backup.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00001052 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-10-17 19:43 - 2013-10-17 19:43 - 00000300 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-10-17 19:43 - 2013-10-17 19:43 - 00000292 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Systweak
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\Doko-Toolbar
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\BabSolution
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\BonanzaDealsLive
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\avgchrome
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\ProgramData\Systweak
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Doko-Toolbar
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-10-17 19:43 - 2013-10-17 19:42 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-10-17 19:43 - 2011-12-30 16:39 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\Nero
2013-10-17 19:43 - 2011-12-30 16:20 - 00000000 ___RD C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-17 19:42 - 2013-10-17 19:42 - 00753504 _____ C:\Users\Jens aaaaaaaa\Downloads\ZipExtractorSetup.exe
2013-10-17 19:42 - 2013-10-17 19:42 - 00003282 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-17 19:42 - 2013-10-17 19:42 - 00000314 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-17 19:42 - 2013-10-17 19:42 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\DigitalSite
2013-10-17 19:42 - 2013-10-17 19:42 - 00000000 ____D C:\ProgramData\Babylon
2013-10-17 19:42 - 2013-01-10 22:11 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-17 19:27 - 2011-12-27 08:03 - 01698614 _____ C:\Windows\WindowsUpdate.log
2013-10-17 19:00 - 2011-12-31 12:07 - 00001152 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA.job
2013-10-17 18:58 - 2012-04-29 22:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-17 18:55 - 2010-11-21 08:50 - 00697322 _____ C:\Windows\system32\perfh007.dat
2013-10-17 18:55 - 2010-11-21 08:50 - 00148328 _____ C:\Windows\system32\perfc007.dat
2013-10-17 18:55 - 2009-07-14 07:13 - 01614100 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-17 14:41 - 2012-03-01 00:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-17 14:37 - 2012-07-12 18:23 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D3F2ED7F-9929-48CA-A472-7EC179DE8884}
2013-10-17 14:26 - 2013-05-25 12:18 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-10-17 14:26 - 2013-05-25 12:17 - 00000000 ____D C:\Program Files\My Dell
2013-10-17 14:26 - 2012-02-29 18:20 - 00000000 ____D C:\ProgramData\PCDr
2013-10-17 14:19 - 2013-10-17 14:19 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{189BAC47-08CE-49E6-98B3-9550098A37EE}
2013-10-17 14:16 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-17 14:16 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-17 14:05 - 2012-02-20 22:04 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\Htc
2013-10-17 14:05 - 2011-12-27 15:36 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-10-17 14:04 - 2013-01-10 22:11 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-17 14:04 - 2011-12-27 15:40 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-10-17 14:04 - 2011-12-27 15:40 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-10-17 14:03 - 2013-10-17 14:03 - 00000056 _____ C:\Windows\setupact.log
2013-10-17 14:03 - 2013-10-17 14:03 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 14:03 - 2012-03-10 13:16 - 00354812 _____ C:\aaw7boot.log
2013-10-17 14:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-17 08:03 - 2012-03-10 13:16 - 00000000 ____D C:\Windows\Minidump
2013-10-17 08:03 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2013-10-16 22:00 - 2011-12-31 12:07 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core.job
2013-10-16 21:55 - 2011-12-31 12:07 - 00004138 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA
2013-10-16 21:55 - 2011-12-31 12:07 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core
2013-10-16 21:35 - 2013-10-16 21:35 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{C207FA2B-EE1D-464C-9AE2-A70EED64D1B8}
2013-10-16 21:01 - 2011-12-27 15:55 - 00000000 ____D C:\ProgramData\Sonic
2013-10-16 20:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-15 22:22 - 2012-02-27 18:31 - 00000763 _____ C:\Windows\wiso.ini
2013-10-15 22:22 - 2012-02-27 18:27 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-10-15 22:16 - 2013-10-15 22:16 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{29186EF2-0E70-4123-BB36-8D9BE61D9C47}
2013-10-14 21:41 - 2013-08-01 22:45 - 00000000 ____D C:\Users\Jens aaaaaaaa\Documents\My Digital Editions
2013-10-14 20:55 - 2013-10-14 20:55 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{E12D723F-617A-4EBF-AD5F-05E823034C5E}
2013-10-13 23:00 - 2013-07-29 22:39 - 00000000 ____D C:\Windows\tmp
2013-10-13 22:45 - 2013-07-29 22:39 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\Kobo
2013-10-13 22:44 - 2013-07-29 22:39 - 00001001 _____ C:\Users\Public\Desktop\Kobo.lnk
2013-10-13 22:44 - 2013-07-29 22:39 - 00000000 ____D C:\Program Files (x86)\Kobo
2013-10-13 22:38 - 2013-10-13 22:38 - 00001520 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (5).acsm
2013-10-13 22:38 - 2013-10-13 22:38 - 00001514 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (4).acsm
2013-10-13 22:07 - 2013-10-13 22:07 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{31E29715-CAFE-423C-9636-98032B237242}
2013-10-13 21:37 - 2013-01-10 22:11 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-13 21:37 - 2013-01-10 22:11 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-13 09:04 - 2013-10-13 09:04 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{75C7BA22-5E61-4705-8F1C-49098BA7A209}
2013-10-12 21:03 - 2013-10-12 21:03 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{1DF6946D-B657-4E09-8020-9CAFBBF989A5}
2013-10-12 09:03 - 2013-10-12 09:03 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{07A91E5F-D90B-4E7A-85D3-1F5384DC35D1}
2013-10-11 12:01 - 2013-10-11 12:00 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{C0C3F775-3509-405B-8D6B-1EBFC643DA9E}
2013-10-10 20:02 - 2013-10-10 20:02 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{7C96C415-BA63-40E2-823F-6A7CEE78EF35}
2013-10-10 18:59 - 2012-04-29 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 18:59 - 2012-04-29 22:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 18:59 - 2011-12-27 15:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 21:42 - 2009-07-14 06:45 - 00370216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 21:39 - 2012-05-11 17:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 07:22 - 2012-05-11 17:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 07:22 - 2011-02-11 12:22 - 01591930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 07:20 - 2013-08-01 17:59 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 07:18 - 2011-12-30 16:29 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 06:56 - 2013-10-09 06:56 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{D8EAC539-51AA-46A1-9CB8-CCEC48146729}
2013-10-08 23:42 - 2013-10-08 23:42 - 00171520 _____ C:\Users\Jens aaaaaaaa\Downloads\Reibung_zw_festen_Stoffen.pps
2013-10-08 16:46 - 2013-10-08 16:46 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{676E4413-F15F-45A8-A11D-7C83E0C0F739}
2013-10-07 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-07 17:54 - 2013-10-07 17:53 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{AF546ADC-CA6C-4EE8-9783-6513EDA0F68D}
2013-10-06 23:05 - 2013-10-06 23:04 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{BAAC30EC-59EC-4709-BD34-15F22FBAED10}
2013-10-06 01:07 - 2012-01-05 23:23 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\SoftGrid Client
2013-10-05 23:52 - 2013-10-05 23:52 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{D1696466-7CD1-40F7-B648-D5699E5A8D05}
2013-10-04 21:35 - 2013-10-04 21:34 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{78B83DB9-5279-4B8E-B81D-F3F114786F99}
2013-10-04 09:28 - 2013-10-04 09:27 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{FAB7CFFD-7BCA-4BD9-B710-BE163AED3AC5}
2013-10-03 16:25 - 2013-10-03 16:25 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{1BE64BAE-F842-431B-A8A7-800491F00370}
2013-10-02 20:52 - 2013-10-02 20:52 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{C0A6576F-EE4A-4AAD-8FD8-3DF5678E117F}
2013-09-23 01:28 - 2013-10-09 07:24 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-09 07:24 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-09 07:24 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 05:38 - 2013-10-09 07:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-09 07:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-09 07:24 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-09 07:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-17 04:49 - 2013-09-17 04:49 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\{9827D96C-32C2-49BA-9C3A-915A25560047}
Files to move or delete:
====================
C:\Users\Jens aaaaaaaa\APP_IO_WXP_VSTA_W7_A02_Setup-7W7T4_ZPE.exe
C:\Users\Jens aaaaaaaa\CONEXANT_D400-USB-MODEM_DPP14_A00_SETUP_ZPE.exe
C:\Users\Jens aaaaaaaa\CONEXANT_D400-USB-MODEM_J6N4K_A02_SETUP_ZPE.exe
C:\Users\Jens aaaaaaaa\CW1394A0.exe
C:\Users\Jens aaaaaaaa\DELL_MOBILE-BROADBAND-MANAGE_A08_R291705.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5540-HSPA-MINI_A11_R287094.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5550-HSPA-MINI_A03_R298995.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5550-HSPA-MINI_A03_R298998.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5620-EVDO-HSPA_A09_R292028.exe
C:\Users\Jens aaaaaaaa\L502X_A__06.exe
C:\Users\Jens aaaaaaaa\R261284.exe
C:\Users\Jens aaaaaaaa\R293038.exe
C:\Users\Jens aaaaaaaa\R296901.exe
C:\Users\Jens aaaaaaaa\R304505.exe
C:\Users\Jens aaaaaaaa\R304507.exe
Some content of TEMP:
====================
C:\Users\Jens aaaaaaaa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jens aaaaaaaa\AppData\Local\Temp\ICReinstall_ZipExtractorSetup (1).exe
C:\Users\Jens aaaaaaaa\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-03 00:00
==================== End Of Log ============================
|
|
17.10.2013, 20:52
| #4 |
| | WIN7: Avira meldet Fund tr/agent.143516.1 ...und nun GMER Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-17 20:08:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.01.0 698,64GB
Running: t12w38sn.exe; Driver: C:\Users\JENSVA~1\AppData\Local\Temp\awldrfog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800039ac000 52 bytes [FF, FF, FF, FF, FF, FF, FF, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 582 fffff800039ac036 27 bytes [FF, FF, FF, FF, FF, FF, FF, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1512] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2140] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2140] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2536] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2536] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3396] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3396] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\dxgi.dll!CreateDXGIFactory 000007fef659dc88 5 bytes JMP 000007fff65700d8
.text C:\Windows\system32\Dwm.exe[2504] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1 000007fef659de10 5 bytes JMP 000007fff6570110
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3068] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4116] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4376] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4480] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4512] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Windows\System32\igfxpers.exe[4544] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4656] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4680] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4760] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4852] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe[4960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[1688] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe[4868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe[4036] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe[4336] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5204] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe[5220] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[5380] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[5496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe[5928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [5928] entry point in ".rdata" section 000000006db171e6
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Windows\system32\wbem\unsecapp.exe[5256] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[2604] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[2604] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[2604] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[2604] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[2604] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[2604] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Dell\Stage Remote\DMR.exe[2076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe[504] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe[7664] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 000000007782efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 00000000778599b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000778694d0 5 bytes JMP 000000016fff0180
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 0000000077869640 5 bytes JMP 000000016fff0110
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 000000007788a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefdb92db0 5 bytes JMP 000007fffdb80180
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefdb937d0 7 bytes JMP 000007fffdb800d8
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefdb98ef0 6 bytes JMP 000007fffdb80148
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefdbaaf60 5 bytes JMP 000007fffdb80110
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe7d89e0 8 bytes JMP 000007fffdb801f0
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe7dbe40 8 bytes JMP 000007fffdb801b8
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefdf07490 11 bytes JMP 000007fffdb80228
.text C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe[8976] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefdf1bf00 7 bytes JMP 000007fffdb80260
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[5428] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 00000000756fcfca 5 bytes JMP 00000001537a46b0
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[5428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[5428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 00000000756fcfca 5 bytes JMP 00000001537a46b0
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[2544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 00000000756fcfca 5 bytes JMP 00000001537a46b0
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe[8672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764213e1 7 bytes JMP 000000016f22128f
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007643b1d3 5 bytes JMP 000000016f22159b
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000764b88b4 7 bytes JMP 000000016f221339
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 00000000764b8939 5 bytes JMP 000000016f2216b8
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 00000000764b8c8f 5 bytes JMP 000000016f22101e
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000075a21d1b 5 bytes JMP 000000016f2211d1
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000075a21dc9 5 bytes JMP 000000016f221019
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075a22aa4 5 bytes JMP 000000016f22154b
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000075a22d0a 5 bytes JMP 000000016f221276
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075f8e9a2 5 bytes JMP 000000016f2215b4
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075f8ebdc 5 bytes JMP 000000016f22119a
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 00000000756fcfca 5 bytes JMP 00000001537a46b0
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 00000000760c5ea5 5 bytes JMP 000000016f2215e6
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000760f9d0b 5 bytes JMP 000000016f22122b
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076211465 2 bytes [21, 76]
.text C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe[9072] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762114bb 2 bytes [21, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3224:7472] 000007fefbbb2a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3224:7480] 000007feedded618
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3224:7520] 000007fef8ad5124
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{90D9FD20-D5CE-4195-9A15-FC19F43AA944}\Connection@Name isatap.{6DF51F4D-6E4A-47F5-852D-C7F8E53546AA}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{90D9FD20-D5CE-4195-9A15-FC19F43AA944}?\Device\{322762A7-15AC-44F7-BE29-778A8C6544E9}?\Device\{871BC2B7-62A8-4857-ABB3-EBFBAC5EC355}?\Device\{EF92A923-F597-4662-88AE-96FA8C58D7DF}?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{90D9FD20-D5CE-4195-9A15-FC19F43AA944}"?"{322762A7-15AC-44F7-BE29-778A8C6544E9}"?"{871BC2B7-62A8-4857-ABB3-EBFBAC5EC355}"?"{EF92A923-F597-4662-88AE-96FA8C58D7DF}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{90D9FD20-D5CE-4195-9A15-FC19F43AA944}?\Device\TCPIP6TUNNEL_{322762A7-15AC-44F7-BE29-778A8C6544E9}?\Device\TCPIP6TUNNEL_{871BC2B7-62A8-4857-ABB3-EBFBAC5EC355}?\Device\TCPIP6TUNNEL_{EF92A923-F597-4662-88AE-96FA8C58D7DF}?
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{90D9FD20-D5CE-4195-9A15-FC19F43AA944}@InterfaceName isatap.{6DF51F4D-6E4A-47F5-852D-C7F8E53546AA}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{90D9FD20-D5CE-4195-9A15-FC19F43AA944}@ReusableType 0
---- EOF - GMER 2.1 ----
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 17. Oktober 2013 14:08
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : DELL-XPS502_JV
Versionsinformationen:
BUILD.DAT : 13.0.0.4052 55009 Bytes 29.08.2013 17:56:00
AVSCAN.EXE : 13.6.20.2100 639032 Bytes 05.09.2013 16:52:36
AVSCANRC.DLL : 13.6.20.2174 63032 Bytes 05.09.2013 16:52:37
LUKE.DLL : 13.6.20.2174 65080 Bytes 05.09.2013 16:53:02
AVSCPLR.DLL : 13.6.20.2174 92216 Bytes 05.09.2013 16:52:37
AVREG.DLL : 13.6.20.2174 250424 Bytes 05.09.2013 16:52:36
avlode.dll : 13.6.20.2174 497720 Bytes 05.09.2013 16:52:34
avlode.rdf : 13.0.1.42 26846 Bytes 28.08.2013 17:50:24
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 19:16:08
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 15:42:58
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 16:24:17
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 13:07:44
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 15:19:47
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 20:34:59
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 09:55:16
VBASE007.VDF : 7.11.103.231 2048 Bytes 24.09.2013 09:55:16
VBASE008.VDF : 7.11.103.232 2048 Bytes 24.09.2013 09:55:16
VBASE009.VDF : 7.11.103.233 2048 Bytes 24.09.2013 09:55:16
VBASE010.VDF : 7.11.103.234 2048 Bytes 24.09.2013 09:55:16
VBASE011.VDF : 7.11.103.235 2048 Bytes 24.09.2013 09:55:16
VBASE012.VDF : 7.11.103.236 2048 Bytes 24.09.2013 09:55:16
VBASE013.VDF : 7.11.103.237 2048 Bytes 24.09.2013 09:55:16
VBASE014.VDF : 7.11.104.123 282112 Bytes 26.09.2013 09:55:17
VBASE015.VDF : 7.11.104.237 359424 Bytes 28.09.2013 09:55:17
VBASE016.VDF : 7.11.105.103 195072 Bytes 02.10.2013 09:55:18
VBASE017.VDF : 7.11.105.243 571904 Bytes 07.10.2013 05:27:29
VBASE018.VDF : 7.11.106.91 185856 Bytes 08.10.2013 20:24:50
VBASE019.VDF : 7.11.106.167 183296 Bytes 09.10.2013 19:40:10
VBASE020.VDF : 7.11.107.5 236544 Bytes 11.10.2013 10:51:36
VBASE021.VDF : 7.11.107.85 178688 Bytes 13.10.2013 11:26:51
VBASE022.VDF : 7.11.107.163 276992 Bytes 15.10.2013 16:36:12
VBASE023.VDF : 7.11.107.164 2048 Bytes 15.10.2013 16:36:12
VBASE024.VDF : 7.11.107.165 2048 Bytes 15.10.2013 16:36:12
VBASE025.VDF : 7.11.107.166 2048 Bytes 15.10.2013 16:36:12
VBASE026.VDF : 7.11.107.167 2048 Bytes 15.10.2013 16:36:12
VBASE027.VDF : 7.11.107.168 2048 Bytes 15.10.2013 16:36:12
VBASE028.VDF : 7.11.107.169 2048 Bytes 15.10.2013 16:36:12
VBASE029.VDF : 7.11.107.170 2048 Bytes 15.10.2013 16:36:12
VBASE030.VDF : 7.11.107.171 2048 Bytes 15.10.2013 16:36:13
VBASE031.VDF : 7.11.108.10 295936 Bytes 16.10.2013 04:29:29
Engineversion : 8.2.12.130
AEVDF.DLL : 8.1.3.4 102774 Bytes 13.06.2013 15:30:47
AESCRIPT.DLL : 8.1.4.156 516478 Bytes 10.10.2013 16:00:05
AESCN.DLL : 8.1.10.4 131446 Bytes 26.03.2013 17:54:43
AESBX.DLL : 8.2.16.26 1245560 Bytes 23.08.2013 11:45:57
AERDL.DLL : 8.2.0.128 688504 Bytes 13.06.2013 15:30:46
AEPACK.DLL : 8.3.3.4 758136 Bytes 16.10.2013 19:14:59
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 08.08.2013 16:47:00
AEHEUR.DLL : 8.1.4.676 6201722 Bytes 02.10.2013 17:44:53
AEHELP.DLL : 8.1.27.6 266617 Bytes 27.08.2013 17:02:31
AEGEN.DLL : 8.1.7.14 446839 Bytes 06.09.2013 13:10:47
AEEXP.DLL : 8.4.1.84 344439 Bytes 10.10.2013 16:00:05
AEEMU.DLL : 8.1.3.2 393587 Bytes 19.09.2012 13:42:55
AECORE.DLL : 8.1.32.0 201081 Bytes 23.08.2013 11:45:51
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 17:19:07
AVWINLL.DLL : 13.6.20.2174 23608 Bytes 05.09.2013 16:52:26
AVPREF.DLL : 13.6.20.2174 48184 Bytes 05.09.2013 16:52:35
AVREP.DLL : 13.6.20.2174 175672 Bytes 05.09.2013 16:52:36
AVARKT.DLL : 13.6.20.2174 258104 Bytes 05.09.2013 16:52:30
AVEVTLOG.DLL : 13.6.20.2174 165432 Bytes 05.09.2013 16:52:32
SQLITE3.DLL : 3.7.0.1 397088 Bytes 19.09.2012 17:17:40
AVSMTP.DLL : 13.6.20.2174 60472 Bytes 05.09.2013 16:52:37
NETNT.DLL : 13.6.20.2174 13368 Bytes 05.09.2013 16:53:02
RCIMAGE.DLL : 13.6.20.2174 4786744 Bytes 05.09.2013 16:52:26
RCTEXT.DLL : 13.6.20.2174 68152 Bytes 05.09.2013 16:52:26
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, Q:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Donnerstag, 17. Oktober 2013 14:08
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
c:\program files\my dell\pcdsrvc_x64.pkms
[HINWEIS] Der Registrierungseintrag ist nicht sichtbar.
HKEY_LOCAL_MACHINE\Software\PC-Doctor\PC-Doctor for Windows\Toolbar\Badge
[HINWEIS] Der Registrierungseintrag ist nicht sichtbar.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'AERTSr64.exe' - '8' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTHSAmpPalService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTHSSecurityMgr.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOBuAgent.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'PassThruSvr.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftservice.EXE' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWinSec.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '174' Modul(e) wurden durchsucht
Durchsuche Prozess 'TOASTER.EXE' - '124' Modul(e) wurden durchsucht
Durchsuche Prozess 'STSERVICE.EXE' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkNGUI64.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxtray.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'FF_Protection.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'iFrmewrk.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'DSUpd.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'quickset.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'StageRemote.exe' - '145' Modul(e) wurden durchsucht
Durchsuche Prozess 'stage_primary.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'WirelessManager.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'StageRemoteService.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'WebcamDell2.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOBuClient.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'taxaktuell.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'RoxioBurnLauncher.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'accuweather.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'htcUPCTLoader.exe' - '139' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'Roxio Burn.exe' - '135' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPHelper.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'stage_secondary.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'DMR.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'IELowutil.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'wlmail.exe' - '229' Modul(e) wurden durchsucht
Durchsuche Prozess 'wlcomm.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'SyncUP.exe' - '279' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Nero.AndroidServer.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'NASvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '32' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3583' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <OS>
C:\Users\Jens aaaaaaa\AppData\Local\Microsoft\Windows Live Mail\Gmx (winnie c18\Deleted Items\5FEE25EA-00000ACB.eml
[0] Archivtyp: MIME
--> 13.08.2013 Jens aaaaaaa abgewiesene Banklastschrift.zip
[1] Archivtyp: ZIP
--> 13.08.2013 Jens aaaaaaa stornierte Rechnung.zip
[2] Archivtyp: ZIP
--> Jens aaaaaaa abgewiesene Lastschrift vom 13.08.2013.com
[FUND] Ist das Trojanische Pferd TR/Agent.143516.1
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
Beginne mit der Suche in 'Q:\'
Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden!
Systemfehler [5]: Zugriff verweigert
Beginne mit der Desinfektion:
C:\Users\Jens aaaaaaa\AppData\Local\Microsoft\Windows Live Mail\Gmx (winnie c18\Deleted Items\5FEE25EA-00000ACB.eml
[FUND] Ist das Trojanische Pferd TR/Agent.143516.1
[WARNUNG] Die Datei wurde ignoriert.
Ende des Suchlaufs: Donnerstag, 17. Oktober 2013 19:40
Benötigte Zeit: 1:34:44 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
31095 Verzeichnisse wurden überprüft
920901 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
920900 Dateien ohne Befall
47638 Archive wurden durchsucht
2 Warnungen
2 Hinweise
1176592 Objekte wurden beim Rootkitscan durchsucht
2 Versteckte Objekte wurden gefunden
|
|
18.10.2013, 15:00
| #5 |
| /// the machine /// TB-Ausbilder | WIN7: Avira meldet Fund tr/agent.143516.1 Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.10.2013, 20:01
| #6 |
| | WIN7: Avira meldet Fund tr/agent.143516.1 Hallo Schrauber, vielen Dank für deine Hilfe, Habe deine Anweisung befolgt und nun die Logs (wieder in zwei Postings, weil zu groß: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.18.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 Jens aaaaaaaa :: DELL-XPS502_JV [Administrator] 18.10.2013 20:20:25 mbam-log-2013-10-18 (20-20-25).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 228965 Laufzeit: 4 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 10 HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Doko-Toolbar (PUP.Optional.DokoToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Doko-Toolbar (PUP.Optional.DokoToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 1O1M1K1L2X1M1G1K1U -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 8 C:\Users\Jens aaaaaaaa\AppData\Roaming\DigitalSite\UpdateProc (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BonanzaDealsLive\Update\Log (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 17 C:\Users\Jens aaaaaaaa\AppData\Local\Temp\ICReinstall_ZipExtractorSetup (1).exe (PUP.Optional.Installcore) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe (PUP.Optional.Installcore) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\0503195D-BAB0-7891-A2A5-B26CA7FB1EAC\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\0503195D-BAB0-7891-A2A5-B26CA7FB1EAC\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\0503195D-BAB0-7891-A2A5-B26CA7FB1EAC\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\0503195D-BAB0-7891-A2A5-B26CA7FB1EAC\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\0503195D-BAB0-7891-A2A5-B26CA7FB1EAC\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\0503195D-BAB0-7891-A2A5-B26CA7FB1EAC\Latest\MyDokoTB.exe (PUP.Optional.DokoToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\0503195D-BAB0-7891-A2A5-B26CA7FB1EAC\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\is1590112554\20335074_stp\DokoTB.exe (PUP.Optional.PCFixSpeed.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\is1590112554\20335095_stp\rcpsetup_adppi_adppi.exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Local\Temp\is1590112554\20335252_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\Downloads\ZipExtractorSetup (1).exe (PUP.Optional.Installcore) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\Downloads\ZipExtractorSetup.exe (PUP.Optional.Installcore) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Roaming\DigitalSite\UpdateProc\config.dat (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Jens aaaaaaaa\AppData\Roaming\DigitalSite\UpdateProc\prod.dat (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.008 - Bericht erstellt am 18/10/2013 um 20:38:53
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Jens aaaaaa - DELL-XPS502_JV
# Gestartet von : C:\Users\Jens aaaaaa\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Users\Jens aaaaaa\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Jens aaaaaa\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Jens aaaaaa\AppData\Roaming\Systweak
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\Tasks\digitalsite.job
Datei Gelöscht : C:\Windows\System32\Tasks\digitalsite
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\92db8ce53de545
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Google Chrome v
[ Datei : C:\Users\Jens aaaaaa\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2480 octets] - [18/10/2013 20:33:33]
AdwCleaner[S0].txt - [2129 octets] - [18/10/2013 20:38:53]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2189 octets] ##########
|
|
18.10.2013, 20:04
| #7 |
| | WIN7: Avira meldet Fund tr/agent.143516.1 ...und nun der zweite Teil: JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Jens aaaaaaaa on 18.10.2013 at 20:46:41,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1320315719-3326968574-895728413-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0021309D-F51D-4C94-AD1D-B4DC27E618A0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0024D0FC-2585-4400-9C47-F94C651B70FE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{005DD54F-94F6-4D8C-A3BD-A203438EF09B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{012ABFBB-DDA5-4BFA-B45D-F027E7565D9B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{018AA3BF-4547-457B-974C-756FBCC4D16D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{01B69FE5-1E99-432C-8293-35C756EC4447}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{01EC5C4B-A550-4B88-B7B4-51A5B1E5A1F9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{02211E5E-9821-4744-B19B-CFA7FC88DACB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{02420E77-8487-49A3-938D-945E6A0C3E24}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{026AC017-692C-451E-934E-B081C5E118C0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{028D851C-6BE5-43A1-B8DA-0375EC18817B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{03239E41-1D79-4406-A2D5-3F5281A9FE75}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0346401E-52A8-4FD5-A20F-80647F56AFC0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0442A4C8-2209-4376-AF5C-654167EFC7AB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{04A025AE-F2BC-4498-9BDD-FBB2FEEEF852}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{04A616B5-9DD7-46EB-ADD5-B6081416C7A6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{04AC2648-F1AE-42EF-91CB-9CABB54F5F8E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{04B3D4A9-B82E-4265-A4D2-69407820B622}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{04D3FC55-CB98-497D-A8A8-C7C1B83AED98}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{04ED77F0-3536-452D-8043-0290A415F3B2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{04FC098B-5349-470B-8180-CCE3F3B1D19A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{050B48D3-27D7-4096-9A30-E9D556ACF5C4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0534466B-EE68-49C5-8BB8-86C65531CB94}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{054DB357-699F-4205-BEDB-ACB992CDCF87}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{05559F87-D83C-406E-A381-B0AE5896C6EC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{055EB5EB-C1CC-4E0E-BCCE-2201A21B0A63}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{05BD1754-11C9-407A-98AC-5B8263822E60}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0632F474-D6A2-45D6-B982-CD1130EBAC5D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0672694E-AE16-49D7-A8D0-857E17318DCC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0735D578-6A10-4CEA-B245-1E37644DE6A7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{07A91E5F-D90B-4E7A-85D3-1F5384DC35D1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{07B1A710-3600-431B-884D-65B38806452F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{07C4FD97-54D2-4DDC-B9CB-330C0E19DEC2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{086DCBE1-9CB0-49EF-94A4-744E39EEA28E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{08839654-8A6C-4813-B071-83980B5DEF22}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{08A9D225-D59D-44E9-835A-A2A5D1B79D28}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0981FDB4-B307-4809-8286-4678B8AF8577}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{09AEBBFB-D61F-4E40-869B-65739CAF6379}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{09C61739-614A-4541-8692-C8252B59B3D2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{09D1D381-0B43-4489-9238-01C634D5D97C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0ACF6168-D2A9-4C8F-B70E-531EDC43D1E6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0ADE9DBB-636D-4FC8-B2FF-63B6EF13AAED}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0B3B7B51-6A77-49DB-99E8-7A96A124C0CE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0B9CAC83-9CCD-4F9C-8124-68CBECA75DB9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0BA8AA70-77A3-4B43-AC37-CEB2CB2BF855}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0BC0E148-42A5-4EC0-9C82-4862E8C2393B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0C21568C-D907-44DB-87F0-6B7E67E04BEA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0C45F6A8-A8C8-4D79-A726-CF8EACE74124}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0C8AA368-953A-4A36-831B-8F9DBB70D852}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0CEB0F40-4714-43A1-ACF0-4FA6E6483AE9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0D0459A6-4449-491D-8BEB-E0FDBCF7DF6B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0D384E71-6233-409E-AF92-47E25E1214C0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0DD90DDB-6F90-40C6-9AB0-8A7CF7A0240C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0DE6047D-8998-4077-9900-095F9A0EA285}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0DEB5E54-9479-4047-B5EF-007B972DF8AD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0E6ED12A-7862-44FD-8B47-95B02FDB2C62}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0E7608F4-43B0-46A7-8E13-06B957E8AD7A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0ED64BD2-E60D-4F8B-AB14-864C02A90B94}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0F012A0B-CC94-42FE-913A-646D7EFE24FA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0F61EB57-CD00-40A4-83CD-EE21083DADF2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0FAA5F5E-6822-4787-921C-B4DAF3B323F6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0FC93C92-5D4E-402B-A0E6-E58FBCEAFC26}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0FC9408A-4DC5-48F7-8542-96FB0E5AE2B2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{0FD460BD-6DAE-4550-96A0-C470F7BE04C2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1025C9C0-830F-416D-93E4-F94013BBA86E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{107A2A35-769E-4F76-BECD-4ADA7E6B8063}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{111C7EF0-E2DD-438C-BD06-9376AA215662}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1124F04E-A6F4-4A0F-B3DD-50E4217381F9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{118546C9-8A73-4E50-9E2F-FA1E68789716}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{11BDD084-88C5-4636-95C4-25A26407EF6E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{11C852D3-3F52-4A37-9669-F6CC616A5BD5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{11EAEA11-6776-460B-942B-005711961B7D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{129B98F7-4C73-4D1F-8869-856892D236FA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{12B134FC-303B-435B-B1BC-45257F89B0E4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{12BE30D7-FBD0-459C-9559-0B7E39772B08}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{132A1BB5-5C6B-4EA5-B0C5-9492957FF9DB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{133C4EDD-1DCF-4636-A1B0-13396F56129D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{134F2977-A9C2-4CAB-9A90-2B04A7AE0BF3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{147E3A64-6448-467D-837D-0E922137CA91}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{14DA7F92-2F06-4222-97AB-9C122728D030}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{14F19B06-91E5-473B-B018-8EBD0612D93D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1504F108-612B-480A-9E80-0712000A186D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{155E8152-EA2B-4942-B49E-75E46BCB83B5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1572F924-36DB-4718-B80B-A64E23B41DF8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{15C77CEA-BF20-4EBA-A492-8C4DF59A3C5A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{15D043E1-5B87-4F5B-B6D2-3F3E5F8BE16C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{15EB67E5-D080-4709-9CD5-FF1664E338E7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{15FC539C-774B-40AD-94F7-80C7B2F02D7F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{163A02EF-AB14-491D-AE77-A5FD1E85A3A7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1682501B-C975-4DF6-9140-2F204CD28143}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{16E7E9CD-C929-44C0-83CE-8A9BE9FA2D07}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{16EFED0E-9FFA-4F06-925B-E6573B2A9BC6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1702645D-1037-4ADB-BB98-AE798441329A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{175196DE-276C-47DA-9A4A-4FA75182BB0E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1841D9DE-39E7-440C-8377-66EE7C72BA9B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{18852F23-4437-4621-978B-019CEE3D7E75}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1886CBBC-4DCB-40C6-82E7-2D5DFE9A4A80}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{189BAC47-08CE-49E6-98B3-9550098A37EE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{18CEE1C2-F3AC-44A2-A4E4-EE09E36640E5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{19627EC5-E0A0-412E-BE52-1C5434D3A438}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{19847D05-F540-4390-9449-FFB2A7FD8D7A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1999188B-A884-487A-866F-DACDDB924AF4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1A5257A6-2D10-4C52-A8A5-821B45B27723}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1A5E36B0-6225-4B0E-B2B4-6FB7CF77CE3A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1A9771FC-040A-4721-BBBB-397F0A05DB7A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1AE319B3-4F2B-41CF-B8E3-A527D3CA8467}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1AEF9287-FA6C-4EA1-AD77-166237E4C9BD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1B12509C-0DA9-49EA-A920-BCD72E36F0EA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1B4A4DCE-1FAC-4E9D-924F-F30C88FCF183}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1B5F5AA0-E02A-465B-8433-86A4688D1702}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1BAAB8E0-0320-43B8-A31A-745E7BE59F11}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1BE64BAE-F842-431B-A8A7-800491F00370}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1BF98522-EB23-4107-A547-2800ED91F1B8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1BFAA83B-E9BF-45E9-BAF8-CA0605CD1B21}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1C160435-4501-411D-AC68-A364B650B5BA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1C33AF2E-2CC4-4373-90EE-3F3BCF490659}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1C5F9A16-5BBB-4271-8A0A-95CF0EF6801D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1C6F1F48-5A00-4D75-AEB4-FAE373266FA0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1C83BA2D-79FA-49D7-B2D6-C46E0F5D2B67}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1C932560-DFF1-421F-B52E-2F27E4FCF377}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1CB661A3-FDF4-4692-ACB7-0F0B861DC22C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1D029E2B-9B14-4D91-BF8C-4E6063AD6B38}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1D2B8FF0-C17F-4E9F-9C08-D411F40F176D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1DCC5E1D-093F-48DB-935C-EA67A7321A9C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1DE7E8CA-F0BD-4E85-AD48-ED98E853B1A1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1DF6946D-B657-4E09-8020-9CAFBBF989A5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1DF96EBD-5B48-4226-8AC2-2E8A38960930}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1DFE7145-9EDA-4F21-B8F1-5B5B91150F36}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1E04EB6B-35DD-4462-8334-3421FE3D1231}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1E1C1672-A7DA-4A65-97BE-A10ACD91B2BA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1E59AFCB-01D8-4FA4-AF04-AC3C991DD788}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1E5EE07A-4D59-4312-9F6C-B5E8C6408424}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1E5EEA71-C136-437A-82AD-CFBEE998506E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1E82BBC2-DEF5-4AE1-B309-1A8984C8A0C7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1EA9D8EE-B204-4168-B58F-7C4F8319E5F4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1EB6652D-8ED5-4609-9F7D-DFBA0E145925}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1F2AE1FB-B0A9-40AF-B74B-8A42ECDD220A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1F5D0165-17B3-4369-8060-C7F5E70AA304}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{1F8E159A-4731-46CE-B42D-9967139DE779}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{201811D1-905A-4617-BA42-9A051A809AED}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{20244CA6-A2A7-4D60-91C1-2DF34488F329}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2042DCC7-4187-4EB0-8ABF-E3C8E6358FCE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{204E11F9-D4FF-4902-9F1D-95BB68246CF9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2062156E-389B-4CD1-8F02-A78264C86F09}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{20623BAD-AF2F-4017-91EA-F36629D10943}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{20EA70A8-7424-47B5-80D1-67B3B75D17FB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{20FA54EB-C332-4D82-AF14-00B86914F16C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2106EC9D-4CB8-4EF4-A6CA-282CC08AF24C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{212A75F9-62A3-499E-BC61-A8AAF1CA04CF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{214CC528-0F6B-4088-9C73-FEF0048CBBB2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{21555464-3201-4E8F-9BB1-50E9367AE8F8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{215A3EB3-DCDD-4A03-834A-99F5CD0EC364}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2179049A-3B81-44E6-98BF-5C689F48B150}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{219230E3-72BE-4B16-A38B-0EF5C85C1F39}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{21B68641-B9BD-4216-8869-504ED2E1C0FC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{22C9D30A-5DB4-4154-80F6-06178CA4DEF6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{22D8BBED-7B96-44E1-A99C-60C4AD96B29F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{22E96B9C-75CE-4BA2-B77F-1CC4D029DC41}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{23D9EAAB-7FC3-40FD-888D-897BEE4DDB33}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{23FC1250-CB28-49B3-8AF1-26F677A207AD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{243570F1-B01C-459A-BA60-87728F280095}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{246AB982-3942-43BD-A4FA-940E64A8DD5A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{24B27FBB-70CB-45FB-80FF-916A327C7841}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{24BAE450-EBC1-4EE0-BFFC-A9E74A33E754}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{24C1A950-F188-4EA0-AB8F-16D844A740DC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{24CBBDF1-359C-4C83-9C47-95ACDB992098}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2536C311-9C5A-4403-8C0D-3CF17D46FDD3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2553D5B4-6C2E-4C28-AA5E-7A138791D758}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{25973940-4A67-4538-A88C-36D95C499D81}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{25C0A0C1-04EF-4AA9-A03B-C596FD92F158}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{25DAC453-2BCB-48AA-AFB5-93DF98DB28F9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{25F14F0F-7B60-4E02-AAB7-27C7BBA6A7DF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{26596EB5-5B1E-4BA7-BCD7-723720B6A678}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{26C6C7F6-D866-4721-AA8B-4E819A522FC2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2748CE36-6D84-4CE5-8812-15BF67A7118D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{276A2306-DE7E-4100-898C-C6F89EDA49DC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{276F6277-1570-46BF-BC8C-50B8CFE40AC0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{27A45607-4FBC-469C-B7BD-B3841E089502}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{286A582B-F4B8-4362-91BC-B510AE251963}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{289D215F-67FC-4A54-A885-767E1817637E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{28B6FC61-D71D-4851-AB92-598BFB50514C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{29183370-FFB4-43E4-AAE8-D8CA22938749}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{29186EF2-0E70-4123-BB36-8D9BE61D9C47}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{29AF1828-A839-4E27-9401-2BD71E77983D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{29B85E97-56BB-4315-B270-66BF79E29830}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{29CF9D95-F338-441C-9BEE-1556D3989485}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2A2C2174-9C74-4DC8-B8CD-F9230A286235}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2AA2A5A7-603E-48CE-9A4B-21856F521EC2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2B532884-3620-4A16-B103-10C3B82CFBAF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2BA871B8-FC75-4232-953C-70C7FD592E6B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2C058955-0835-441F-ACD4-E2A8A273FC8E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2C9212D2-0A87-4DCD-9FC2-F25B7DEAA17F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2C94C510-A5EF-43D9-AB31-637CDD1B1862}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2CBD6E53-11C0-45EC-9EDA-81853315FCF9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2CF4C5E7-F11E-42F9-B8F7-CAC67C42F92E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2D04DA99-10E8-454B-8ED9-39522B52B606}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2D1AA68A-0433-408A-A57D-833C43BD2568}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2DE0D5EB-2CFA-4DD5-B1FC-1AEED3BD1A17}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2DE974E0-CB8B-48DC-A1A1-3482B1B4B0E7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2DFAC30E-90CA-41B2-B7FA-246C289E275A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2DFB00ED-AEEA-4EFC-92C2-8152A149256F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2E65547A-BB90-4327-942B-D53E797BCAD3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2E845E6F-54D4-4F3E-A27B-50D0CB6991A7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2EA71C76-C74F-4BE1-ABC3-F7084400C7C1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2ECC70BF-A592-4791-80C1-40F21B7D6391}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2ED221D1-CD9F-47EF-9352-7D753B6DD62F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2F0EA7D2-93BF-4D94-91BB-B54C9E47BBF7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2F776712-7675-4DE7-A6A6-687EE9190D71}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2FAFAB0B-32F0-48DA-AE3D-3BDCB8D42EB2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{2FD95A5C-E0BF-49AE-BE33-FBFD25D737A0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3092752D-D74E-4CA6-8FFB-C0CC739385EB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{30C75F7B-37C3-47D3-97A0-A91A79900EE9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{30EC647A-AC9D-4556-A94D-5A1BE455B97A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{312AEDD4-EE8D-4FA8-A917-C7279899B12B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3133D354-B7EB-45F5-8857-C5915DB48847}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{317EA0C5-2F84-4F90-8989-42D5FB3C1C89}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{31E29715-CAFE-423C-9636-98032B237242}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{32340965-7EB8-48C2-9F60-FF076744AC87}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{325440B7-CA93-4514-AB64-CA6F261D5B6D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3305EC60-2624-4CD3-8063-3790C7E463BF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3333B0DC-86EF-4687-A872-A0D73445CC5C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{34093DCA-0C0F-4A51-B893-D05D16B184ED}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{344D70C7-2FBC-4348-AFC7-6A62A60DBE86}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{345B2080-EB92-4D49-8939-AEB7A2804416}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{348A7198-36E5-4579-A46E-2FD8BAC4F1EE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{350E8A7A-58DA-4CBC-A1BC-C9AF972C397D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3531094B-C0F1-41C3-82AE-2339B3647ABD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{35B0E0EB-5F65-468F-B219-14FB48767770}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{35F49F14-853B-47F8-A16F-15ACD0FF6501}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{36396D8A-65ED-4D2B-9A68-582ABDC8CA52}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3654AE74-2BF7-417B-8530-83634340E4D8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{365A29B8-EB76-4C64-BC81-1186C21DD70F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{36605112-0E37-4FF5-B0B0-CD064EFB87E1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{36635549-7F64-436E-8BD5-9276A022825E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{368C98E6-E363-47A7-8C1D-30FC63B5C5F7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{369D761B-4C64-4DD0-AD34-D5841DAC713D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{36E73E2E-CD9B-40C6-ABD8-5E86D5AABCC4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3703DB2A-C870-43AF-8A1E-549598AC801B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3711AE09-01B3-44CE-A271-838D2F42A98D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3789B8DE-0E18-4287-8F4A-E7D8FBFB5BF2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{37BFF400-7017-429C-871A-6D24874EC938}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{37CD9A2C-07BA-49A3-8CE9-C4792C93B88E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{380D6779-A99A-4A8D-A921-F679CA069E9E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3812CA88-3655-46AF-B57F-50B89339E1CD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{383FEAF8-7D0A-462E-AFC7-20895B739A1E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{38421614-E9A4-4395-9EB1-335BC6C7CF3A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{384F90DD-0EA1-4013-988F-9F65B44C6C28}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{38692E43-BB66-40D6-B9F6-0147F08334A1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3869F83D-FD4E-4816-A28A-1DF9A9532BD9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3899B33F-E5D9-4D62-A611-F01EDBF1C85D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{38E96A82-47F1-4820-8AB8-6ED6998C297E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{393710FB-CF41-414B-9117-267903B77C19}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3967E942-2B9C-44F5-A965-67C53EC26985}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3A610C7E-266B-4A2D-9745-D5447CBCAE83}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3A87AF43-9235-4428-9A5E-D8C6F7750709}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3A892065-AB76-404C-B8E7-E94A2F0EBC4A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3AB70E6C-84EE-4E26-A75D-BA985DB39F97}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3AD5D09D-14F0-4460-B70D-EAE05926CE31}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3BB8AA4B-B4BE-4D03-897C-DFC54007E07D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3BF5DFC9-C9DB-4BF1-89B5-BC3850337332}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3C93130C-CD0D-4973-B771-E5A40458A678}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3CC0B0CE-CBB6-4139-91A3-64AE2A790D82}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3CF4E999-38FA-496F-90F5-F711FF4A213F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3D1EB925-AF93-4C3F-A5BC-7ACAE1130C13}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3D22655A-5801-4A2F-A30B-E5B8732B6965}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3D45D899-7611-4F11-B8C4-78FBAB6C7B68}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3D84FF55-D2BB-4A37-B1DC-DBF2468F82D1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3DB7BE03-C5B2-46CF-8A66-D6BBA026B43D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3E0F46C1-247E-4004-9937-93FB98E14D03}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3E787589-BB1A-428F-82D2-86A2F8D56731}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3EA31140-03B0-48A7-982B-15763B1B1A72}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3F366C68-B1D1-4120-9866-F39C29C73C27}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3F50BBBC-1A9D-41D9-B1CE-C0C715FDA454}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3F71E827-7DB0-4820-AC74-66CBA4B5A3FD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{3F9AB1EA-46CE-42EA-9C9B-F556E1908C7B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4016E193-BD62-45F1-8984-A3F42B87B120}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{40AFFA75-27A8-4F0E-AD93-B9C17A6C8070}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{40C64929-A827-49C6-83EC-05DCEC8D0A1E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{40EC60D5-0A2B-4215-A432-D7431DD64B1A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{411EDCE4-8DFD-4963-BA1B-AC726C2B1CD1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{41473961-FCB0-4AD5-ABFC-145A1FF04DEF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4170DAA8-7E7D-4F48-9D33-4217A365987B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4192426B-58D7-4185-A951-961FA96B6527}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{41A558D7-FEA0-4AA1-A09B-B8EFF5E43F53}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{41A6E343-EFA7-4C47-AC29-6F24ADD76097}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{41E65BFF-6D78-41F7-B58E-343D1E19EABC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{421A70D7-E3D8-4694-AB9C-FD3562D43079}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{42287909-E4DE-4C7A-A13C-CF45486F9C10}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{422BC7D2-0DCB-467C-AAE1-1B7AAD2EFB09}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4263DA3B-0D44-4A2F-9EF8-A8A604121515}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{43021E45-4CDC-4ECF-9976-56EFFA9EFEBA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{43127638-080B-4C4A-B35C-5ED8E00B5E87}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{433BB781-ACEC-4B10-9301-2E70149F5150}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{43DC63FF-9203-4411-BD5C-3020B6DAC021}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{43E804B5-B919-4B35-A607-C7A842D60161}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{43FA7F91-AF22-4AFC-8780-FE6582D91F7D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{44107590-010D-47E1-A196-2F676AA701AF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{44183701-F51C-4CA5-9E00-6F00F67934D6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4427270E-1804-49D3-8BEE-80213BA84842}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4450F3E0-181C-48E8-ABE7-6937786F2608}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{446E9477-6F13-4D38-A54C-3D398D44ADDF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{44B95918-71BD-4D3E-A26F-FED7A130CC46}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{44E18C97-62C7-412F-B82E-BEE9FAB5D864}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{44E34883-3821-4076-92AF-A3782D15CF5C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{44E7D6C3-223B-475D-820A-EEC37EBD5BFD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{45018D1B-BCB4-4FFD-8FEC-BF049210C815}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{45158D6B-2BCD-4F4D-B489-FB0498E56981}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4575E621-8E84-44ED-9880-7A8B126E4320}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{45C3A68E-1335-441C-8588-FEEB2502A54C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{45F25545-EEC3-41D8-8E00-279E978C1272}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{464417A2-7853-4AD7-A3E9-C992FD1905C2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4651CB0E-7346-469A-89B3-177740D87064}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{46A00BAE-7854-407F-9482-09708A4E6081}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{46B45AD4-396E-43A6-BB75-E4AB20FDA757}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{46DE4123-282A-4083-A96D-BA702428B3F4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{46E0AFB5-C4F8-401A-BAB8-F94889971426}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{46E712FC-F15B-4D0F-AB97-7FD71D3AAE63}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{470DE06B-37C2-4C3C-9216-2DF3C46D8DBB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4747B8ED-A91C-41D0-818F-D06765DE1019}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{47577389-6274-4463-A287-57C96AE0C34C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{475D2D89-200D-4F7F-BCF1-90B363C8219F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{475EC9D5-1ECA-47E3-B28D-8D8123A03813}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{47A59CA4-116C-42C2-8F0E-3FD56CEF5F88}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{47ED3906-FFB2-4969-9970-3FADAE66484F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{48037B5D-CD12-4FD4-81DE-283B59E2445C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{48EA71F1-48CF-4B9E-AEDD-D007D0ACC60E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{48FAD066-1083-48AC-A19E-E5373937F653}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4948B166-4A7C-470B-B758-5380BC4D1BB6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{499859B8-30E7-4C00-9B3D-6562A7B5968E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{499E540F-6E18-41DB-9B91-92D6BB579919}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{49C53842-F270-498F-8736-6D011479EAAE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4A0278DD-FC2C-45E1-BEB3-3ED3AE3B927A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4A088E61-13C7-417D-B0FE-818CFFB1DBDB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4B076EFF-37DF-4A85-A711-CB118A9D0560}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4B17F532-B97D-41AB-BA57-8B79E3F6C1D1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4B1A4E66-814C-489F-826F-AEE3009ADE07}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4B2514A8-3D90-49CC-9C27-5B2361E3C5FC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4B363580-1DE9-428B-B88F-F2EC4A48DFDB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4B5C19E7-CE32-42CB-8371-DB69F2EF4A6F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4B9C989E-03D5-4E1F-AB58-2DA2D659ADB0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4BE03B33-75CE-499B-A935-AE7BE7ED9145}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4BFA9188-F15F-4C8C-85F5-6C19A34047A1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4C07B5B8-5665-4F56-9537-C5F64BEB9526}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4C6B6D58-32EA-4548-B3C0-34FAE0B9283E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4C8158EA-EDF3-418C-A265-29570A3CA540}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4CE1A965-13B3-40D4-8DA7-8EEFAB69A9F2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4D458210-DFB5-4097-9DB6-90C1CD4BF694}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4D9929F2-EAEA-4B3B-8D84-A3564C72BFD9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4DBBE188-4394-4B7A-A533-01A8E69535FB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4DCD6CC6-338C-45AA-B0D2-D8A911AB81AE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4E8FAF2F-CC02-4AB9-9394-4C68F9C0C92B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{4EFAEED1-5DBA-430A-B90D-3B84B45C55C6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{50759362-0568-4B48-BA28-DF9C5566840A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{508E3B80-B468-447F-8918-C33A1AF706FE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5091F268-ECDB-4846-A798-75B7C51372D9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{50BBC88E-8933-407C-A190-2631477AA89C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{50C354BB-1167-433A-8B4F-43A32BFBE070}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{50DEC0D4-F0C0-4E6E-BFAF-2FC66D627CDB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{511F39CF-4A39-442B-946A-48E6ECA3D941}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{512B497D-C83F-4C3C-931C-78FF4818A3FF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5165206A-7562-4625-9C2B-F257CDD22CEE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{516F0D7F-CDAE-4527-B5D3-B01C8CA111E8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5181CF93-A96D-4DF3-92A6-6777C8650667}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{518F7F2F-A3CE-469A-A5B5-09DE5B0040CE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{519045E4-0858-4C23-B3FF-649248CA15E9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{523BD88C-E193-40D8-96B7-7E09BCBEEBD1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{524F3C01-57FD-4B8D-8A6C-612D5C026F15}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{527854CD-9D00-44AC-A544-19D449BA9791}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{52BAAB06-8C51-4F8F-8657-BD5A3F95CF85}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{52BFB4B6-9C0A-40E2-9D42-2C926C595CDB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{52C8E2B8-E850-4194-9E16-39C1A88BDAE9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{531B6979-E3CB-4881-B5C1-415B66B3A492}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{535CB1FA-D756-4E1A-8627-1D430C42611E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5393894D-979A-471F-8522-45E69EEB201C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{539E01F6-00BD-48B6-AC42-9E2FC8BC8A95}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{53B62EDE-BED1-470A-92F1-D13F2022CC08}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5450E3AD-3FFF-4620-B916-96142B2A1662}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{54CE11A2-A4E9-4041-8770-0C74AE329CFD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{54DBF5ED-E360-4774-8286-4B22C7DEC34C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{54FBBC6F-816F-4281-9C7B-A14AD8FF8A64}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5554E873-F33F-452D-9B7D-F061D0D56D6E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{55C204DF-BB28-401E-97AA-5253117AE2D0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5602F581-60BA-4C53-8F03-C961851F3E11}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5634485F-4552-4E9C-83E8-26BF8C7310DE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{56FEBB6C-3821-4039-A91D-F23E96763A22}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{570B9B54-FC30-41E1-8F08-D1C98FDCA429}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{572B7C06-9F1F-41A8-83D5-0CF3FC30C6F7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{572F8DE1-AB96-431E-A27D-A1B95DD269F9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{573BDE11-7E4A-49EF-BC00-18879DAD3D16}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{57D5FBD6-B8E9-4F58-9E19-47EDBEF2AADA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{57DBE6A0-7F75-47AC-94F0-C142C3DC6EC8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{58302919-8C39-4A3D-AB63-02D7E6116481}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{58536D43-D652-4E3F-BCF2-DDA037781990}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{586EE001-738D-4DE4-8E43-D02A2D1BF34C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{588CE422-78C3-4F9E-ACA4-922ECFD8464D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{588E179E-49FF-4287-AE72-9AAC458151A3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{58F1E0F2-6FA0-4BB3-8B0F-C5BBDCB499E0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5934342B-9ACA-4A62-BEF2-EAB1E6BD70FA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{598F9C0D-BC59-4D52-8C34-2E6733AD5B51}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5995C1D2-3E1B-483F-93E2-1F179CE0AD36}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{59C58B04-0732-492E-A380-6DD66AF282FC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{59D74031-F5C5-475C-BEBA-4091A41AA550}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{59DEEBD5-03AB-43E5-BEB9-88541684118E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5A099EA4-65B8-4236-8673-36C884127487}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5A2A2EA1-400C-49D6-8E70-ADD45E244006}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5BFCE567-AC66-4AB9-B017-F3EB4CFA95B9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5CE40C33-762A-4727-B72D-A1388F4C9787}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5DABEA73-FB29-4561-B22A-333DFF429C3E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5DF51866-AA06-48CB-84F5-87C6D1368FD2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5E4AE010-DF8D-4F89-A79A-7BE7E621330D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5E6284FA-5360-4F6D-A6F9-73DE3CFEA381}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5E7BB8BA-8D0C-48BD-8325-A6678CC618AB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5EA74BFE-F880-4B39-807A-B6A713B6123C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5EE1FB60-F346-4636-8641-0D10136F820D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5EEE0498-B25F-42F8-A047-35BE6BE20027}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{5F899497-549A-474A-92C7-9320F071BFD4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{600912A6-3CF7-4E57-AA43-62628C19A2CB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{60153C3A-4420-4942-9DBD-09C684F168D0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{601F3D6E-BE77-4ED2-A5B0-AF68C1C97827}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{60418565-35D7-4235-A99B-D22CC41C81EC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{607715F7-ECC4-48B8-AA99-06C84E05E592}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{60BBC8EA-9730-465A-93E7-AE998F87842F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{60DA1040-2996-48FE-9B7A-F6834ABF3C7E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{612240EB-9922-4505-8D8C-69C0D3EDCF94}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{61A18F4E-29F9-486B-8C19-98ECBEE1523E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{622EAC6D-B070-4251-8D81-01918B7ECAF6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6242D281-06A3-41BB-A8EF-C1D3B7B72528}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{627686B2-7424-4142-A136-EBE3FB9D681F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{62B83651-BDA2-4FD8-B0E7-82918548ECE5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{633022A0-F322-429C-9DCC-5435D22FAC15}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{633635B9-D4B5-4B6F-9C0C-A3346BFBCBF3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{633E200A-4879-4E3E-B28F-76E1FA36C521}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{63ABD67C-5F29-47B8-AEF4-1A8A630DBB7A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{63E21C63-5FA0-4DBB-9E70-C1A09329F1C6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{63E6E4D0-BA8D-4B5F-BC0B-55CB90FA5C29}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{63FFF907-9744-44EA-8DA6-D09BBF51FC1D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{645557ED-ADD3-4C69-80B7-AF2740575650}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{64A6A783-F7D6-4FFB-8A93-6ABA641EA726}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{64CF375A-C582-4248-9C58-81D6712ABFE5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{64FD4847-D86F-486B-A47E-139F9DC607CF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6524F528-9DB6-4E9B-AB3D-D0DF6D17140F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{65370E4D-1D44-41F8-9130-65467ADC77B1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{65A48A2E-AD42-4229-A008-EE80BF1E22EA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{65C90D82-6A44-44A0-9AD2-1F815A947B4C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{65CA4C89-F857-425D-B1AE-9B7EE1C069B9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{65D69516-3D30-4FBA-B151-EC8A55ED01D4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{65DEF705-7F88-4707-8213-8E59202EBB81}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{65FD56B9-EA5A-44A9-BAC3-199C7A9E5D93}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{663627BA-1C8A-461C-A209-C4DA93E8D2C5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{66C93F7B-696B-4139-8C22-4B3EF62E9E79}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{66CBA6E4-24B0-4C3B-A0A0-51199991DD62}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{66F849BA-5712-47C5-AB99-E8658C1A01E9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{672FA5B0-0F64-439A-B8BA-8FA3D8E656BA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{676E4413-F15F-45A8-A11D-7C83E0C0F739}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{67D7E12B-FF89-4E3F-9C9C-9D5F5468E9AD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{67FD3437-106C-454D-87AB-CCB2A563A657}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{69765ED0-6B7B-4417-AEC6-40BD4EA46EE4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{69C9F58C-1D02-4CFB-8516-94889DB41293}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{69D0FF1A-D867-44EA-B52D-D32B58CDE86E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6A6E7DB3-94F1-45A6-BD22-B37C2161FF80}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6AB9926E-ADCF-4B5A-A0DE-EECDE6E2E483}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6AD69E70-552D-4CEF-8D6C-756BDBE650B7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6AFBB275-7CDC-4888-9D42-B477654CFE93}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6B524744-93A2-4406-BF7F-101B6A954A22}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6BC84F9A-FDCD-4105-AE30-28B6C147FC4F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6C8C0DE0-33D6-4AE3-B122-3FD996F20473}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6CA6607F-3C5B-4563-8E91-19ED7D3A4A38}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6CC157B4-8FF4-481F-A51E-FA211D909582}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6DC3F68D-6192-4141-8548-022ADCCB0DB1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6DE0769D-997C-4C96-9078-A4AC8C8AC1F6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6DE4D5B3-DA95-4B64-B324-51C551FB6059}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6DF9C773-E75C-4344-AD72-B584F1F21243}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6E3B8F8F-71B9-4FF3-9880-A4E4133B58BC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6E765E2B-9405-46E0-92E7-220883A9F7CA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6E8B1E16-E79E-4E9C-AC32-799E9689857C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6EBC8628-1AB2-43FB-A2CC-A1DCCAE32054}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6ED3AEEC-C32A-4DB4-91BA-7990C219A483}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6F140070-6B7F-4FB6-8CCE-FC5652DD5C38}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6F5E1DBB-A0AA-4B1D-9789-42C535D096EC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6F7F9C66-40B1-4C23-80C3-FBA749D6501D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{6FE470A5-548E-4959-85D2-5C11C888D7D6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{702A6079-F7B8-4D4F-B2A9-8412640A19EA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7054C492-AC01-4B52-96F7-B7A6812F2D37}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{70946C37-ACA2-43DF-B6E3-26E56F91904F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{70CE97B5-EA4E-4CD1-906F-70DBE70BDAAE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7103CF87-3138-4345-82D3-131EF03CD5FD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{711F23C1-0C58-47C5-98F7-881C9E80EDAE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7153EB8C-99C6-4FD2-B2F0-DCC80E34174A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{715C7E45-9302-4F1D-AD6E-FDFC6ED31739}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{71AE0A45-67E8-40BE-9CF2-866963B827B2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{71AF574F-A073-4B62-AF0B-311AEFA1238E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{71B4E021-FB6C-4846-9EEB-97F386ECD958}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{722F34A1-458C-4117-A528-F13DDB5B9009}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{73092370-71FB-4897-B3D3-18E37319DB4D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7319D1A0-747D-4C9C-B380-04161FB83D4A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{73638A7A-6926-4369-B3FE-FF58A2D418ED}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{73FB109C-FBFE-4A28-9FD7-06A8D748D108}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{73FD9B5F-FF7B-4D22-AC1F-78C78645E455}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{74122407-3135-4A3F-BA91-658425282E8E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{744F70CE-C71B-430E-8C48-9B06309C6865}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{74A4E0FE-0336-4735-A4E8-695A831AE1B4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{75481EC1-7408-4918-B117-48991F7D5C45}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{759C83B0-773F-4217-BB6D-91A9300C4794}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{75C7BA22-5E61-4705-8F1C-49098BA7A209}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{75CFACAA-DEA2-456D-B8F8-23EB9DEF0A61}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7621E85F-452E-4A1F-927C-F9B5202E8D8A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7670F52C-08E9-4A97-9A20-3E9DCC159F8B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7731BCD5-F59E-4EE6-958F-9DE9EFF393E8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{77370686-9342-4B3F-8969-20474C698934}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7742DFE0-861E-4EE4-A043-10938C41F456}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{775B075D-199F-402D-A170-5BC1503B7385}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{775BB1B1-F043-49E2-A6CA-5EFB8B9368DF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{776F0724-0E49-4C60-A1E2-EA715759444D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{77D57258-4782-44E9-91AC-330D5E2DE005}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{77E68F8A-B1F1-4DDB-A2D7-0D2894ADACD6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7827B895-86B2-4852-8ECE-6EA9DEF856F8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{788AE4E8-2B1E-4C07-94EF-210AFB665B1E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{78A7F58E-70C9-4909-8532-0B210038A2FF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{78ABF576-5318-45B5-827E-1F4C0BE29046}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{78AD2454-0166-4A7B-96DB-76CFF5F08E2A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{78B34092-A050-4050-AC47-C6BA775AE40F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{78B83DB9-5279-4B8E-B81D-F3F114786F99}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{792FF561-67F3-4D32-B2E5-2CF7E81DB92E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7996E4B2-7480-492D-AD31-0D652A5C5EA5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{79B4E8FE-ED48-45C6-B974-3FFF978F2A84}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{79FB8BA1-BB13-4821-BFD0-BD9FFB29027C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7A18AD5D-A15D-4ED1-B9C3-5FAB9C8BFB5B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7A1DF51F-4D50-49E9-9C3D-435D9896B7A4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7A4BCB01-22FC-43AA-BFD2-2833F80B7AE2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7A79EEED-BA8B-43EE-B9B7-F91CB0C375DF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7AD57A23-709D-42AE-8417-C2A430F607DE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7AF6C5B7-967A-4664-946B-7DCEF88F23E6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7B137534-D3E1-482E-AD35-28FB4FD358C7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7B997202-A87E-44AD-8A7D-7557F1EEA804}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7BA9AD3B-3E23-4F9D-B124-F9D24A962652}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7BDB6B84-03D5-496C-A7E5-200198C2D654}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7C03854C-C95F-4658-A48D-8330939DDF5A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7C96C415-BA63-40E2-823F-6A7CEE78EF35}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7DBA5CAF-F26B-484D-B79B-C87DD5E3B7EB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7DEAC012-B2A3-4355-8268-AEB3557B06F2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7DFC92FD-A2F3-4F8A-80DE-587CAF920264}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7E06673C-85C5-4AF3-89E1-A737BC6E59EF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7E077CEF-981D-4658-9220-686171A69B83}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7E2E173B-C808-4678-A072-3ED9062FCB58}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7E3B9E5B-6B2E-4386-8B5C-C400541DC4DC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7EA1374B-36F5-4693-9383-0A5ABB8604EF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7F198A00-FBB1-4233-AEA7-AD01531EE832}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7F440538-4371-49AD-A90F-1CFEA1910CBA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7F5D2D98-FF98-406C-ADC4-530B15577197}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7F5F2268-7A6A-4246-81B7-337FE652C287}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{7FA632D0-4321-4B0D-A7A9-C92CB34D1716}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{80527C76-A8A9-41F1-800B-81634E771B0A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{80644160-66B8-4AF1-964A-BEB410EAA1E0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{80833655-4BE3-49C8-B73E-DEA1B1EBCA8E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{809E92F8-A992-489C-99C0-49FA17D76A48}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{80B961F0-F4B7-47CB-B047-B24D8075FCA8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{80E2B6AE-954F-4A97-867E-FB92E61C5ADD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{80F14626-2706-46E9-AD3E-E193C79891DA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{81138744-73CC-422C-9B93-405100E9988B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{819E2F51-C487-4FFC-AC54-F9FBB48CF5C0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{81BFFCD0-7A40-4673-9BA5-C4DAEB0A24C9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{825F9721-D94E-429F-9342-D5867244A514}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8286A1DA-2753-475A-80C6-D22E0FCD82D8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{82C14DD4-1758-4B0B-8067-B01497B8E776}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{83614A40-7414-4E37-84F9-F79AF2533854}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{83AEA886-FF97-4C1C-81F0-49558CA74648}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{841BC796-8493-4C8A-9529-880A57C23B80}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{84232FEE-CA5B-4368-A241-32F83907D438}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8427F00B-FB49-48F9-9182-DBD9A5BFD117}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{842B9609-7579-4832-A13D-27E5DA47192A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{84B774B1-634A-4DC0-82A3-E7468A8D95C6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{84DDA24B-9F62-4922-ACE8-8A71438E5F86}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{851E06FF-A311-4441-B6AF-55F918C6BF79}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{853AF95B-289A-4B1D-ACCA-884E60B5250F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8587E0BB-482C-402A-A241-D22997B16593}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{862C9537-52E8-451E-9FEB-D8A1E96F0CEA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8687E93E-CF55-49D3-800E-9A610AE37B24}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{873B3EB5-1A64-4DEA-98F7-FD05AF73396C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{882A16AB-D616-4D5E-9102-618F2660BD48}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{889DD6D4-068B-4EE5-8F44-DEB2FAF2F696}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{88E18100-8BB9-452B-813E-ED775C6370D5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{88F31632-DCAB-456E-82E1-7F3329786884}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8932DA50-D637-4750-BFA8-ACE53AF79A15}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{894129BE-0A72-4D1D-9640-7588D025910E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{897A1FCE-4A0B-4A5F-B494-DAD797A70E58}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{89D162B1-8A0F-40EE-B231-BA02F17A1066}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8A8284FF-992E-45E8-A9A4-CE0C7763C07C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8B1D93EE-4C99-4660-8675-E59051DFC081}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8B3395ED-A2AE-43E1-AEF3-5AC2FB1553D9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8B3CBFD2-2920-4BFB-B1BD-148E7E03F2BB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8B627F9F-621D-4F1A-AE3A-8DFA9DAFDED6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8B64FB24-AC18-4E21-8411-CE30BC142CB7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8BF641B2-D733-4248-971C-5DBEA9E12507}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8C7448AE-9DF2-4F7D-AA05-023C72BC410A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8D485C8B-DC00-4DAB-B385-5A98DAA79B23}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8D596EFC-E4F6-41A2-9C87-B4F6822472E7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8DB53C68-6D92-4919-9F66-58FDC789E67B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8DC73916-A755-4D54-9208-B48BFA89CE03}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8E2586E4-8DE8-4560-92B5-1FF0ADF278A7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8E2C1E15-EDF8-4ED0-993F-CDB2A5F57812}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8EA0B696-6C59-4D32-BCD1-5AC1ED163879}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8ECD3261-AA74-4EAC-BDCA-C1F79D8B290A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8F19AE7C-9FB5-4226-A63B-71869A8EE55D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8F3FB9EC-AB46-4461-8967-2241626AC3C1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8F46567A-46D5-49BC-B6D5-D1204232DDFC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8FA53357-8D19-4AEB-B1E1-643DC3003EAA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{8FEB807E-5531-4E16-AB0E-C5DE82C47BEC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9018D6DC-DAC4-4B79-B964-6312CE1F948F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{90650F91-8966-4903-9CCC-D4180928105D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{90A333E8-4ED7-45EF-8D04-2EBF5FD9B11A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{90E20168-A4F2-4689-9633-FEDDF9C5F95F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{90FDE4C6-10D9-482B-8467-1ACCC190A2BB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9115BFB8-7609-439D-9744-345F54B6B3C0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{915DCEC9-733F-45D2-8266-B61EA3E02291}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{91A95503-FCA8-4D41-8F47-6988D352C982}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{93882CD8-0C5D-4B64-BE23-6C8DE2E591F3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{938FAF08-A604-4822-AD1F-DB91D70B7A8E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{943098CF-44E2-423A-9A80-7FBEA73798DB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9434A51B-6A4C-4F4E-A2AE-008B21D56086}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{94C1F65E-2C28-4B1D-9558-FCC6A7E58C87}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9533FFE1-7547-4071-82A0-B88E1773816F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{954B75ED-48D1-4CA7-8D21-3DDDF181C68C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{95659BD0-E3A0-4654-B07F-B2D8DCC1C213}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9566EE0F-8A9B-499D-BD74-72C9C36F54BA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{95994A5F-BDE2-4464-9F24-4E86B3AFB68B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9625DF3F-9377-41EB-A7DA-50C38F4480D8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{963E7AA1-A7B8-44FD-8CFA-6F761083FD53}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{965C8EF0-969A-43FE-A384-FEF61230A1DE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{97C02458-30B9-4F5E-96C1-81F7E66B479B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{97CF20F4-2085-4762-8E6B-2ED1A5586BBC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{980C05D3-9235-4A80-8EB8-5E555DBB2A39}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9827D96C-32C2-49BA-9C3A-915A25560047}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{98482606-D7E6-42B3-8491-643AAC855491}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{985F1B2E-D5EF-4F86-927F-9B4A650558A3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9992F219-E164-4D47-95ED-C054946CA974}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{99E6D8F5-D3BB-4A66-884B-90BDD97CFEFE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9A3C3B94-B67B-41C1-92AC-81CEAA8B07AF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9A3D73A6-0198-4577-82C1-8393E46B274A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9A872EDE-27FF-428E-B0E3-CAF9A55C3669}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9A993C5A-B1B9-4F27-8CA6-68D5E24D8F07}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9B10540E-C305-4C38-BCCE-8DC351BA0ED7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9B5943E0-559A-4EC1-8172-655AAE1250CA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9B7DD6C9-94C6-44A1-8834-630FB2D37FBF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9B899BEF-50FE-4DC2-B92B-6BBEA11C9121}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9BE615C7-B429-4F5A-8A50-A09F38478A39}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9C0A1F8B-711A-411F-B8D1-797E1FF353AD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9C2046BA-FBC7-44B3-A022-0622FB8C35B8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9C35E5BC-2626-42C0-B308-0339518CAB11}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9CCD4D61-C402-41F6-A5C2-6BE6CEF5EE36}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9CFB7425-6C68-4EDC-AEC7-362F1E91FCB9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9D35F13D-7D5B-44D6-908C-082201038770}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9D44A537-0089-4B32-B84D-AF62828954B4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9D54E535-A161-469A-AED0-0EE577267FE8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9E7B1667-A237-48D0-A1C6-207EB752BFB6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9F0539F3-3822-44A1-A638-3DAF75AA1CCE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9F7BB4B2-E107-44DC-AB82-172CF60BF74D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{9FE7A768-3D3E-4AE5-BA72-628CDC132271}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A030B894-489B-4595-97AF-63B279773B5C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A03190C7-2080-46E3-A6ED-4DEB2F54A9F8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A0777DEF-D070-47B2-991D-EBBAF0C56E41}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A07FD854-8B9C-40D7-9279-E675F39B9701}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A0C131E7-ADE2-4249-979F-8FF65338FE4C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A0D557C3-8002-4A01-AC6B-774A8AF31F64}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A0DE0A2D-9D78-4255-B22C-5BCFBE0A76A6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A14D4B11-05E7-4BC1-9EED-F80EDD94C607}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A158F947-3587-4DB5-AF34-87F41A8FAEB1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A1711516-30B3-4787-B6C6-B25B4A45CA8C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A1C6581F-F45A-4D1B-AD19-43D15A603193}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A20C99A1-725A-4F6C-A3FF-6AA7705C8D4D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A27011FE-E3F7-42CC-9818-ECF5EDA0965E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A2B59B86-D511-48C8-B173-1E552622BFF2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A2BFE091-A231-4075-8064-E4FA8DD2320D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A32A70A7-301B-4F34-BD75-8B71EAEED913}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A37961B5-FF7F-4C4D-B3D2-2ED1106A67F2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A3B89D03-4564-4086-BD05-C86CC31A3BF8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A3C58DDC-5B75-4131-9ABC-DB64A48A72F0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A3F424F6-C30F-4B48-9730-005C10F592E3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A4C954C0-3DC9-400A-AB20-9DAA8DEEDFC5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A4D44DD6-093D-4E42-8FBE-839851C0AED4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A4F55AF9-7513-4E20-91DE-D8967A8A11B9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A5183B2E-0E55-4632-95EE-564F0D5841AA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A553E098-CFDA-4D19-B753-408A709F0DE4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A57AEA4E-F7B9-48E5-8117-93AB000FFC48}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A5B25328-2FF3-49D6-A78F-66C65CF1EA6E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A5D78692-6405-43F7-A623-DABFDE3F0466}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A5ECF8E6-3850-43DA-8EA2-ACA67E6249C2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A6454CA1-3D78-4791-9DA7-1A64F935B961}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A683AE6E-BDC5-4419-8FB2-1A43855E4020}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A685D33F-4435-4AF4-A37C-E8F75D21AC84}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A6E91E58-07B1-4649-9117-B1CDCDBFE315}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A71C57D3-C0A9-4CC6-B1CA-C5D43ED3ED88}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A786B48D-8B9B-4A11-88E1-EB1FDABC01EA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A7BFFAE3-7EC3-4E4F-8A68-2DA5298C03D7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A821189F-7C19-40B2-BBA0-C1A189A9B668}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A82E0A78-3EA5-4793-B660-DF733AF00DF8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A87E016A-6DC7-4D1D-8D1A-9F8D6E21415F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A8AE46BC-D8C6-4A6D-B364-2CA42FFFE92A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A8FC30F0-2EFD-4941-A2FC-CB260491A104}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A9BCCA3C-E9C0-496B-9377-F9DF32BAB377}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A9BCCC90-0CA5-4CA4-99F0-DA23B53E5B4B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{A9C064AB-9C6E-44DE-BE08-C426A0D9444D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AA483E17-E135-477B-9440-22B36A78EBB5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AAA8D329-58E8-4C74-AE82-41042F3FC0E7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AB69BDF7-9928-45A1-8D4F-3CDC084E6517}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ABA1980A-E13A-4E92-8374-31527F7B9761}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ABCC3216-DA4A-4A2B-AE83-7660588BABEB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ABE06A08-1B38-41EC-A5BB-D55E573ED782}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AC01B2CE-A13A-4B64-91F9-459BC9BFDE42}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AC878E54-3FA8-4FE8-A935-F71F36412829}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AC9AC10E-3ABD-4BD5-9320-A8C5B1A97960}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ACAD49FB-CBFD-4EED-B886-1EC9D40AF70E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ACB9D6DB-7C32-4006-829C-1AC29265A93B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ACC8CE05-3592-40FA-9DA4-6718D51458CD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AD3020B2-E3C6-4385-B2A3-4BB25C31D0CB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ADDCC5D6-88C7-4996-A57C-5FFE5FC004D1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ADE0E26D-ED85-4688-9485-46674C4C4F21}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AE5D14A8-B627-4A93-B0DC-8A18C44514E2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AE653FFF-2CB3-45E7-B46F-7B45F49A969E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AE863778-0E60-4AEF-8365-D775628D8A5B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AE9735E8-915A-49EF-8A26-B321CFC754DC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AEBCEC9C-AB23-4FF5-BE93-3A3F7BD616BF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AF26863C-B3AD-43EE-8CF4-468DCBB51B99}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AF546ADC-CA6C-4EE8-9783-6513EDA0F68D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{AFA02F95-6EA5-454A-93DE-E9A1166CABE7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B00183BB-7A9A-4767-98CD-1E1744537442}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B04DC44B-1E91-40CB-A19E-F81B07646D5B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B04F749F-7695-4157-9F69-D543148D5989}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B04FC21B-5A13-47FE-82BD-E7B3F572AD11}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B0F01823-63A3-4BA0-BBB1-08B30B61AC88}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B0FF035C-963A-4B14-8D2A-1F5909106909}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B137EFAD-3AE0-4A80-AE09-1B53FD170097}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B143166B-43A1-461E-A2AD-68B54CCC6482}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B1A75C0F-A086-49D9-8DEB-97A04213F937}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B1BE1675-6D5A-4209-96B8-C0A4EAD5C12B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B23CA805-B9CD-4DF0-8FB5-672A6DD61779}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B25AFBE9-B379-4753-A943-2282AAC10FCB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B27CD634-6D7A-41C4-8B0B-11A425C9D39E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B28E438A-57EA-409F-99AD-CD82F8A8760E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B2E8AE76-C68E-4BD2-8715-2080996AE3AA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B3013E66-10D5-4910-B58D-AA653C2CDF88}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B3239A99-1BEF-45C4-9CEA-D64257046AAA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B32E7D13-C0B2-41DB-9181-05C6E4F9B19C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B33BF6E1-B340-45D4-BE61-337DEE77EBF8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B37BE6DE-62B7-4307-A37B-9235400E0574}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B3A5A75E-B6F4-4745-A87B-36E014E743DC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B3EF37B7-E852-436D-A68F-8D144B685EEC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B42469F1-DF4E-44EC-89A2-56451793B695}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B5069702-170D-4D1A-AA11-9B6386AAA72A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B5074594-95DD-4425-93F2-2D23885D148A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B5331CBF-30BC-4C2F-B081-7D64F77D60A0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B5E2BFE9-C081-40A4-A388-C7FFC66E436B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B5E659F3-2933-4ED2-A461-53F31A7AEDBC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B5F1E083-ABAD-4D2B-BB75-917F08972F24}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B63E71E6-980D-476D-A8C1-7C4AF545CC5A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B6749EB1-6475-48AA-B026-EE0C4E6FC40D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B67733F5-9559-43E5-9120-C4DD037E661D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B71408D4-295F-4319-A347-F8D7BB8FF258}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B7219950-4A4C-423B-AB31-68D972D5C747}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B758804D-CF88-4C4D-BDEF-239D612422B7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B788B280-3B70-45BC-AE6E-F89AC1FCAC3B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B7CAFDC2-9E28-44E1-9E6F-E0E45C6877A3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B7E3D7DB-FF46-467C-A06E-01E3CEFA6296}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B7E7F330-06D9-4FEE-88B0-F46B7EBB9A1F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B97EC7F6-F6CB-4E45-8C6C-DF0064595DDC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B984ECBC-7D21-467F-B44E-BF51CCF8477B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B9C38F59-B4E8-43D9-822B-101A9E9BCC7B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B9FA7269-9818-4B80-9AFB-48336CCD6BF2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{B9FF5C11-8D55-41D4-9B00-3D44233F08E4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BA284D31-83FD-4E93-B9F4-AE374CAF8BE8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BA451C5E-CEAF-42AA-A130-FB9AF2C75C31}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BAAC30EC-59EC-4709-BD34-15F22FBAED10}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BABC91E7-0994-448A-B68F-AAEE53901EAA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BAC4795E-1C65-4B73-BB98-9DC8B30106F6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BB1203B9-7D20-4EBA-96B7-0E6C02D3A8E7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BB3AF62A-35D7-4A5F-B32F-A7B4D0F0484F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BB8DC1B4-025F-4143-9B4C-AB37A20FB4F6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BBAAA74C-1CE9-462C-B442-343FCEC5E246}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BBE5A234-2A41-476F-B896-A5CB76CFAEB7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BC271A2A-58DC-477D-9B64-39987B0A68C7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BCCED2F0-5628-4D24-B322-35917AA633C0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BD3CB4DF-E357-4A02-A9CE-0D3514027832}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BD5098EA-6314-4F83-BE7D-80EACCEA51DA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BD51B237-3EF7-4515-AA91-19EB4065AE05}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BDD34B4D-E82B-4C7D-B1CE-90D230599B7C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BE196330-1E9E-4529-97D5-C3748AD78248}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BE32BA43-3C09-45A0-9D39-EA5721FFF917}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BEBC2CC1-E157-42AE-A15F-80BFF873DF53}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BF159E11-ED95-492F-92A1-23A02D2E317A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BF478821-5913-4D04-8A12-48C5062E5164}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{BF58A29A-58DF-4C26-B540-ADF1E862BBA1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C00A8DE2-A0D1-45DE-84D7-339CC584A56E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C05BC0E4-7250-49A7-A2C9-5BB63E6D057C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C076FD36-29AA-4738-B6D7-01FB3F72201D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C0A6576F-EE4A-4AAD-8FD8-3DF5678E117F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C0C3F775-3509-405B-8D6B-1EBFC643DA9E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C12C8279-EFEA-48E3-80E9-C172D3D15AE3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C1302991-DEA0-429D-85CF-E529A44ACCEA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C1392664-DFC4-4A89-9780-0A6629F67726}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C13C7D9B-6858-474D-8999-3C59F428A773}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C1903391-F1F0-4F99-B224-8495A7AD649B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C1A25FAD-2607-4DB6-9CAD-D707A5FB9757}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C1E3546A-F9C9-4D3D-B7F1-2E7CB5CAB321}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C207FA2B-EE1D-464C-9AE2-A70EED64D1B8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C230A93E-2E61-46D5-B268-E16233348D88}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C239756D-504C-4E2F-890E-E9E7583693F5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C27C6EC0-C92F-4F84-96C7-5312DDDD862D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C291470E-30E7-47E9-81A4-B288C2EE0B6E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C2DD7243-3EC6-460A-8787-DF2A1420D088}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C2E8D3AC-5A82-4036-9BF1-381E57EEDD0A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C2EBE798-5AAC-416D-A9C7-2F88CBAD9CDB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C2FE9854-5932-41B6-BD20-B589B63C7A81}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C311D686-E810-4DBC-845B-BA277989F3C5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C36E2175-9F3D-4CB3-95FA-696287EF8509}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C3778FB9-656A-43F9-A996-2E538C0B3F50}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C383864A-02CC-49FE-BC1A-156699453DF6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C3C52EF4-E6F1-4612-A92F-FAD588CB6A03}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C3F00773-E640-417F-B733-1195444F8B86}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C43AAC17-9E79-4C3D-BA52-0E5E4FA6C7FC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C46C0A3A-0860-44E0-AA11-91A8E92A019C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C4E2F70E-353D-4853-9BAA-A0FC16F50A12}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C4FC125F-9B79-4DD2-A11E-0486B97F3E83}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C5249BB9-A915-4A59-BF6F-4A4679978849}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C53637D8-48E4-476E-A2E1-EEBC6439465A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C5B176C4-955A-414C-A00D-403AD21E1723}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C5F0BE80-B4B8-4649-88A6-97C37580DB83}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C607D137-660D-4CC4-9C6D-F20C81333FD6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C6520D19-4059-4A2D-A3BF-DAC76E909A06}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C6D1CB92-2A48-44EC-8B70-7ADCD8119F79}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C7089D8B-B7D6-4BFC-B920-AE8E24599EA1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C77BEC56-B3E5-4D75-9C87-93FF63A5244D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C7F3EFF4-B6F9-4E43-95D1-35BE36BCC0A0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C8161C0D-2169-44C1-AD5C-3A84438D174E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C83DEA77-4541-4698-891C-C448175FF27D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C840CEBE-5F63-4436-8EBB-1C18E9410922}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C846592B-0439-434F-B69B-588535852111}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C86CF37E-3CAE-44FD-B408-C1DE5259587F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C8AAE3FF-C70D-4524-B278-E25D10FD7423}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C8BAE774-043C-42E5-A9E5-B939E1697351}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C8D33D60-2429-4E23-BC2D-B25D536137D1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C93C49FD-423A-4ECB-A5DF-831972AB2A8B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C951C5A6-6B58-4014-AC32-2AA4A3AF1764}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C95B18E5-CAEF-464F-A7E7-6BE1E15F015A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C963D485-C07C-4225-B662-099FC5EACCD4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C9970A15-9F7C-4E6A-89D9-F70D2E1A86B3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C99D2EC6-4A9C-4497-9418-6DCC64DF2D7E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C9CC9277-B6B5-471A-8025-F21242396D3E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{C9E59FFA-C043-4C30-8F11-C6ACA4EF8905}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CA7AEEA8-3602-408B-87EC-81FE2AABE68F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CAA8F9AF-F4D1-4FFB-95D3-E2A1F1729BC9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CAF84F33-9C88-4CA4-869D-F714790270B6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CB64A97B-D7ED-46D5-B787-D657DE594AAB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CBD9FBDD-8C45-4EBE-93B9-7C49DB7F7322}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CBF00435-0C37-4CBA-8346-8D64701C1A8E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CCB99170-4E5A-4D48-9641-CA81F65B910D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CCCEF38C-8076-4566-B2C0-9F6B46F31C82}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CCD8635D-8F05-43D6-ACF6-49CA7970173C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CE38BAF2-F8B8-432E-BFF7-E94A9C1C59EF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CE734F92-25DE-4749-96B2-5428D1C6D3E1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CF37E42B-A90A-4806-922E-777DF1A981E2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CF975328-40AF-42F5-A12E-B87DB76550F8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{CF97BFDE-CACF-4F4A-A950-82C69C5B80D1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D05FD193-E2F6-42DB-AC8F-32569CC9FD36}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D0757BAF-DD2F-4DF7-9D75-9309FC011D7A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D08BE7BE-0451-4E50-B0B4-83DC25CB4E86}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D0C15130-CFE3-4ED1-B7CD-B5A2A591DC80}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D10E1124-F922-4504-A0CC-A9BB42424C21}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D1696466-7CD1-40F7-B648-D5699E5A8D05}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D196331E-61D0-4878-96B7-477865C09526}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D1AFB110-3468-4790-9BB5-3829FD22DA44}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D1E761B7-5CD6-4196-BC3B-2686242FBA0F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D2A21E9A-5B0D-4E9E-B219-7496515D510D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D2BFEEEA-459C-4436-8BDF-DA228CC1E0A0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D2CACAC2-2B30-4946-A656-03F0CB19A8BF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D3104F23-18BB-479B-9398-B931BAF86A9B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D3169B30-3DE1-4CCB-9B6C-9F6E207F0777}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D33D9C53-7BC7-4ECB-8214-68B1DC93E154}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D394D765-4CF1-4150-802A-0E8184CDA8CC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D3A05761-2CA9-4ECE-8FBB-2440B5B0CA17}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D3C6CFD0-66E6-497C-808B-69558E953B33}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D3C85186-2528-4C14-B1EC-795A084625AF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D42E3994-5C96-456E-8F2D-4B0EEC5A9677}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D4438A37-2C2E-4620-AEAD-6C9C512226AB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D5A28351-D8DB-4326-A741-B07C0CAAA78D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D5B58042-F815-4A53-A3AA-2ABE49E89467}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D5DEDA20-138B-4787-BA33-70FD40D8FE15}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D626FDE6-1199-4654-BA28-871CD7E5DC90}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D65C20C7-6E78-4E63-A85E-75A86499B702}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D6D97641-EF2A-4664-BFD7-867CE87C1F84}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D6E0037D-1077-48B7-AB94-BD4B3F94CE36}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D6E31B12-5C2F-457C-B8BE-E7A56EBB1D3A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D72F73F8-480C-4981-9A18-5FE9E6DCC5A7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D786A24A-67D6-4D66-ACD9-D25EDF75FB7C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D7A25A2B-59CB-46B0-8155-D427C63924E1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D7BD180A-24DD-4904-96D9-83DBE67430C1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D7F758F0-4457-430C-9A0D-C8B877DCDD0A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D821E9FE-E2D0-4B28-A748-BB97B2A994B8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D846AD26-08B0-4E6C-AC7F-3B139AAD4083}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D88B010E-FA28-4585-82B2-6D4D6937813F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D8BB5C2E-2A4D-4586-867C-195CE76C3D0B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D8E31133-81B9-4633-91F5-61F2D92BC572}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D8EAC539-51AA-46A1-9CB8-CCEC48146729}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D9672980-2C08-4817-A425-C4C4B1C5D0D8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D9D46FA6-4E21-4732-919D-C187647A8BAD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{D9D9856B-D455-4F79-9037-FBB8018D6E57}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DA2DEE50-EB88-4A6D-8616-7D47E8E7EB2F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DB2254F8-45AB-4D67-A7DD-BC8A7D6BC52D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DBAF5C46-90F5-4EB3-A038-E95E3C608E20}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DC63A3E0-A67E-4FC6-A711-8580F9ABD803}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DCA720F7-A96E-46AC-9640-C97F37526B5F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DD3DA3DA-0B31-4E7C-AC08-5A2057B3467D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DD59A4FE-6F6E-4454-AE36-2E8DCCEAAB98}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DD5B688E-8466-4BC8-926B-C5756A2D0E6F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DD6FDE78-18D0-42D2-A151-4F92141A3389}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DDC137B2-19AD-47F4-9086-2B83A9DC4D3B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DE314FDA-403F-4409-8FD8-2D59EA612671}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DE5059F7-3088-4FBE-86D6-2057741FAAE5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DE9E5C5F-9408-49D2-B362-50A49537095C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DF2B7FCD-1F7D-41D0-909F-700645500C66}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DF486645-4924-4A77-AC1A-004150FBA704}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{DFF0E344-9C60-434A-A390-F907D83F87D9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E01CC099-3900-4F0C-BF02-EB26FEDBA10D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E043992A-14D7-4061-865A-681A09E169BB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E0AEBBAC-5390-42D0-92A4-3F42555A2B22}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E0E7A4B9-59FB-40FE-B96F-C85A8BDB9DCC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E102309B-C791-4484-B96A-ECE51496CB3E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E103907E-D8D4-4784-AFEF-83748ACB0D28}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E1058CD8-4D75-4C52-9CEE-A75C3927E88F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E12D723F-617A-4EBF-AD5F-05E823034C5E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E1314DB2-586B-4A3A-84B9-A959FB5793C6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E1317846-25C6-4243-B9BF-21C683249A52}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E1D03C6B-2A2E-4B4C-9FE9-E3B077FD7861}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E21AA739-CA77-488E-A179-7648BF4720E6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E279E82C-3E42-40D6-AEC5-97865E35A72C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E2810554-3EA1-4B73-8185-FBB395989BDE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E30B3C95-CAF3-442D-B7E5-1639AFF98F50}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E3F11468-8ECE-4DF8-BCAF-A0B62AA91C5C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E3FB0449-12B1-4198-887E-520F2F7079E2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E454579F-D617-4A01-85E4-A1BAAE9E1F0B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E46DD9BC-B4C3-4112-913C-FEE62168F0EE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E49CA1B8-E3F1-4E9A-AB0C-F4E4C45F4CC1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E4C44BAE-A0D5-46D1-A0BA-CFD2DD4BDDA8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E5160A87-3386-4BF6-A1E3-892FD382B20E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E52D843C-5711-4509-813B-C8803C16BCE3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E5B5ADCF-A94C-421A-A6EF-9DCB5B1B5BB1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E5C41CEE-B282-4973-A318-634FDE34221A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E5F648FF-F2DD-426B-BC36-9A1CE00AEA90}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E6205150-9260-4FBE-B5B1-43E12598B742}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E647F77C-DC81-462E-8ECB-65AC021629B3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E65EA2CD-1794-4602-A8A6-FC0987156AAF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E6CE9F0E-DEFF-484B-B732-490139F55676}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E6DCA6E4-558C-47F0-8CF1-F997984A1505}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E7AE1E26-A67D-4AFE-BC1B-CD87276DEFF1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E7C7A797-D241-497C-84F1-57979A47258F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E7F3B1D6-5365-43D7-B306-0EC596ED3D4F}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E86BD370-4CED-4A33-A86B-89348A9B96EE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E88E4CE3-0274-4E07-A88A-3D2FC1528337}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E90767C4-0A99-42F3-86BC-A3861D623515}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E9530E57-949F-4FB7-82E1-96704EA2D039}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E99E3FB2-FBAC-4803-B07E-A8B08F018B24}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E9A04ED4-8C34-4DDA-BD63-9AB5CE5FB3C6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{E9B58CDC-E97D-456F-B316-704D07A5E3C9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EA4D0F6A-8982-4693-B9D7-4C13F8CA9B40}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EAC551AF-AE13-4BD5-9530-7502886F9F4E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EB469301-879F-486D-BFC9-A4E0ED1C7968}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EB8D4EFC-B1F7-4A82-95D2-C5FD998142F7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EC46EA6B-93AF-4F8E-94CC-88D596EB76B1}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ECAAF528-034B-47FF-B3B6-07C80434D013}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ECCCD5A2-1B31-41FC-84AE-203473983778}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ED6A5FFB-120B-41BB-A932-6A1797C4A10A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{ED99DDA0-C004-4746-AC48-C2766029A23D}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EDB8FDB2-DB33-4FFE-A482-2A0D15D7580B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EDF0F94D-FA07-4B4E-97E3-6089F17D6B48}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EE3A5A07-EBD4-457F-890B-B54E68A2C2FA}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EE54BA35-8288-493D-ACF4-E091934593C8}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EE558C07-3049-4E63-9851-B931C0F3844E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EE6FDD36-6827-47F3-ABBB-49003B7E9CBF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EE7BA329-88D3-47E7-921E-43019DE1A875}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EEA15A92-7E8F-4422-A8D6-E6362EE10E1C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF0395B5-8D24-4922-9A03-68A2D00E45F0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF1B5DD1-D55E-462F-A376-802C49D63013}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF261CA8-44B7-4724-8234-B71B61B01596}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF5E7255-A01C-444A-BDE0-1CDDB62640F7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF61AF8B-668D-4C10-97E1-07F1BA5E5EA6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF7D6207-F23C-4B58-9746-30C93DEF47F7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF904128-8F36-4D6F-A96E-5A26CCBF37F2}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{EF99A597-1DD9-4AEB-B40D-954FFC4A0461}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F0ABCEB6-6893-4DA7-A113-50FD43323AC6}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F0E55D23-F53B-4BD0-BE15-7FA62B4ADE33}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F1252FBB-FA15-44E6-9B18-E3792F8FB4CB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F1E1311C-4C18-4E03-85D9-03690510A1AC}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F201BBB3-5679-41B3-9648-58E6FA4D3E87}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F2455D9E-488D-4466-B09B-5AA51DC7AE2E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F25DD68F-CEB9-4391-9D3F-B6380F46D20E}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F335B487-559E-4F83-83E4-3F16801B1709}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F3426F68-7696-444E-BC49-A9A7BCE582FD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F34C523D-9B85-4994-8B68-4932BF592009}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F39E90E7-C5EC-44DA-95B7-A37EF10C1053}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F3AD712E-DAE7-4515-A6CE-3600DB7DECBB}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F3B11BD5-F0C5-4DCB-8C0F-4C3C9A876233}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F3C3FBEE-36FF-44CC-8533-9579D525B314}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F3FA2820-CEA2-4C93-83F6-290C4A0421F4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F40E9660-3F6D-4590-857B-769B2FCC5305}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F42B2D16-DA54-4FFB-8EC5-0E497F70CB00}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F439DC08-7E6D-4CF2-8E28-5D5DD89D7423}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F52291B3-A4B4-4F25-B47C-DBFE20CF868B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F5D956D2-D015-4AB6-AC20-2E4A172BC8E7}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F61B990B-BB9F-4CA7-98C4-5551D9B961B4}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F673758E-3E82-49B7-8F7C-C7BB10B7E934}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F6EDFD8F-A3D7-4CC7-9FA8-EF55D9ADDA0B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F720D937-BDD5-4F61-A97A-09144FDC1F0B}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F77624C7-27B9-49B9-82DA-B75A97FCD2D0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F7C1C1EE-86EB-4A71-888D-13B6FB138AF3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F82793EF-E415-40E6-9749-EC467543268A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F90C617A-D707-4AFD-A50D-4A600E346C26}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F920A875-75E6-454A-B84B-29E26987C16C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F96F3EEB-FD4A-4C21-8210-7834858E8525}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F9C5A667-96E0-4704-8159-AEAA38662F56}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{F9FFEDA8-F512-411B-BFE1-3C46ADB37723}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FAAA0273-2144-42D2-889D-C31BA79D970C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FAB7CFFD-7BCA-4BD9-B710-BE163AED3AC5}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FB0F2203-DCAC-4AB9-B88E-94309A04E984}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FB106086-240A-451C-BCD6-68DCE69209C3}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FB4C89FF-1036-4681-A4CF-C29BC9DD51BD}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FB745095-B7AA-47C1-AD3D-75A3BC1AFC72}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FBA3B4EA-EFEB-486C-812C-324A1F3D864C}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FBDBB7DE-ECDD-4853-B00E-1C8F84A29FC9}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FC012A3D-C50C-4830-9499-52D4AFB9C271}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FC24FCF0-CB15-4B85-B1D0-CC6E0C90238A}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FC9D2AE7-27B2-45B3-83AD-7F8693CA0650}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FCD6C143-1FB8-49E0-9690-38C4B0E96C90}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FD07B6BA-8BE0-47B9-B2D9-8AA74B200725}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FD11067D-6E2E-4146-AD8F-41EBD5A82C53}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FD3E644B-D254-4AE2-913A-32F7FD5D0FD0}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FD8675BE-17B9-4429-B4F0-58DF93D21139}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FE0DC934-9D09-4DBD-9607-0668096A03EF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FE7AA70A-BD79-4423-9DBC-5219DEA02523}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FEBBCCE1-197B-4621-B27E-B17AED3B94AF}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FEBD33A7-93EB-4EE8-92EA-3112B23648DE}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FF4C4E3F-CE6F-4C0D-972B-B2F5651AB026}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FFAA1025-057F-407E-9EC2-96E24680B209}
Successfully deleted: [Empty Folder] C:\Users\Jens aaaaaaaa\appdata\local\{FFCA831C-8B5B-4353-8090-1AEF3F8498EE}
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Jens aaaaaaaa\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2013 at 20:53:46,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jens |
|
18.10.2013, 20:06
| #8 |
| | WIN7: Avira meldet Fund tr/agent.143516.1 ...last but not least: FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Jens aaaaaaaa (administrator) on DELL-XPS502_JV on 18-10-2013 20:54:32
Running from C:\Users\Jens aaaaaaaa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Akamai Technologies, Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe
(Ericsson AB) C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Akamai Technologies, Inc.) C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
() C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] ()
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [483424 2012-02-01] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Google Update] - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-31] (Google Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Jens aaaaaaaa\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [WirelessManager] - C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [194600 2010-07-28] (Ericsson AB)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-02-06] ()
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] ()
HKLM-x32\...\Run: [HTC Sync Loader] - c:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-25] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [202600 2012-10-25] (NVIDIA Corporation)
Startup: C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GM_DevUpdate.lnk
ShortcutTarget: GM_DevUpdate.lnk -> C:\Program Files (x86)\Speed-Link Vibration Joystick\GM_DevUpdate.exe ()
BootExecute: autocheck autochk * lsdelete
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - C:\Users\Jens aaaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 CoachUsb; C:\Windows\System32\DRIVERS\CoachUsb.sys [78472 2009-05-06] (FotoNation Inc.)
S3 CoachVid; C:\Windows\System32\DRIVERS\CoachVid.sys [72968 2009-05-06] (FotoNation Inc.)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-10-28] (Lavasoft AB)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284008 2012-10-25] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
S3 GMFilter; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-18 20:53 - 2013-10-18 20:53 - 00119857 _____ C:\Users\Jens aaaaaaaa\Desktop\JRT.txt
2013-10-18 20:46 - 2013-10-18 20:46 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 20:22 - 2013-10-18 20:38 - 00000000 ____D C:\AdwCleaner
2013-10-18 20:22 - 2013-10-18 20:22 - 01033335 _____ (Thisisu) C:\Users\Jens aaaaaaaa\Downloads\JRT.exe
2013-10-18 20:21 - 2013-10-18 20:21 - 01050644 _____ C:\Users\Jens aaaaaaaa\Downloads\adwcleaner.exe
2013-10-18 06:50 - 2013-10-18 20:29 - 00011606 _____ C:\Windows\PFRO.log
2013-10-18 06:50 - 2013-10-18 06:54 - 101748955 _____ C:\Windows\SysWOW64\萷聤B
2013-10-17 19:57 - 2013-10-17 19:58 - 00041144 _____ C:\Users\Jens aaaaaaaa\Downloads\Addition.txt
2013-10-17 19:56 - 2013-10-17 19:56 - 00000000 ____D C:\FRST
2013-10-17 19:55 - 2013-10-17 19:56 - 01954124 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST64.exe
2013-10-17 19:54 - 2013-10-17 19:54 - 01087213 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST.exe
2013-10-17 19:53 - 2013-10-17 19:53 - 00377856 _____ C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe
2013-10-17 19:52 - 2013-10-17 19:52 - 00000488 _____ C:\Users\Jens aaaaaaaa\Downloads\defogger_disable.log
2013-10-17 19:52 - 2013-10-17 19:52 - 00000000 _____ C:\Users\Jens aaaaaaaa\defogger_reenable
2013-10-17 19:49 - 2013-10-17 19:50 - 00050477 _____ C:\Users\Jens aaaaaaaa\Downloads\Defogger.exe
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\avgchrome
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 19:39 - 2013-10-18 20:54 - 00000000 ____D C:\Users\Jens aaaaaaaa\Desktop\AAA_Virus
2013-10-17 14:03 - 2013-10-18 20:39 - 00000280 _____ C:\Windows\setupact.log
2013-10-17 14:03 - 2013-10-17 14:03 - 00000000 _____ C:\Windows\setuperr.log
2013-10-13 22:38 - 2013-10-13 22:38 - 00001520 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (5).acsm
2013-10-13 22:38 - 2013-10-13 22:38 - 00001514 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (4).acsm
2013-10-09 07:24 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 07:24 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 07:24 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 07:24 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 07:24 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 07:24 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 07:24 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 07:04 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 07:04 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 07:04 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 07:04 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 07:04 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 07:04 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 07:04 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 07:04 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 07:04 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 07:04 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 07:04 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 07:04 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 07:04 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 07:04 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 07:04 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 07:04 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 07:04 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 07:04 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 07:04 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 07:04 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 07:04 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 07:04 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 07:04 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 07:03 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 07:03 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 07:03 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 07:03 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 07:03 - 2013-09-04 03:37 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 07:03 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 07:03 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 07:03 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 07:03 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 07:03 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 07:03 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 07:03 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 07:03 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 07:03 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 07:03 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 07:03 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 07:03 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 07:03 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 07:03 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 07:03 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 07:03 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 07:03 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 07:03 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 07:03 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:03 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:42 - 2013-10-08 23:42 - 00171520 _____ C:\Users\Jens aaaaaaaa\Downloads\Reibung_zw_festen_Stoffen.pps
==================== One Month Modified Files and Folders =======
2013-10-18 20:54 - 2013-10-17 19:39 - 00000000 ____D C:\Users\Jens aaaaaaaa\Desktop\AAA_Virus
2013-10-18 20:53 - 2013-10-18 20:53 - 00119857 _____ C:\Users\Jens aaaaaaaa\Desktop\JRT.txt
2013-10-18 20:50 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-18 20:50 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-18 20:46 - 2013-10-18 20:46 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 20:43 - 2013-01-10 22:11 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-18 20:42 - 2011-12-27 15:36 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-10-18 20:41 - 2013-01-10 22:11 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-18 20:41 - 2012-02-20 22:04 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\Htc
2013-10-18 20:41 - 2011-12-27 15:40 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-10-18 20:41 - 2011-12-27 15:40 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-10-18 20:39 - 2013-10-17 14:03 - 00000280 _____ C:\Windows\setupact.log
2013-10-18 20:39 - 2012-03-10 13:16 - 00355708 _____ C:\aaw7boot.log
2013-10-18 20:39 - 2011-12-27 08:03 - 01734017 _____ C:\Windows\WindowsUpdate.log
2013-10-18 20:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-18 20:38 - 2013-10-18 20:22 - 00000000 ____D C:\AdwCleaner
2013-10-18 20:29 - 2013-10-18 06:50 - 00011606 _____ C:\Windows\PFRO.log
2013-10-18 20:25 - 2011-12-30 16:39 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\Nero
2013-10-18 20:22 - 2013-10-18 20:22 - 01033335 _____ (Thisisu) C:\Users\Jens aaaaaaaa\Downloads\JRT.exe
2013-10-18 20:21 - 2013-10-18 20:21 - 01050644 _____ C:\Users\Jens aaaaaaaa\Downloads\adwcleaner.exe
2013-10-18 07:00 - 2011-12-31 12:07 - 00001152 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA.job
2013-10-18 06:58 - 2012-04-29 22:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-18 06:54 - 2013-10-18 06:50 - 101748955 _____ C:\Windows\SysWOW64\萷聤B
2013-10-17 22:49 - 2012-07-12 18:23 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D3F2ED7F-9929-48CA-A472-7EC179DE8884}
2013-10-17 22:00 - 2011-12-31 12:07 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core.job
2013-10-17 20:38 - 2011-12-30 16:20 - 00000000 ___RD C:\Users\Jens aaaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-17 19:58 - 2013-10-17 19:57 - 00041144 _____ C:\Users\Jens aaaaaaaa\Downloads\Addition.txt
2013-10-17 19:56 - 2013-10-17 19:56 - 00000000 ____D C:\FRST
2013-10-17 19:56 - 2013-10-17 19:55 - 01954124 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST64.exe
2013-10-17 19:54 - 2013-10-17 19:54 - 01087213 _____ (Farbar) C:\Users\Jens aaaaaaaa\Downloads\FRST.exe
2013-10-17 19:53 - 2013-10-17 19:53 - 00377856 _____ C:\Users\Jens aaaaaaaa\Downloads\t12w38sn.exe
2013-10-17 19:52 - 2013-10-17 19:52 - 00000488 _____ C:\Users\Jens aaaaaaaa\Downloads\defogger_disable.log
2013-10-17 19:52 - 2013-10-17 19:52 - 00000000 _____ C:\Users\Jens aaaaaaaa\defogger_reenable
2013-10-17 19:52 - 2011-12-30 16:16 - 00000000 ____D C:\Users\Jens aaaaaaaa
2013-10-17 19:50 - 2013-10-17 19:49 - 00050477 _____ C:\Users\Jens aaaaaaaa\Downloads\Defogger.exe
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\avgchrome
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 18:55 - 2010-11-21 08:50 - 00697322 _____ C:\Windows\system32\perfh007.dat
2013-10-17 18:55 - 2010-11-21 08:50 - 00148328 _____ C:\Windows\system32\perfc007.dat
2013-10-17 18:55 - 2009-07-14 07:13 - 01614100 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-17 14:41 - 2012-03-01 00:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-17 14:26 - 2013-05-25 12:18 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-10-17 14:26 - 2013-05-25 12:17 - 00000000 ____D C:\Program Files\My Dell
2013-10-17 14:26 - 2012-02-29 18:20 - 00000000 ____D C:\ProgramData\PCDr
2013-10-17 14:03 - 2013-10-17 14:03 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 08:03 - 2012-03-10 13:16 - 00000000 ____D C:\Windows\Minidump
2013-10-17 08:03 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2013-10-16 21:55 - 2011-12-31 12:07 - 00004138 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA
2013-10-16 21:55 - 2011-12-31 12:07 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core
2013-10-16 21:01 - 2011-12-27 15:55 - 00000000 ____D C:\ProgramData\Sonic
2013-10-16 20:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-15 22:22 - 2012-02-27 18:31 - 00000763 _____ C:\Windows\wiso.ini
2013-10-15 22:22 - 2012-02-27 18:27 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-10-14 21:41 - 2013-08-01 22:45 - 00000000 ____D C:\Users\Jens aaaaaaaa\Documents\My Digital Editions
2013-10-13 23:00 - 2013-07-29 22:39 - 00000000 ____D C:\Windows\tmp
2013-10-13 22:45 - 2013-07-29 22:39 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Local\Kobo
2013-10-13 22:44 - 2013-07-29 22:39 - 00001001 _____ C:\Users\Public\Desktop\Kobo.lnk
2013-10-13 22:44 - 2013-07-29 22:39 - 00000000 ____D C:\Program Files (x86)\Kobo
2013-10-13 22:38 - 2013-10-13 22:38 - 00001520 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (5).acsm
2013-10-13 22:38 - 2013-10-13 22:38 - 00001514 _____ C:\Users\Jens aaaaaaaa\Downloads\URLLink (4).acsm
2013-10-13 21:37 - 2013-01-10 22:11 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-13 21:37 - 2013-01-10 22:11 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-10 18:59 - 2012-04-29 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 18:59 - 2012-04-29 22:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 18:59 - 2011-12-27 15:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 21:42 - 2009-07-14 06:45 - 00370216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 21:39 - 2012-05-11 17:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 07:22 - 2012-05-11 17:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 07:22 - 2011-02-11 12:22 - 01591930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 07:20 - 2013-08-01 17:59 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 07:18 - 2011-12-30 16:29 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-08 23:42 - 2013-10-08 23:42 - 00171520 _____ C:\Users\Jens aaaaaaaa\Downloads\Reibung_zw_festen_Stoffen.pps
2013-10-07 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-06 01:07 - 2012-01-05 23:23 - 00000000 ____D C:\Users\Jens aaaaaaaa\AppData\Roaming\SoftGrid Client
2013-09-23 01:28 - 2013-10-09 07:24 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-09 07:24 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-09 07:24 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 05:38 - 2013-10-09 07:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-09 07:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-09 07:24 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-09 07:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
Files to move or delete:
====================
C:\Users\Jens aaaaaaaa\APP_IO_WXP_VSTA_W7_A02_Setup-7W7T4_ZPE.exe
C:\Users\Jens aaaaaaaa\CONEXANT_D400-USB-MODEM_DPP14_A00_SETUP_ZPE.exe
C:\Users\Jens aaaaaaaa\CONEXANT_D400-USB-MODEM_J6N4K_A02_SETUP_ZPE.exe
C:\Users\Jens aaaaaaaa\CW1394A0.exe
C:\Users\Jens aaaaaaaa\DELL_MOBILE-BROADBAND-MANAGE_A08_R291705.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5540-HSPA-MINI_A11_R287094.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5550-HSPA-MINI_A03_R298995.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5550-HSPA-MINI_A03_R298998.exe
C:\Users\Jens aaaaaaaa\DELL_WIRELESS-5620-EVDO-HSPA_A09_R292028.exe
C:\Users\Jens aaaaaaaa\L502X_A__06.exe
C:\Users\Jens aaaaaaaa\R261284.exe
C:\Users\Jens aaaaaaaa\R293038.exe
C:\Users\Jens aaaaaaaa\R296901.exe
C:\Users\Jens aaaaaaaa\R304505.exe
C:\Users\Jens aaaaaaaa\R304507.exe
Some content of TEMP:
====================
C:\Users\Jens aaaaaaaa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jens aaaaaaaa\AppData\Local\Temp\Quarantine.exe
C:\Users\Jens aaaaaaaa\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-03 00:00
==================== End Of Log ============================
--- --- --- |
|
19.10.2013, 14:37
| #9 |
| /// the machine /// TB-Ausbilder | WIN7: Avira meldet Fund tr/agent.143516.1ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.10.2013, 13:11
| #10 |
| | WIN7: Avira meldet Fund tr/agent.143516.1 Moin Schrauber, vielen Dank für deine Tipps, sorry, dass es etwas gedauert hat, der ESET hat fasst einen halben Tag gebraucht.... und nun die LOG Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3c5e2eac98e7ab49b5d37a05e942bfcd
# engine=15551
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-20 09:26:42
# local_time=2013-10-20 11:26:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 44986 247684492 37767 0
# compatibility_mode=5893 16776573 100 94 95290 133891052 0 0
# scanned=249594
# found=0
# cleaned=0
# scan_time=44822
Code:
ATTFilter Results of screen317's Security Check version 0.99.74 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.75.0.1300 JavaFX 2.1.1 Java(TM) 6 Update 31 Java 7 Update 25 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader 10.1.8 Adobe Reader out of Date! Google Chrome 30.0.1599.101 Google Chrome 30.0.1599.69 ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! Avira Antivir avgnt.exe Avira Antivir avguard.exe ESET ESET Online Scanner OnlineScannerApp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2013
Ran by Jens aaaaaaa (administrator) on DELL-XPS502_JV on 20-10-2013 14:05:25
Running from C:\Users\Jens aaaaaaa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Akamai Technologies, Inc.) C:\Users\Jens aaaaaaa\AppData\Local\Akamai\netsession_win.exe
(Ericsson AB) C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
() C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Jens aaaaaaa\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Google Inc.) C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Google Inc.) C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] ()
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [483424 2012-02-01] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Google Update] - C:\Users\Jens aaaaaaa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-31] (Google Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Jens aaaaaaa\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [WirelessManager] - C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [194600 2010-07-28] (Ericsson AB)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-02-06] ()
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] ()
HKLM-x32\...\Run: [HTC Sync Loader] - c:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-25] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [202600 2012-10-25] (NVIDIA Corporation)
Startup: C:\Users\Jens aaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GM_DevUpdate.lnk
ShortcutTarget: GM_DevUpdate.lnk -> C:\Program Files (x86)\Speed-Link Vibration Joystick\GM_DevUpdate.exe ()
BootExecute: autocheck autochk * lsdeletesdnclean64.exe
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {EC89F7B2-2E2F-48A0-9FF9-18C677BA5109} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=B45E74E50B759C21&affID=125836&tsp=5038
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\JENSVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - C:\Users\Jens aaaaaaa\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 CoachUsb; C:\Windows\System32\DRIVERS\CoachUsb.sys [78472 2009-05-06] (FotoNation Inc.)
S3 CoachVid; C:\Windows\System32\DRIVERS\CoachVid.sys [72968 2009-05-06] (FotoNation Inc.)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-10-28] (Lavasoft AB)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284008 2012-10-25] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
S3 GMFilter; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-20 14:04 - 2013-10-20 14:05 - 01954548 _____ (Farbar) C:\Users\Jens aaaaaaa\Downloads\FRST64.exe
2013-10-20 11:22 - 2013-10-20 11:22 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{9A761248-2EC9-45C8-B77E-0D76E7B70828}
2013-10-20 08:45 - 2013-10-20 08:45 - 00891167 _____ C:\Users\Jens aaaaaaa\Downloads\SecurityCheck (2).exe
2013-10-19 23:10 - 2013-10-19 23:10 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{6A561BAE-3F1A-479B-9E36-2F835CC0E7E0}
2013-10-19 23:00 - 2013-10-19 23:01 - 00891167 _____ C:\Users\Jens aaaaaaa\Downloads\SecurityCheck (1).exe
2013-10-19 23:00 - 2013-10-19 23:00 - 00891167 _____ C:\Users\Jens aaaaaaa\Downloads\SecurityCheck.exe
2013-10-19 22:57 - 2013-10-19 22:57 - 101983560 _____ C:\Windows\SysWOW64\�ꘐ聤G
2013-10-19 22:57 - 2013-10-19 22:57 - 02347384 _____ (ESET) C:\Users\Jens aaaaaaa\Downloads\esetsmartinstaller_enu.exe
2013-10-19 21:06 - 2013-10-19 21:06 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{635B81E8-41B9-4B91-B9B6-4A9F6EE11787}
2013-10-19 12:00 - 2013-10-19 12:07 - 237717799 _____ C:\Users\Jens aaaaaaa\Downloads\Hochzeit Maren & Jens.zip
2013-10-19 09:42 - 2013-10-19 09:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-19 09:42 - 2013-10-19 09:42 - 00001381 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-19 09:42 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-10-19 08:58 - 2013-10-19 08:58 - 00614816 _____ C:\Users\Jens aaaaaaa\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-10-19 08:43 - 2013-10-19 08:43 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{15C2A13E-D43B-44D3-A795-15839FB396D1}
2013-10-18 20:53 - 2013-10-18 20:53 - 00119857 _____ C:\Users\Jens aaaaaaa\Desktop\JRT.txt
2013-10-18 20:46 - 2013-10-18 20:46 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 20:22 - 2013-10-18 20:38 - 00000000 ____D C:\AdwCleaner
2013-10-18 20:22 - 2013-10-18 20:22 - 01033335 _____ (Thisisu) C:\Users\Jens aaaaaaa\Downloads\JRT.exe
2013-10-18 20:21 - 2013-10-18 20:21 - 01050644 _____ C:\Users\Jens aaaaaaa\Downloads\adwcleaner.exe
2013-10-18 06:50 - 2013-10-19 11:57 - 00011956 _____ C:\Windows\PFRO.log
2013-10-18 06:50 - 2013-10-18 06:54 - 101748955 _____ C:\Windows\SysWOW64\萷聤B
2013-10-17 19:57 - 2013-10-17 19:58 - 00041144 _____ C:\Users\Jens aaaaaaa\Downloads\Addition.txt
2013-10-17 19:56 - 2013-10-17 19:56 - 00000000 ____D C:\FRST
2013-10-17 19:53 - 2013-10-17 19:53 - 00377856 _____ C:\Users\Jens aaaaaaa\Downloads\t12w38sn.exe
2013-10-17 19:52 - 2013-10-17 19:52 - 00000488 _____ C:\Users\Jens aaaaaaa\Downloads\defogger_disable.log
2013-10-17 19:52 - 2013-10-17 19:52 - 00000000 _____ C:\Users\Jens aaaaaaa\defogger_reenable
2013-10-17 19:49 - 2013-10-17 19:50 - 00050477 _____ C:\Users\Jens aaaaaaa\Downloads\Defogger.exe
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\avgchrome
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 19:39 - 2013-10-19 23:17 - 00000000 ____D C:\Users\Jens aaaaaaa\Desktop\AAA_Virus
2013-10-17 14:03 - 2013-10-19 18:38 - 00000896 _____ C:\Windows\setupact.log
2013-10-17 14:03 - 2013-10-17 14:03 - 00000000 _____ C:\Windows\setuperr.log
2013-10-13 22:38 - 2013-10-13 22:38 - 00001520 _____ C:\Users\Jens aaaaaaa\Downloads\URLLink (5).acsm
2013-10-13 22:38 - 2013-10-13 22:38 - 00001514 _____ C:\Users\Jens aaaaaaa\Downloads\URLLink (4).acsm
2013-10-09 07:24 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 07:24 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 07:24 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 07:24 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 07:24 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 07:24 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 07:24 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 07:24 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 07:24 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 07:24 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 07:04 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 07:04 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 07:04 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 07:04 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 07:04 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 07:04 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 07:04 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 07:04 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 07:04 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 07:04 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 07:04 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 07:04 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 07:04 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 07:04 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 07:04 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 07:04 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 07:04 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 07:04 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 07:04 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 07:04 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 07:04 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 07:04 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 07:04 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 07:03 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 07:03 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 07:03 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 07:03 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 07:03 - 2013-09-04 03:37 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 07:03 - 2013-09-04 03:37 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 07:03 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 07:03 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 07:03 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 07:03 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 07:03 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 07:03 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 07:03 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 07:03 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 07:03 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 07:03 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 07:03 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 07:03 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 07:03 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 07:03 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 07:03 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 07:03 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 07:03 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 07:03 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 07:03 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:03 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:42 - 2013-10-08 23:42 - 00171520 _____ C:\Users\Jens aaaaaaa\Downloads\Reibung_zw_festen_Stoffen.pps
==================== One Month Modified Files and Folders =======
2013-10-20 14:05 - 2013-10-20 14:04 - 01954548 _____ (Farbar) C:\Users\Jens aaaaaaa\Downloads\FRST64.exe
2013-10-20 14:00 - 2013-01-10 22:11 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-20 14:00 - 2011-12-31 12:07 - 00001152 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA.job
2013-10-20 13:59 - 2012-04-29 22:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-20 13:59 - 2011-12-27 08:03 - 01803495 _____ C:\Windows\WindowsUpdate.log
2013-10-20 12:01 - 2013-05-25 12:18 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-10-20 11:22 - 2013-10-20 11:22 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{9A761248-2EC9-45C8-B77E-0D76E7B70828}
2013-10-20 11:06 - 2012-07-12 18:23 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D3F2ED7F-9929-48CA-A472-7EC179DE8884}
2013-10-20 08:45 - 2013-10-20 08:45 - 00891167 _____ C:\Users\Jens aaaaaaa\Downloads\SecurityCheck (2).exe
2013-10-19 23:17 - 2013-10-17 19:39 - 00000000 ____D C:\Users\Jens aaaaaaa\Desktop\AAA_Virus
2013-10-19 23:10 - 2013-10-19 23:10 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{6A561BAE-3F1A-479B-9E36-2F835CC0E7E0}
2013-10-19 23:01 - 2013-10-19 23:00 - 00891167 _____ C:\Users\Jens aaaaaaa\Downloads\SecurityCheck (1).exe
2013-10-19 23:00 - 2013-10-19 23:00 - 00891167 _____ C:\Users\Jens aaaaaaa\Downloads\SecurityCheck.exe
2013-10-19 22:57 - 2013-10-19 22:57 - 101983560 _____ C:\Windows\SysWOW64\�ꘐ聤G
2013-10-19 22:57 - 2013-10-19 22:57 - 02347384 _____ (ESET) C:\Users\Jens aaaaaaa\Downloads\esetsmartinstaller_enu.exe
2013-10-19 22:56 - 2013-01-10 22:11 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-19 22:56 - 2011-12-31 12:07 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core.job
2013-10-19 21:06 - 2013-10-19 21:06 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{635B81E8-41B9-4B91-B9B6-4A9F6EE11787}
2013-10-19 18:53 - 2011-12-30 16:39 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\Nero
2013-10-19 18:49 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-19 18:49 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-19 18:39 - 2012-02-20 22:04 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\Htc
2013-10-19 18:39 - 2011-12-27 15:40 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-10-19 18:39 - 2011-12-27 15:40 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-10-19 18:39 - 2011-12-27 15:36 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-10-19 18:38 - 2013-10-17 14:03 - 00000896 _____ C:\Windows\setupact.log
2013-10-19 18:38 - 2012-03-10 13:16 - 00357052 _____ C:\aaw7boot.log
2013-10-19 18:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-19 12:07 - 2013-10-19 12:00 - 237717799 _____ C:\Users\Jens aaaaaaa\Downloads\Hochzeit Maren & Jens.zip
2013-10-19 11:57 - 2013-10-18 06:50 - 00011956 _____ C:\Windows\PFRO.log
2013-10-19 10:32 - 2012-03-01 00:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-19 09:45 - 2013-10-19 09:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-19 09:42 - 2013-10-19 09:42 - 00001381 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-19 09:42 - 2012-03-01 00:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-10-19 08:58 - 2013-10-19 08:58 - 00614816 _____ C:\Users\Jens aaaaaaa\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-10-19 08:43 - 2013-10-19 08:43 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\{15C2A13E-D43B-44D3-A795-15839FB396D1}
2013-10-18 21:41 - 2010-11-21 08:50 - 00697322 _____ C:\Windows\system32\perfh007.dat
2013-10-18 21:41 - 2010-11-21 08:50 - 00148328 _____ C:\Windows\system32\perfc007.dat
2013-10-18 21:41 - 2009-07-14 07:13 - 01614100 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-18 20:53 - 2013-10-18 20:53 - 00119857 _____ C:\Users\Jens aaaaaaa\Desktop\JRT.txt
2013-10-18 20:46 - 2013-10-18 20:46 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 20:38 - 2013-10-18 20:22 - 00000000 ____D C:\AdwCleaner
2013-10-18 20:22 - 2013-10-18 20:22 - 01033335 _____ (Thisisu) C:\Users\Jens aaaaaaa\Downloads\JRT.exe
2013-10-18 20:21 - 2013-10-18 20:21 - 01050644 _____ C:\Users\Jens aaaaaaa\Downloads\adwcleaner.exe
2013-10-18 06:54 - 2013-10-18 06:50 - 101748955 _____ C:\Windows\SysWOW64\萷聤B
2013-10-17 20:38 - 2011-12-30 16:20 - 00000000 ___RD C:\Users\Jens aaaaaaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-17 19:58 - 2013-10-17 19:57 - 00041144 _____ C:\Users\Jens aaaaaaa\Downloads\Addition.txt
2013-10-17 19:56 - 2013-10-17 19:56 - 00000000 ____D C:\FRST
2013-10-17 19:53 - 2013-10-17 19:53 - 00377856 _____ C:\Users\Jens aaaaaaa\Downloads\t12w38sn.exe
2013-10-17 19:52 - 2013-10-17 19:52 - 00000488 _____ C:\Users\Jens aaaaaaa\Downloads\defogger_disable.log
2013-10-17 19:52 - 2013-10-17 19:52 - 00000000 _____ C:\Users\Jens aaaaaaa\defogger_reenable
2013-10-17 19:52 - 2011-12-30 16:16 - 00000000 ____D C:\Users\Jens aaaaaaa
2013-10-17 19:50 - 2013-10-17 19:49 - 00050477 _____ C:\Users\Jens aaaaaaa\Downloads\Defogger.exe
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\avgchrome
2013-10-17 19:43 - 2013-10-17 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 14:26 - 2013-05-25 12:17 - 00000000 ____D C:\Program Files\My Dell
2013-10-17 14:26 - 2012-02-29 18:20 - 00000000 ____D C:\ProgramData\PCDr
2013-10-17 14:03 - 2013-10-17 14:03 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 08:03 - 2012-03-10 13:16 - 00000000 ____D C:\Windows\Minidump
2013-10-17 08:03 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2013-10-16 21:55 - 2011-12-31 12:07 - 00004138 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001UA
2013-10-16 21:55 - 2011-12-31 12:07 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320315719-3326968574-895728413-1001Core
2013-10-16 21:01 - 2011-12-27 15:55 - 00000000 ____D C:\ProgramData\Sonic
2013-10-16 20:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-15 22:22 - 2012-02-27 18:31 - 00000763 _____ C:\Windows\wiso.ini
2013-10-15 22:22 - 2012-02-27 18:27 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-10-14 21:41 - 2013-08-01 22:45 - 00000000 ____D C:\Users\Jens aaaaaaa\Documents\My Digital Editions
2013-10-13 23:00 - 2013-07-29 22:39 - 00000000 ____D C:\Windows\tmp
2013-10-13 22:45 - 2013-07-29 22:39 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Local\Kobo
2013-10-13 22:44 - 2013-07-29 22:39 - 00001001 _____ C:\Users\Public\Desktop\Kobo.lnk
2013-10-13 22:44 - 2013-07-29 22:39 - 00000000 ____D C:\Program Files (x86)\Kobo
2013-10-13 22:38 - 2013-10-13 22:38 - 00001520 _____ C:\Users\Jens aaaaaaa\Downloads\URLLink (5).acsm
2013-10-13 22:38 - 2013-10-13 22:38 - 00001514 _____ C:\Users\Jens aaaaaaa\Downloads\URLLink (4).acsm
2013-10-13 21:37 - 2013-01-10 22:11 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-13 21:37 - 2013-01-10 22:11 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-10 18:59 - 2012-04-29 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 18:59 - 2012-04-29 22:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 18:59 - 2011-12-27 15:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 21:42 - 2009-07-14 06:45 - 00370216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 21:39 - 2012-05-11 17:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 07:22 - 2012-05-11 17:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 07:22 - 2011-02-11 12:22 - 01591930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 07:20 - 2013-08-01 17:59 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 07:18 - 2011-12-30 16:29 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-08 23:42 - 2013-10-08 23:42 - 00171520 _____ C:\Users\Jens aaaaaaa\Downloads\Reibung_zw_festen_Stoffen.pps
2013-10-07 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-06 01:07 - 2012-01-05 23:23 - 00000000 ____D C:\Users\Jens aaaaaaa\AppData\Roaming\SoftGrid Client
2013-09-23 01:28 - 2013-10-09 07:24 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-09 07:24 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-09 07:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-09 07:24 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-09 07:24 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-09 07:24 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 05:38 - 2013-10-09 07:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-09 07:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-09 07:24 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-09 07:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-20 10:49 - 2013-10-19 09:42 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
Files to move or delete:
====================
C:\Users\Jens aaaaaaa\APP_IO_WXP_VSTA_W7_A02_Setup-7W7T4_ZPE.exe
C:\Users\Jens aaaaaaa\CONEXANT_D400-USB-MODEM_DPP14_A00_SETUP_ZPE.exe
C:\Users\Jens aaaaaaa\CONEXANT_D400-USB-MODEM_J6N4K_A02_SETUP_ZPE.exe
C:\Users\Jens aaaaaaa\CW1394A0.exe
C:\Users\Jens aaaaaaa\DELL_MOBILE-BROADBAND-MANAGE_A08_R291705.exe
C:\Users\Jens aaaaaaa\DELL_WIRELESS-5540-HSPA-MINI_A11_R287094.exe
C:\Users\Jens aaaaaaa\DELL_WIRELESS-5550-HSPA-MINI_A03_R298995.exe
C:\Users\Jens aaaaaaa\DELL_WIRELESS-5550-HSPA-MINI_A03_R298998.exe
C:\Users\Jens aaaaaaa\DELL_WIRELESS-5620-EVDO-HSPA_A09_R292028.exe
C:\Users\Jens aaaaaaa\L502X_A__06.exe
C:\Users\Jens aaaaaaa\R261284.exe
C:\Users\Jens aaaaaaa\R293038.exe
C:\Users\Jens aaaaaaa\R296901.exe
C:\Users\Jens aaaaaaa\R304505.exe
C:\Users\Jens aaaaaaa\R304507.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-20 11:54
==================== End Of Log ============================
scheint ansonsten alles gut zu sein....AVIRA meldet keine Funde Grüße Jens |
|
20.10.2013, 17:50
| #11 |
| /// the machine /// TB-Ausbilder | WIN7: Avira meldet Fund tr/agent.143516.1 Java und Adobe updaten. Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
