AARTEMIS virus

dannyhh · 28.11.2013, 16:42

hallo wann ich meinen Internet Explorer öffne wird er mit AARTEMIS geöffnet und das kann man nicht mehr entfernen doer mit goggle starten.

M-K-D-B · 28.11.2013, 17:25

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 4 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

dannyhh · 28.11.2013, 18:41

hallo wann ich denn scann ´Durchführe gehen 2 Fenster auf mit ziemlich vielen Worder leider kenne ich mich nicht so gur aus was muss ich dir das Posten alles ???

oder das wo mit dem hir anfängt Scan result bitte um hilfe es geht dann ein Fenster auf mit viele Geschriebenen Sachen danke

oder alles was dort im FRST text drin steht ???

M-K-D-B · 29.11.2013, 14:23

Servus,

poste mir alles, was in den beiden Textdokumenten (FRST.txt und Addition.txt) steht.

Und bitte bemühe dich, einigermaßen gut verständlich zu schreiben.

dannyhh · 29.11.2013, 15:07

Hallo nun habe ich ein weiteres Problem ich habe keine Netzwerkverbindung seit gesren abend .
Aber e mails und so weiter geht es kamm auf einmal internet explorer wurde verschoben oder geändert .
Hängt das mit dem virus zusammen . Schreibe dir gerade vom tablet. Bitte um hilfe

M-K-D-B · 29.11.2013, 19:45

Servus,

Setze folgendermaßen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

Berichte mir, ob du danach mit dem IE wieder ins Netz kannst.

Hast du keinen anderen Browser?

dannyhh · 29.11.2013, 21:20

Hallo das funktioniert nicht wann ich ihn öffnen will kommt diese meldung verknüpfung bezieht wurde verändert oder verschoben. Ich komme gerade überhaubt nicht ins internet wann ich das netzwek verbinden will z.b kommt diese verbindung ist nicht verfugbar weil es ein Problem mmit dem modem oder netwerkatabter gibt. Aber andere pc im haus funktionieren. Allso es geht alles bei aus das internet .

Wann ich in der systemsteurung auf internetoptionen gehe erweitert zurücksetzen kommt ein rotes x benuteranpasungen werden zurückgesetzt ein grüner hacken browser add ons deaktivirt ein grüner hacken Standardeinstellungen werden angewendet und kanns unten warum ist das zurücksetzen fehlgeschlagenen wann ich das dann anklige kommt aber keine meldung

M-K-D-B · 30.11.2013, 12:45

Servus,

dann lade dir von einem anderen Rechner (der funktioniert) FRST auf einen USB-Stick, starte den infizierten Rechner, stecke den USB-Stick an, kopiere FRST vom USB-Stick auf den Desktop und führe das Tool so aus.

dannyhh · 30.11.2013, 15:35

Hallo habe denn frst text jetzt auf meinem teplet leider läst er sich nicht kopieren und hir einfugen . Gibt es vieleicht eine möglichkeit das ich ihnen denn frst text als e mail weiterleite ?

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Danny Hahn (administrat result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Danny Hahn (administrator) on DANNYHAHN-HP on 30-11-2013 13:56:47
Running from C:\Users\Danny Hahn\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Winlogon: [Userinit] c:\windows\syswow64\userinit.exe, [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Driver Pro] - C:\Program Files (x86)\Driver Pro\DPLauncher.exe [340512 2012-10-30] (PC Utilities Pro)
HKCU\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Danny Hahn\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: []
HKCU\...\Policies\system: [DisableRegedit] 1
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-09-23] (AVG Technologies CZ, s.r.o.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Soft32YB&dpid=Soft32YB&co=DE&userid=96ea478d-a19a-e880-0888-576a3954ad7f&searchtype=ds&q={searchTerms}&installDate=25/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://internet/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://aartemis.com/?type=hp&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Soft32YB&dpid=Soft32YB&co=DE&userid=96ea478d-a19a-e880-0888-576a3954ad7f&searchtype=ds&q={searchTerms}&installDate=25/11/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - No Name - {95080B13-AA71-4EE8-B951-7E98221E1ED5} - No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2012-02-18] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default
FF user.js: detected! => C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\user.js
FF NewTab: about:blank
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\mixidj.xml
FF Extension: Zula Games - C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\zulagames@ZulaGames.com
FF Extension: DealPly Shopping - C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f}
FF Extension: ftd - C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\ftd@ftd.com.xpi
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Protector by IB\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Protector by IB\Firefox
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

Chrome:
=======
CHR Extension: (wxDfast) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bccldkoinakjmmgebambiaggjobhikfg\1.0_0
CHR Extension: (YouTube) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: () - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5
CHR Extension: (Website Logon) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0
CHR Extension: (Wajam) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0
CHR Extension: (DealPly Shopping) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0
CHR Extension: (Gmail) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Iminent Chrome Toolbar) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0
CHR Extension: (wxDfast) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppjemjejnnojomfekgbpbbnecicblllf\1.0_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Protector by IB\source.crx
CHR HKLM-x32\...\Chrome\Extension: [bccldkoinakjmmgebambiaggjobhikfg] - C:\ProgramData\wxDfast\bccldkoinakjmmgebambiaggjobhikfg.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Protector by IB\source.crx
CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\Danny Hahn\AppData\Roaming\zulagam

Hallo habe ihnen jetzt denn text eingefügt ist das so ok?

M-K-D-B · 01.12.2013, 10:49

Servus,

Zitat:

Zitat von dannyhh

Hallo habe ihnen jetzt denn text eingefügt ist das so ok?

ja, das ist ok so... nur leider ist der Text unvollständig.

Zudem erstellt FRST beim erstmaligen Ausführen 2 Logdateien, diese sollten sich direkt auf dem Desktop befinden.
Diese beiden Logdateien wieder auf den USB-Stick kopieren und von einem sauberen Rechner beide Logdateien direkt hier reinkopieren.

dannyhh · 01.12.2013, 19:50

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Danny Hahn (administrator) on DANNYHAHN-HP on 01-12-2013 11:01:12
Running from C:\Users\Danny Hahn\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Windows\System32\Dxpserver.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Winlogon: [Userinit] c:\windows\syswow64\userinit.exe, [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Driver Pro] - C:\Program Files (x86)\Driver Pro\DPLauncher.exe [340512 2012-10-30] (PC Utilities Pro)
HKCU\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Danny Hahn\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: [] 
HKCU\...\Policies\system: [DisableRegedit] 1
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-09-23] (AVG Technologies CZ, s.r.o.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Soft32YB&dpid=Soft32YB&co=DE&userid=96ea478d-a19a-e880-0888-576a3954ad7f&searchtype=ds&q={searchTerms}&installDate=25/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://internet/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = AARTEMIS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = AARTEMIS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Soft32YB&dpid=Soft32YB&co=DE&userid=96ea478d-a19a-e880-0888-576a3954ad7f&searchtype=ds&q={searchTerms}&installDate=25/11/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - No Name - {95080B13-AA71-4EE8-B951-7E98221E1ED5} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2012-02-18] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default
FF user.js: detected! => C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\user.js
FF NewTab: about:blank
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\mixidj.xml
FF Extension: Zula Games - C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\zulagames@ZulaGames.com
FF Extension: DealPly  Shopping - C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f}
FF Extension: ftd - C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\ftd@ftd.com.xpi
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Protector by IB\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Protector by IB\Firefox
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

Chrome: 
=======
CHR Extension: (wxDfast) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bccldkoinakjmmgebambiaggjobhikfg\1.0_0
CHR Extension: (YouTube) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: () - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5
CHR Extension: (Website Logon) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0
CHR Extension: (Wajam) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0
CHR Extension: (DealPly  Shopping) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0
CHR Extension: (Gmail) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Iminent Chrome Toolbar) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0
CHR Extension: (wxDfast) - C:\Users\DANNYH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppjemjejnnojomfekgbpbbnecicblllf\1.0_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Protector by IB\source.crx
CHR HKLM-x32\...\Chrome\Extension: [bccldkoinakjmmgebambiaggjobhikfg] - C:\ProgramData\wxDfast\bccldkoinakjmmgebambiaggjobhikfg.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Protector by IB\source.crx
CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\Danny Hahn\AppData\Roaming\zulagames\zulagames.crx
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Danny Hahn\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM-x32\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [ppjemjejnnojomfekgbpbbnecicblllf] - C:\ProgramData\wxDfast\ppjemjejnnojomfekgbpbbnecicblllf.crx

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
R2 AV Engine Scanning Service; C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe [x]
R2 AV Watch Service; C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe [x]
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /svc [x]
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /medsvc [x]

==================== Drivers (Whitelisted) ====================

S3 AVFSFilter; C:\Windows\System32\DRIVERS\avfsfilter.sys [13720 2012-05-30] ()
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-02-18] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-01] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 gfiark; system32\drivers\gfiark.sys [x]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 11:00 - 2013-12-01 11:01 - 00015742 _____ C:\Users\Danny Hahn\Desktop\FRST.txt
2013-12-01 11:00 - 2013-11-30 13:48 - 01958440 ____N (Farbar) C:\Users\Danny Hahn\Desktop\FRST64.exe
2013-12-01 09:31 - 2013-12-01 09:31 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{EF6FA3D9-D0E0-44D3-9647-4969CCC97482}
2013-11-30 10:59 - 2013-11-30 10:59 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{AF4438BD-5728-43B6-84E7-5E0C77C5F1B4}
2013-11-29 22:58 - 2013-11-29 22:58 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{03D2A7D3-F2EF-44A8-860A-66A7DB288524}
2013-11-29 09:48 - 2013-11-29 09:48 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4A19E808-9E8F-47C9-8DF0-A4D4D1BBFF60}
2013-11-29 09:14 - 2013-11-30 18:17 - 00020254 _____ C:\Windows\IE9_main.log
2013-11-29 08:46 - 2013-11-12 12:32 - 00480256 _____ (Microsoft Corporation) C:\Users\Danny Hahn\Desktop\ieinstal.exe
2013-11-28 22:49 - 2013-11-28 22:49 - 00001073 _____ C:\Program Files (x86)\Opera - Verknüpfung.lnk
2013-11-28 22:46 - 2013-11-28 22:46 - 00001143 _____ C:\Program Files\Internet Explorer - Verknüpfung.lnk
2013-11-28 22:23 - 2013-11-28 22:48 - 00002120 _____ C:\Windows\system32\Drivers\kgpcpy.cfg
2013-11-28 22:20 - 2013-11-28 22:20 - 00000000 ____D C:\ProgramData\Licenses
2013-11-28 21:05 - 2013-11-28 21:05 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{715AB8D3-26C1-4DDC-82F1-2B1390DC94E8}
2013-11-28 18:17 - 2013-11-28 18:17 - 00000000 ____D C:\FRST
2013-11-28 16:04 - 2013-11-28 22:22 - 00007708 _____ C:\Windows\PFRO.log
2013-11-28 15:05 - 2013-11-28 15:17 - 00000016 _____ C:\Windows\system32\config\software.szfi
2013-11-28 14:42 - 2013-11-28 14:42 - 00000248 _____ C:\Windows\SysWOW64\Drivers\kgpcpy.cfg
2013-11-28 14:41 - 2013-11-28 14:41 - 00002024 _____ C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2013-11-28 14:40 - 2013-11-28 22:58 - 00000000 ____D C:\ProgramData\STOPzilla!
2013-11-28 14:36 - 2013-12-01 10:52 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\newnext.me
2013-11-28 14:36 - 2013-11-28 14:43 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\Mobogenie
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\Documents\Mobogenie
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\genienext
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\cache
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\.android
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 _____ C:\Users\Danny Hahn\daemonprocess.txt
2013-11-28 14:35 - 2013-11-28 14:35 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\SearchProtect
2013-11-28 14:29 - 2013-11-28 22:56 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-11-28 14:29 - 2013-11-28 14:29 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\ParetoLogic
2013-11-28 14:29 - 2013-11-28 14:29 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\DriverCure
2013-11-28 14:06 - 2013-11-28 14:06 - 00000000 _____ C:\autoexec.bat
2013-11-28 13:58 - 2013-11-30 14:39 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C5DC668D-3C39-4915-A4B7-FF1DDED0CB89}
2013-11-28 09:04 - 2013-11-28 09:05 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{F6E6D09D-2CA4-43A3-B3C8-0A4C024481A7}
2013-11-27 14:40 - 2013-12-01 10:51 - 00005370 _____ C:\Windows\setupact.log
2013-11-27 14:40 - 2013-11-27 14:40 - 00000000 _____ C:\Windows\setuperr.log
2013-11-27 11:16 - 2013-11-27 11:16 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{F44FBDFC-22ED-419D-9B32-C394B7F512C8}
2013-11-26 22:58 - 2013-11-26 22:58 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E224B736-9C82-4208-B8F4-D43F1C37764A}
2013-11-26 09:20 - 2013-11-26 09:20 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2F4BECB9-C4E5-4540-A8ED-10699AF7A193}
2013-11-25 10:54 - 2013-11-25 10:54 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\OpenOffice
2013-11-25 10:53 - 2013-11-25 12:26 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-11-25 10:50 - 2013-11-25 11:28 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-11-25 10:50 - 2013-11-25 11:16 - 00002325 _____ C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-11-25 10:50 - 2013-11-25 10:50 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\Dealply
2013-11-25 10:50 - 2013-11-25 10:50 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\DealPlyLive
2013-11-25 10:50 - 2013-11-25 10:50 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-11-25 09:51 - 2013-11-25 09:51 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4E6F592E-9AA9-48C7-AD0E-2BA27E866FC2}
2013-11-24 10:03 - 2013-11-24 10:03 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{96D6D175-F043-4363-8043-88F45EFE1BFA}
2013-11-23 12:30 - 2013-11-23 12:31 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2699BDDC-C3CA-47C1-961B-DBADC7900FE0}
2013-11-22 23:40 - 2013-11-22 23:40 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3DA693BF-690E-417F-9835-076B6102BA89}
2013-11-22 10:13 - 2013-11-22 10:14 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{04040642-6959-4511-A78A-B17970F7742F}
2013-11-22 09:20 - 2013-11-22 09:20 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{B4B87F7F-0E5F-4E7F-95BA-1430980A3F9E}
2013-11-21 21:56 - 2013-11-21 21:56 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3EDAE367-343B-485A-B232-DF88492E7B4B}
2013-11-21 09:05 - 2013-11-21 09:06 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{EC2D3188-4129-42AE-B2E1-388C95CBB8E5}
2013-11-20 21:05 - 2013-11-20 21:05 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E3C84217-1E7D-4C90-848C-5F6D77F80F72}
2013-11-20 08:39 - 2013-11-20 08:39 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{8AA43347-7ABE-45F5-BD91-301D1BED9468}
2013-11-19 21:31 - 2013-11-19 21:31 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{ADA12729-8A1A-43E4-B1C5-0EDC470896AB}
2013-11-19 08:39 - 2013-11-19 08:39 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{1B624095-0FBA-48D8-9BC5-762FA4A90CCD}
2013-11-18 21:36 - 2013-11-18 21:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4F41BBDC-39D9-498F-95D5-D6A10CF9F644}
2013-11-18 09:22 - 2013-11-18 09:22 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{CA09A87D-4607-4E3B-B851-5188AD039268}
2013-11-17 21:15 - 2013-11-17 21:15 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{9005ADB6-0744-46B3-8152-D15F2A968F68}
2013-11-17 08:41 - 2013-11-17 08:41 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{21F45533-C1A8-4FFA-8258-CDD4905CA8A4}
2013-11-16 11:34 - 2013-11-16 11:34 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{6D15EE49-A8D8-4F6F-AC83-1F137FEEDFFB}
2013-11-15 22:44 - 2013-11-15 22:44 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{F54580F9-2AA0-4F4A-8E54-E2EC3160DF77}
2013-11-15 09:55 - 2013-11-15 09:55 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{9461D652-3D81-42FD-BB6C-12D074B9A514}
2013-11-14 11:11 - 2013-11-14 11:11 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{FFB2F8C2-BE1F-43E9-B47E-1432120D0AC0}
2013-11-14 11:07 - 2013-11-14 11:07 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{C6900E24-7AE1-4FCD-8600-BECF618B4162}
2013-11-13 23:04 - 2013-11-13 23:04 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{7749C3EF-E0B9-4082-997A-0E0168745B26}
2013-11-13 09:10 - 2013-11-13 09:11 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E1EBF981-EBD9-4B3B-9A91-070380E77A31}
2013-11-13 09:07 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 09:07 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 09:07 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 09:07 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 09:07 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 09:07 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 09:07 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 09:07 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 09:07 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 09:07 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 09:07 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 09:07 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 09:07 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 09:07 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 09:07 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 09:07 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 09:07 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 09:07 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 09:07 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 09:07 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 09:07 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 09:07 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 09:07 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 09:07 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 09:07 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 09:07 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 09:07 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 09:07 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 09:07 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 09:07 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 12:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-12 12:32 - 2013-11-12 12:32 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 12:32 - 2013-11-12 12:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 12:32 - 2013-11-12 12:32 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 12:32 - 2013-11-12 12:32 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 12:32 - 2013-11-12 12:32 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 12:32 - 2013-11-12 12:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 12:32 - 2013-11-12 12:32 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 12:32 - 2013-11-12 12:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 12:32 - 2013-11-12 12:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 12:32 - 2013-11-12 12:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 12:32 - 2013-11-12 12:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 09:25 - 2013-11-12 09:25 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{20D13C98-9DEF-4228-80FE-74E6497B27C0}
2013-11-11 09:27 - 2013-11-11 09:27 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{CD533EDF-610F-4976-B25D-746E8A678DFE}
2013-11-10 13:25 - 2013-11-10 13:25 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3B0FE778-BCE9-4607-9BB2-6BE6E62CF4A5}
2013-11-10 09:50 - 2013-11-10 09:50 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{B41EAEA6-FB87-4BDC-95CF-B8394DF3E653}
2013-11-09 08:49 - 2013-11-09 08:49 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{A44780BF-AC66-463F-9B1D-A8FBCBD352F7}
2013-11-08 21:17 - 2013-11-08 21:17 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{52DFCB29-5597-4792-914E-AE23F37878B2}
2013-11-08 08:48 - 2013-11-08 08:48 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2BC87C5D-9C5B-414C-9B08-C1D342345592}
2013-11-07 08:55 - 2013-11-07 08:56 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{52149834-A47A-48D0-99F0-AB10F430C446}
2013-11-06 08:53 - 2013-11-06 08:53 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E866ABA7-CF88-4E40-A366-1C00FE4C3C99}
2013-11-05 11:33 - 2013-11-05 11:33 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2848EF11-DC66-47CA-AADC-C2BA0C33E5EB}
2013-11-04 11:44 - 2013-11-04 11:44 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{71D48178-739A-4F01-91B1-D514589D1796}
2013-11-03 11:16 - 2013-11-03 11:16 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4123022B-CBD8-4F7E-BBBE-635C89E503D8}
2013-11-02 21:38 - 2013-11-02 21:39 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3D9135BB-26AF-4479-827A-A4B38E96AC97}
2013-11-02 14:05 - 2013-11-02 14:10 - 00283104 _____ (Mozilla) C:\Users\Danny Hahn\Downloads\Firefox Setup Stub 25_0_exe
2013-11-02 13:45 - 2013-11-25 12:22 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-11-02 13:45 - 2013-11-02 13:45 - 22404568 _____ (Mozilla) C:\Users\Danny Hahn\Downloads\Firefox_Setup [1].exe
2013-11-02 13:45 - 2013-11-02 13:45 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3736.dll
2013-11-02 13:44 - 2013-11-03 11:50 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-11-02 13:44 - 2013-11-03 11:18 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-11-02 13:44 - 2013-11-02 13:44 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\BonanzaDealsLive
2013-11-02 13:44 - 2013-11-02 13:44 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-02 09:11 - 2013-11-02 09:12 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{DCFA692F-957B-4035-B3F3-75012C76F093}
2013-11-01 20:46 - 2013-11-01 20:46 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{5C3635DB-F8B7-4EBA-93ED-2A0C90EF631D}
2013-11-01 08:28 - 2013-11-01 08:29 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{A76E20AB-814C-4B97-A103-C026865BC996}

==================== One Month Modified Files and Folders =======

2013-12-01 11:01 - 2013-12-01 11:00 - 00015742 _____ C:\Users\Danny Hahn\Desktop\FRST.txt
2013-12-01 10:59 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 10:59 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 10:57 - 2012-03-06 16:01 - 00000000 ____D C:\ProgramData\MFAData
2013-12-01 10:55 - 2013-09-07 10:04 - 01791673 _____ C:\Windows\WindowsUpdate.log
2013-12-01 10:55 - 2012-02-18 08:08 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-12-01 10:55 - 2012-02-18 08:08 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-12-01 10:55 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 10:52 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\newnext.me
2013-12-01 10:51 - 2013-11-27 14:40 - 00005370 _____ C:\Windows\setupact.log
2013-12-01 10:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 09:31 - 2013-12-01 09:31 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{EF6FA3D9-D0E0-44D3-9647-4969CCC97482}
2013-11-30 18:17 - 2013-11-29 09:14 - 00020254 _____ C:\Windows\IE9_main.log
2013-11-30 18:10 - 2012-06-05 12:03 - 00000000 ____D C:\ProgramData\clp
2013-11-30 14:39 - 2013-11-28 13:58 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C5DC668D-3C39-4915-A4B7-FF1DDED0CB89}
2013-11-30 13:48 - 2013-12-01 11:00 - 01958440 ____N (Farbar) C:\Users\Danny Hahn\Desktop\FRST64.exe
2013-11-30 10:59 - 2013-11-30 10:59 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{AF4438BD-5728-43B6-84E7-5E0C77C5F1B4}
2013-11-29 22:58 - 2013-11-29 22:58 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{03D2A7D3-F2EF-44A8-860A-66A7DB288524}
2013-11-29 19:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-29 10:43 - 2012-03-19 21:00 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\Windows Live
2013-11-29 09:48 - 2013-11-29 09:48 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4A19E808-9E8F-47C9-8DF0-A4D4D1BBFF60}
2013-11-29 09:07 - 2012-03-06 15:45 - 00000000 ____D C:\Users\Danny Hahn
2013-11-29 09:07 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-29 09:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-29 08:56 - 2012-09-18 10:46 - 00000000 ____D C:\Users\Danny Hahn\Desktop\Neuer Ordner (2)
2013-11-28 23:09 - 2013-05-12 18:17 - 00000000 ____D C:\Program Files (x86)\Driver Pro
2013-11-28 22:58 - 2013-11-28 14:40 - 00000000 ____D C:\ProgramData\STOPzilla!
2013-11-28 22:56 - 2013-11-28 14:29 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-11-28 22:49 - 2013-11-28 22:49 - 00001073 _____ C:\Program Files (x86)\Opera - Verknüpfung.lnk
2013-11-28 22:48 - 2013-11-28 22:23 - 00002120 _____ C:\Windows\system32\Drivers\kgpcpy.cfg
2013-11-28 22:46 - 2013-11-28 22:46 - 00001143 _____ C:\Program Files\Internet Explorer - Verknüpfung.lnk
2013-11-28 22:22 - 2013-11-28 16:04 - 00007708 _____ C:\Windows\PFRO.log
2013-11-28 22:20 - 2013-11-28 22:20 - 00000000 ____D C:\ProgramData\Licenses
2013-11-28 21:05 - 2013-11-28 21:05 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{715AB8D3-26C1-4DDC-82F1-2B1390DC94E8}
2013-11-28 18:17 - 2013-11-28 18:17 - 00000000 ____D C:\FRST
2013-11-28 15:17 - 2013-11-28 15:05 - 00000016 _____ C:\Windows\system32\config\software.szfi
2013-11-28 14:43 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\Mobogenie
2013-11-28 14:42 - 2013-11-28 14:42 - 00000248 _____ C:\Windows\SysWOW64\Drivers\kgpcpy.cfg
2013-11-28 14:41 - 2013-11-28 14:41 - 00002024 _____ C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\Documents\Mobogenie
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\genienext
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\cache
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 ____D C:\Users\Danny Hahn\.android
2013-11-28 14:36 - 2013-11-28 14:36 - 00000000 _____ C:\Users\Danny Hahn\daemonprocess.txt
2013-11-28 14:35 - 2013-11-28 14:35 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\SearchProtect
2013-11-28 14:29 - 2013-11-28 14:29 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\ParetoLogic
2013-11-28 14:29 - 2013-11-28 14:29 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\DriverCure
2013-11-28 14:06 - 2013-11-28 14:06 - 00000000 _____ C:\autoexec.bat
2013-11-28 09:05 - 2013-11-28 09:04 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{F6E6D09D-2CA4-43A3-B3C8-0A4C024481A7}
2013-11-27 14:40 - 2013-11-27 14:40 - 00000000 _____ C:\Windows\setuperr.log
2013-11-27 11:16 - 2013-11-27 11:16 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{F44FBDFC-22ED-419D-9B32-C394B7F512C8}
2013-11-26 22:58 - 2013-11-26 22:58 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E224B736-9C82-4208-B8F4-D43F1C37764A}
2013-11-26 09:20 - 2013-11-26 09:20 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2F4BECB9-C4E5-4540-A8ED-10699AF7A193}
2013-11-25 13:54 - 2009-07-14 05:45 - 00413256 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-25 12:27 - 2012-03-06 15:49 - 00107264 _____ C:\Users\Danny Hahn\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-25 12:26 - 2013-11-25 10:53 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-11-25 12:25 - 2012-03-20 20:22 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\Systweak
2013-11-25 12:22 - 2013-11-02 13:45 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-11-25 12:22 - 2012-07-11 16:51 - 00000000 ___RD C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-25 11:28 - 2013-11-25 10:50 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-11-25 11:16 - 2013-11-25 10:50 - 00002325 _____ C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-11-25 11:16 - 2013-05-01 07:33 - 00001581 _____ C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-25 10:54 - 2013-11-25 10:54 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\OpenOffice
2013-11-25 10:50 - 2013-11-25 10:50 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\Dealply
2013-11-25 10:50 - 2013-11-25 10:50 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\DealPlyLive
2013-11-25 10:50 - 2013-11-25 10:50 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-11-25 10:50 - 2012-03-06 16:03 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-25 09:51 - 2013-11-25 09:51 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4E6F592E-9AA9-48C7-AD0E-2BA27E866FC2}
2013-11-24 10:03 - 2013-11-24 10:03 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{96D6D175-F043-4363-8043-88F45EFE1BFA}
2013-11-23 12:31 - 2013-11-23 12:30 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2699BDDC-C3CA-47C1-961B-DBADC7900FE0}
2013-11-22 23:40 - 2013-11-22 23:40 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3DA693BF-690E-417F-9835-076B6102BA89}
2013-11-22 10:14 - 2013-11-22 10:13 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{04040642-6959-4511-A78A-B17970F7742F}
2013-11-22 09:20 - 2013-11-22 09:20 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{B4B87F7F-0E5F-4E7F-95BA-1430980A3F9E}
2013-11-21 21:56 - 2013-11-21 21:56 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3EDAE367-343B-485A-B232-DF88492E7B4B}
2013-11-21 12:08 - 2012-03-11 18:16 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\CrashDumps
2013-11-21 09:06 - 2013-11-21 09:05 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{EC2D3188-4129-42AE-B2E1-388C95CBB8E5}
2013-11-20 21:05 - 2013-11-20 21:05 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E3C84217-1E7D-4C90-848C-5F6D77F80F72}
2013-11-20 08:39 - 2013-11-20 08:39 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{8AA43347-7ABE-45F5-BD91-301D1BED9468}
2013-11-19 21:31 - 2013-11-19 21:31 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{ADA12729-8A1A-43E4-B1C5-0EDC470896AB}
2013-11-19 10:16 - 2013-06-21 09:12 - 00000000 ____D C:\Users\Danny Hahn\AppData\Roaming\File Scout
2013-11-19 09:32 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-19 08:39 - 2013-11-19 08:39 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{1B624095-0FBA-48D8-9BC5-762FA4A90CCD}
2013-11-18 21:36 - 2013-11-18 21:36 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4F41BBDC-39D9-498F-95D5-D6A10CF9F644}
2013-11-18 09:22 - 2013-11-18 09:22 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{CA09A87D-4607-4E3B-B851-5188AD039268}
2013-11-17 21:15 - 2013-11-17 21:15 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{9005ADB6-0744-46B3-8152-D15F2A968F68}
2013-11-17 08:41 - 2013-11-17 08:41 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{21F45533-C1A8-4FFA-8258-CDD4905CA8A4}
2013-11-16 11:34 - 2013-11-16 11:34 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{6D15EE49-A8D8-4F6F-AC83-1F137FEEDFFB}
2013-11-15 22:44 - 2013-11-15 22:44 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{F54580F9-2AA0-4F4A-8E54-E2EC3160DF77}
2013-11-15 09:55 - 2013-11-15 09:55 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{9461D652-3D81-42FD-BB6C-12D074B9A514}
2013-11-14 11:11 - 2013-11-14 11:11 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{FFB2F8C2-BE1F-43E9-B47E-1432120D0AC0}
2013-11-14 11:07 - 2013-11-14 11:07 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{C6900E24-7AE1-4FCD-8600-BECF618B4162}
2013-11-14 10:03 - 2011-02-11 18:00 - 00000000 ____D C:\Windows\Panther
2013-11-13 23:04 - 2013-11-13 23:04 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{7749C3EF-E0B9-4082-997A-0E0168745B26}
2013-11-13 14:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-13 09:54 - 2013-07-12 11:53 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 09:53 - 2012-03-06 16:50 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 09:11 - 2013-11-13 09:10 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E1EBF981-EBD9-4B3B-9A91-070380E77A31}
2013-11-12 12:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-12 12:32 - 2013-11-29 08:46 - 00480256 _____ (Microsoft Corporation) C:\Users\Danny Hahn\Desktop\ieinstal.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 12:32 - 2013-11-12 12:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 12:32 - 2013-11-12 12:32 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 12:32 - 2013-11-12 12:32 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 12:32 - 2013-11-12 12:32 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 12:32 - 2013-11-12 12:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 12:32 - 2013-11-12 12:32 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 12:32 - 2013-11-12 12:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 12:32 - 2013-11-12 12:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 12:32 - 2013-11-12 12:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 12:32 - 2013-11-12 12:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 12:32 - 2013-11-12 12:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 12:32 - 2013-11-12 12:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 09:25 - 2013-11-12 09:25 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{20D13C98-9DEF-4228-80FE-74E6497B27C0}
2013-11-11 09:27 - 2013-11-11 09:27 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{CD533EDF-610F-4976-B25D-746E8A678DFE}
2013-11-10 13:25 - 2013-11-10 13:25 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3B0FE778-BCE9-4607-9BB2-6BE6E62CF4A5}
2013-11-10 09:50 - 2013-11-10 09:50 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{B41EAEA6-FB87-4BDC-95CF-B8394DF3E653}
2013-11-09 08:49 - 2013-11-09 08:49 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{A44780BF-AC66-463F-9B1D-A8FBCBD352F7}
2013-11-08 21:17 - 2013-11-08 21:17 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{52DFCB29-5597-4792-914E-AE23F37878B2}
2013-11-08 08:48 - 2013-11-08 08:48 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2BC87C5D-9C5B-414C-9B08-C1D342345592}
2013-11-07 08:56 - 2013-11-07 08:55 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{52149834-A47A-48D0-99F0-AB10F430C446}
2013-11-06 08:53 - 2013-11-06 08:53 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{E866ABA7-CF88-4E40-A366-1C00FE4C3C99}
2013-11-05 11:33 - 2013-11-05 11:33 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{2848EF11-DC66-47CA-AADC-C2BA0C33E5EB}
2013-11-04 11:44 - 2013-11-04 11:44 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{71D48178-739A-4F01-91B1-D514589D1796}
2013-11-03 11:50 - 2013-11-02 13:44 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-11-03 11:18 - 2013-11-02 13:44 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-11-03 11:16 - 2013-11-03 11:16 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{4123022B-CBD8-4F7E-BBBE-635C89E503D8}
2013-11-02 21:39 - 2013-11-02 21:38 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{3D9135BB-26AF-4479-827A-A4B38E96AC97}
2013-11-02 14:10 - 2013-11-02 14:05 - 00283104 _____ (Mozilla) C:\Users\Danny Hahn\Downloads\Firefox Setup Stub 25_0_exe
2013-11-02 13:45 - 2013-11-02 13:45 - 22404568 _____ (Mozilla) C:\Users\Danny Hahn\Downloads\Firefox_Setup [1].exe
2013-11-02 13:45 - 2013-11-02 13:45 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3736.dll
2013-11-02 13:44 - 2013-11-02 13:44 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\BonanzaDealsLive
2013-11-02 13:44 - 2013-11-02 13:44 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-02 09:12 - 2013-11-02 09:11 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{DCFA692F-957B-4035-B3F3-75012C76F093}
2013-11-01 20:46 - 2013-11-01 20:46 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{5C3635DB-F8B7-4EBA-93ED-2A0C90EF631D}
2013-11-01 08:29 - 2013-11-01 08:28 - 00000000 ____D C:\Users\Danny Hahn\AppData\Local\{A76E20AB-814C-4B97-A103-C026865BC996}

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3736.dll
C:\Users\Public\AlexaNSISPlugin.5728.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 14:18

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Hallo ich weis es nicht warum aber bei mir kommt leider nur der fst text auf dem deskop

Hallo bei mir kommt nur der frst text auf dem deskop. Oder es kommt wann ich auf scanning drücke
Line 15376 file user danny hahn destop exe errror error in expression

Kann es vieleicht sein das es daher kommt das das internet momentan auch nicht geht ?

Oder es kommt wann ich auf scanning drücke microsoft windows tempoary internet

Ich habe drei oder vier mal das first 64 gedownlodet und eins geht ohne diese fehler meldungen aber dieses erstellt leider nur denn frst text . Ich hoffe sie können mir helfen das mein pc wieder läuft

M-K-D-B · 01.12.2013, 21:18

Servus,

die Addition.txt wird nur erstellt, wenn du nach dem Start von FRST rechts unten ein Häkchen vor "Addition.txt" setzt.

Hattest du das gemacht?

die folgenden Tools bitte wieder von einem anderen Rechner auf den USB-Stick speichern und vom USB-Stick direkt auf den Desktop des infizierten Rechners kopieren und vom Desktop ausführen:

Schritt 1
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von ComboFix,
die Logdatei von AdwCleaner,
die Logdatei von JRT.

dannyhh · 01.12.2013, 22:44

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2013
Ran by Danny Hahn at 2013-12-01 21:30:12
Running from C:\Users\Danny Hahn\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 3.2.1)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
AuthenTec TrueAPI (Version: 1.3.0.116)
AVG 2013 (Version: 13.0.3426)
AVG 2013 (Version: 13.0.3629)
AVG 2013 (Version: 2013.0.3426)
Bejeweled 3 (x32 Version: 2.2.0.97)
Blasterball 3 (x32 Version: 2.2.0.97)
Bounce Symphony (x32 Version: 2.2.0.97)
Cake Mania (x32 Version: 2.2.0.95)
CCleaner (Version: 3.16)
Chronicles of Albian (x32 Version: 2.2.0.95)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cradle of Rome 2 (x32 Version: 2.2.0.95)
Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) (Version: 10.5.0.0)
D3DX10 (x32 Version: 15.4.2368.0902)
Driver Pro v3.0 (x32 Version: 3.0)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.97)
Google Update Helper (x32 Version: 1.3.23.0)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Games (x32 Version: 1.0.2.5)
HP LinkUp (x32 Version: 2.01.028)
HP Odometer (x32 Version: 2.10.0000)
HP Setup (x32 Version: 8.7.4747.3786)
HP Setup Manager (x32 Version: 1.1.13880.3792)
HP SimplePass PE 2011 (x32 Version: 5.3.0.194)
HP Support Assistant (x32 Version: 6.0.4.1)
HP Support Information (x32 Version: 10.1.1000)
HP Update (x32 Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Identity Protection Technology 1.1.2.0 (x32 Version: 1.1.2.0)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867)
Java(TM) 6 Update 31 (64-bit) (Version: 6.0.310)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Mah Jong Medley (x32 Version: 2.2.0.95)
mein Aquarium (x32 Version: 1.0.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (x32 Version: 4.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95)
PDF Complete Special Edition (x32 Version: 4.0.54)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Polar Bowler (x32 Version: 2.2.0.97)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6463)
Recovery Manager (x32 Version: 5.5.0.4320)
Remote Graphics Receiver (x32 Version: 5.4.5)
Slingo Deluxe (x32 Version: 2.2.0.95)
Sony Ericsson Update Engine (x32 Version: 2.12.14.20)
Sony PC Companion 2.10.136 (x32 Version: 2.10.136)
T-Online 6.0 (x32)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.73)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Zuma Deluxe (x32 Version: 2.2.0.95)

==================== Restore Points  =========================

13-11-2013 08:53:31 Windows Update
25-11-2013 09:53:00 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
25-11-2013 09:53:32 Installed OpenOffice 4.0.1
25-11-2013 11:19:58 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
25-11-2013 11:25:25 Removed OpenOffice 4.0.1
25-11-2013 11:25:36 Removed OpenOffice 4.0.1
25-11-2013 11:26:26 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
25-11-2013 14:22:44 Windows Update
28-11-2013 12:31:50 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
28-11-2013 13:05:40 Installed SpyHunter
28-11-2013 13:40:47 Installed STOPzilla
28-11-2013 13:42:07 Removed SpyHunter
28-11-2013 13:42:21 Removed SpyHunter
28-11-2013 13:44:01 STOPzilla Restore Point.
28-11-2013 13:44:12 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
28-11-2013 13:44:33 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
28-11-2013 13:45:22 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
28-11-2013 16:09:38 Removed STOPzilla
28-11-2013 16:10:18 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
28-11-2013 16:10:36 Removed STOPzilla
28-11-2013 21:55:43 Removed STOPzilla
28-11-2013 21:57:58 Removed STOPzilla
28-11-2013 22:09:01 Avira EU-Cleaner - 28.11.2013 23:09
28-11-2013 22:09:36 Windows Update
29-11-2013 07:44:07 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
29-11-2013 07:53:03 Wiederherstellungsvorgang
29-11-2013 08:14:13 Windows Update
29-11-2013 08:58:36 Windows Update
29-11-2013 09:27:36 Windows Update
29-11-2013 09:47:30 Windows Update
29-11-2013 10:29:19 Windows Update
29-11-2013 11:03:36 Windows Update
29-11-2013 11:16:03 Windows Update
29-11-2013 12:23:11 Windows Update
29-11-2013 18:11:25 Windows Update
29-11-2013 20:28:15 Windows Update
30-11-2013 08:03:30 Windows Update
30-11-2013 08:06:25 Windows Update
30-11-2013 12:07:04 Windows Update
30-11-2013 12:15:38 Windows Update
30-11-2013 13:43:02 Windows Update
30-11-2013 17:17:26 Windows Update
01-12-2013 10:42:13 Windows Update
01-12-2013 12:50:05 Windows Update
01-12-2013 14:18:40 Windows Update
01-12-2013 16:47:17 Windows Update
01-12-2013 18:21:02 Windows Update
01-12-2013 18:52:41 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-28 14:41 - 00000860 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {19C97D09-BA44-4E24-8DC5-76D7839B2DBB} - System32\Tasks\{A6A9ED11-2E8B-4F17-B67D-C721E1E571C3} => C:\Users\Danny Hahn\Desktop\FRST64 - Kopiert.exe
Task: {2B535669-F33C-47EA-B814-A442931DFCC0} - System32\Tasks\4806 => C:\Users\DANNYH~1\AppData\Local\Temp\launchie.vbsC:\Users\DANNYH~1\AppData\Local\Temp\launchie.vbs //B
Task: {407E7FE5-988A-4432-9C40-DA59E5B20ED0} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-21] (CyberLink)
Task: {5C78A4DE-5DAB-4A47-82A8-A50B707A0697} - System32\Tasks\{C1257881-AACE-432E-94CD-4C7E0F6C55B3} => C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe [2012-06-27] (Deutsche Telekom AG, Nachrichten - Service - Shopping bei t-online.de)
Task: {6B35952E-8FF7-40B3-A50E-20E5CDE118F3} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {708AAF2A-AEE7-4F79-A570-7AADA7D18C2C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {7F2E5338-A96B-4566-A08A-0462683EEAB5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-09] (Hewlett-Packard)
Task: {8FAC435A-2095-478E-806A-5ACF26CC498A} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {9467D329-023A-453C-A002-75ED9906E5EA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {990A4AE8-422D-4899-B4C9-D171EC311C1B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-09] (Hewlett-Packard Company)
Task: {995BDD83-2808-484B-A529-40C0D23AF38E} - System32\Tasks\{EE82AB35-7F4F-4EB1-AEA0-590383E19777} => C:\Users\Danny Hahn\Desktop\FRST64 - Kopiert.exe
Task: {9E04FE00-A6CF-4DE1-AAAF-4DE74078420A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {C493CCDD-862C-4465-8360-2634C6B9558F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-06-09] (Hewlett-Packard Company)
Task: {DD3C0344-FCC6-4351-803A-CDBB00CE3E58} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe
Task: {F03CEFAD-D9A8-4FE4-BCAF-589F66E4C042} - System32\Tasks\{FC841C0A-59D5-471D-93B9-4B1F6920000B} => C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe [2012-06-27] (Deutsche Telekom AG, Nachrichten - Service - Shopping bei t-online.de)
Task: {F25A9405-EDF0-4701-ADAB-76AF72464B9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-09] (Hewlett-Packard Company)
Task: {F60EBB06-6227-4E21-BC5E-735EE1B90F5D} - System32\Tasks\{82B41AF1-D6F2-48B6-B664-0DBF05EE92BE} => C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe [2012-06-27] (Deutsche Telekom AG, Nachrichten - Service - Shopping bei t-online.de)
Task: {F8340DF6-8654-4FCF-8EC1-E7E4D812A759} - System32\Tasks\{477A9836-C6A4-4626-B806-3AC0884C24E8} => C:\Users\Danny Hahn\Desktop\FRST64 - Kopiert.exe
Task: {F9D31483-B503-441A-A572-AC44339EE6CB} - System32\Tasks\{35E598EB-ED8E-4ABA-957F-B181E7E3E2A8} => C:\Users\Danny Hahn\Desktop\FRST64 - Kopiert.exe
Task: {FFDBB7EC-821F-4CB9-BAF5-339C1903A744} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)

==================== Loaded Modules (whitelisted) =============

2012-05-04 12:45 - 2011-10-04 21:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2012-02-18 08:16 - 2011-01-27 18:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/01/2013 07:00:00 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (11/29/2013 09:12:01 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Wiederherstellungsvorgang). Zusätzliche Informationen: 0x80070005.

Error: (11/29/2013 09:03:34 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Wiederherstellungsvorgang). Zusätzliche Informationen: 0x80070005.

Error: (11/29/2013 08:55:27 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161). Zusätzliche Informationen: 0x80070005.

Error: (11/28/2013 11:09:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary szkg5.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/28/2013 11:09:04 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary szkg5.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/27/2013 11:33:16 AM) (Source: Application Hang) (User: )
Description: Programm OneClick.exe, Version 12.0.3600.73 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11ec

Startzeit: 01ceeb5c0437cd8f

Endzeit: 9

Anwendungspfad: C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe

Berichts-ID: 4f600c4f-574f-11e3-b67c-082e5f1f0dd8

Error: (11/25/2013 03:13:51 PM) (Source: Application Hang) (User: )
Description: Programm wlmail.exe, Version 15.4.3555.308 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: eb4

Startzeit: 01cee9e87d9e3146

Endzeit: 15

Anwendungspfad: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

Berichts-ID: c8b59dd3-55db-11e3-a206-082e5f1f0dd8

Error: (11/25/2013 03:03:48 PM) (Source: Application Hang) (User: )
Description: Programm wlmail.exe, Version 15.4.3555.308 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 710

Startzeit: 01cee9e70df9f3ce

Endzeit: 15

Anwendungspfad: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

Berichts-ID: 63eda79a-55da-11e3-a206-082e5f1f0dd8

Error: (11/25/2013 10:50:16 AM) (Source: MsiInstaller) (User: DannyHahn-HP)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\BonanzaDealsLiveHelper.msi


System errors:
=============
Error: (12/01/2013 09:26:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DealPly Live-Dienst (dealplylive)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/01/2013 09:24:13 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (12/01/2013 09:23:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/01/2013 08:34:55 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (12/01/2013 08:33:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/01/2013 07:52:53 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (12/01/2013 07:52:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Windows Internet Explorer 9 für Windows 7 für x64-basierte Systeme

Error: (12/01/2013 07:48:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DealPly Live-Dienst (dealplylive)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/01/2013 07:46:10 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (12/01/2013 07:45:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (12/01/2013 07:00:00 PM) (Source: Windows Backup)(User: )
Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (11/29/2013 09:12:01 AM) (Source: System Restore)(User: )
Description: Wiederherstellungsvorgang0x80070005

Error: (11/29/2013 09:03:34 AM) (Source: System Restore)(User: )
Description: Wiederherstellungsvorgang0x80070005

Error: (11/29/2013 08:55:27 AM) (Source: System Restore)(User: )
Description: Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.61610x80070005

Error: (11/28/2013 11:09:36 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary szkg5.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (11/28/2013 11:09:04 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary szkg5.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (11/27/2013 11:33:16 AM) (Source: Application Hang)(User: )
Description: OneClick.exe12.0.3600.7311ec01ceeb5c0437cd8f9C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe4f600c4f-574f-11e3-b67c-082e5f1f0dd8

Error: (11/25/2013 03:13:51 PM) (Source: Application Hang)(User: )
Description: wlmail.exe15.4.3555.308eb401cee9e87d9e314615C:\Program Files (x86)\Windows Live\Mail\wlmail.exec8b59dd3-55db-11e3-a206-082e5f1f0dd8

Error: (11/25/2013 03:03:48 PM) (Source: Application Hang)(User: )
Description: wlmail.exe15.4.3555.30871001cee9e70df9f3ce15C:\Program Files (x86)\Windows Live\Mail\wlmail.exe63eda79a-55da-11e3-a206-082e5f1f0dd8

Error: (11/25/2013 10:50:16 AM) (Source: MsiInstaller)(User: DannyHahn-HP)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 4000.82 MB
Available physical RAM: 2088.42 MB
Total Pagefile: 12191 MB
Available Pagefile: 10287.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.97 GB) (Free:400.62 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.69 GB) (Free:1.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive z: (OS) (Network) (Total:452.97 GB) (Free:400.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 266CF60E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-12-01.01 - Danny Hahn 01.12.2013  22:12:03.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4001.2249 [GMT 1:00]
ausgef�hrt von:: c:\users\Danny Hahn\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere L�schungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsTube
c:\programdata\wxDfast
c:\programdata\wxDfast\background.html
c:\programdata\wxDfast\bccldkoinakjmmgebambiaggjobhikfg.crx
c:\programdata\wxDfast\content.js
c:\programdata\wxDfast\data\content.js
c:\programdata\wxDfast\data\jsondb.js
c:\programdata\wxDfast\ppjemjejnnojomfekgbpbbnecicblllf.crx
c:\programdata\wxDfast\settings.ini
c:\users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\Public\AlexaNSISPlugin.5728.dll
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\SysWow64\winsh320
c:\windows\SysWow64\winsh321
c:\windows\SysWow64\winsh322
c:\windows\SysWow64\winsh323
c:\windows\SysWow64\winsh324
c:\windows\SysWow64\winsh325
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-11-01 bis 2013-12-01  ))))))))))))))))))))))))))))))
.
.
2013-11-28 21:20 . 2013-11-28 21:20	--------	d-----w-	c:\programdata\Licenses
2013-11-28 17:17 . 2013-11-28 17:17	--------	d-----w-	C:\FRST
2013-11-28 13:40 . 2013-11-28 21:58	--------	d-----w-	c:\programdata\STOPzilla!
2013-11-28 13:36 . 2013-11-28 13:36	--------	d-----w-	c:\users\Danny Hahn\.android
2013-11-28 13:36 . 2013-12-01 21:04	--------	d-----w-	c:\users\Danny Hahn\AppData\Roaming\newnext.me
2013-11-28 13:36 . 2013-11-28 13:36	--------	d-----w-	c:\users\Danny Hahn\AppData\Local\genienext
2013-11-28 13:36 . 2013-11-28 13:36	--------	d-----w-	c:\users\Danny Hahn\AppData\Local\cache
2013-11-28 13:36 . 2013-11-28 13:43	--------	d-----w-	c:\users\Danny Hahn\AppData\Local\Mobogenie
2013-11-28 13:35 . 2013-11-28 13:35	--------	d-----w-	c:\users\Danny Hahn\AppData\Local\SearchProtect
2013-11-28 13:29 . 2013-11-28 13:29	--------	d-----w-	c:\users\Danny Hahn\AppData\Roaming\ParetoLogic
2013-11-28 13:29 . 2013-11-28 13:29	--------	d-----w-	c:\users\Danny Hahn\AppData\Roaming\DriverCure
2013-11-28 13:29 . 2013-11-28 21:56	--------	d-----w-	c:\programdata\ParetoLogic
2013-11-28 13:05 . 2013-11-28 13:05	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-11-25 09:54 . 2013-11-25 09:54	--------	d-----w-	c:\users\Danny Hahn\AppData\Roaming\OpenOffice
2013-11-25 09:53 . 2013-11-25 11:26	--------	d-----w-	c:\program files (x86)\OpenOffice 4
2013-11-25 09:50 . 2013-11-25 09:50	--------	d-----w-	c:\users\Danny Hahn\AppData\Local\DealPlyLive
2013-11-25 09:50 . 2013-11-25 09:50	--------	d-----w-	c:\programdata\DealPlyLive
2013-11-25 09:50 . 2013-11-25 09:50	--------	d-----w-	c:\users\Danny Hahn\AppData\Roaming\Dealply
2013-11-12 11:35 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2013-11-02 12:45 . 2013-11-25 11:22	--------	d-----w-	c:\program files (x86)\MyPC Backup
2013-11-02 12:45 . 2013-11-02 12:45	129536	----a-w-	c:\users\Public\AlexaNSISPlugin.3736.dll
2013-11-02 12:44 . 2013-11-02 12:44	--------	d-----w-	c:\users\Danny Hahn\AppData\Local\BonanzaDealsLive
2013-11-02 12:44 . 2013-11-02 12:44	--------	d-----w-	c:\programdata\BonanzaDealsLive
2013-11-02 12:44 . 2013-11-03 10:18	--------	d-----w-	c:\program files (x86)\BonanzaDeals
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-13 08:53 . 2012-03-06 15:50	82896128	----a-w-	c:\windows\system32\MRT.exe
2013-09-15 15:20 . 2013-08-08 07:50	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-08 02:30 . 2013-10-10 05:54	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 05:54	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 05:54	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-09-04 23:43 . 2013-09-04 23:43	45880	----a-w-	c:\windows\system32\drivers\avgrkx64.sys
2013-09-04 12:12 . 2013-10-10 08:45	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-10 08:45	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-10 08:45	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-10 08:45	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-10 08:45	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-10 08:45	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-10 08:45	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Eintr�ge & legitime Standardeintr�ge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Driver Pro"="c:\program files (x86)\Driver Pro\DPLauncher.exe" [2012-10-30 340512]
"NextLive"="c:\users\Danny Hahn\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-09-22 4411952]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dealplylive;DealPly Live-Dienst (dealplylive);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 dealplylivem;DealPly Live-Dienst (dealplylivem);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]
R4 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R4 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AV Engine Scanning Service;AV Engine Scanning Service;C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe;C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe [x]
S2 AV Watch Service;AV Watch Service;C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe;C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-01-11 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-01-11 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-01-11 441888]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zus�tzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://internet/
mDefault_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
mDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW
mStart Page = hxxp://aartemis.com/?type=hp&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385374589&from=mlv&uid=ST3500413AS_Z2ALVYHW&q={searchTerms}
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Soft32YB&dpid=Soft32YB&co=DE&userid=96ea478d-a19a-e880-0888-576a3954ad7f&searchtype=ds&q={searchTerms}&installDate=25/11/2013
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseintr�ge - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file)
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
WebBrowser-{51A86BB3-6602-4C85-92A5-130EE4864F13} - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)
ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)
ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)
AddRemove-{34681D92-5958-406A-A654-1B57E7A7B3DC} - c:\program files (x86)\InstallShield Installation Information\{34681D92-5958-406A-A654-1B57E7A7B3DC}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
c:\program files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-01  22:21:14 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-12-01 21:21
.
Vor Suchlauf: 11 Verzeichnis(se), 429.823.303.680 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 429.015.068.672 Bytes frei
.
- - End Of File - - CDED8B04F46C57A4CAFB291B8F6C2C9B

--- --- ---JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Danny Hahn on 01.12.2013 at 22:30:13,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

    Value Name          Type                             Value Data                     
========================================================================================
    NextLive    REG_SZ    C:\Windows\SysWOW64\rundll32.exe "C:\Users\Danny Hahn\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F816170D-C994-4B74-B9A4-234C3838C9EB}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho907C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAED4.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB589.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCBD6.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCCD0.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\Danny Hahn\AppData\Roaming\fighters"
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{001D914F-8B2B-4217-8376-0C149CD3B3AA}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{00D97736-F667-4BEF-91D0-E3D075CAE2A9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0158AD4E-EFDF-49DE-B1B4-68475EC6794A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{01A2855E-CE68-4A04-9E87-0598896E67F5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{01CD20EA-6E51-4D45-94CB-338DA47DC7D2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{02323502-B23A-4BE9-8B13-E46F6152C87F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{03B741ED-94E6-471A-85FF-97C7699ABA55}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{03D2A7D3-F2EF-44A8-860A-66A7DB288524}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{04040642-6959-4511-A78A-B17970F7742F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0587373C-7409-4774-8E81-70B65A2A5FAB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{05B4E4D6-1628-4B13-9369-85C404CCB0DF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{06124B89-560A-4977-A2EB-2A69AE6AE719}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{06FCC3EB-365D-4572-8CB9-5DA3CA738B34}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{07E6E1F2-9D95-4608-8418-C407089338EA}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{090FF6BE-66EA-4B85-B9C8-8EC4D869410B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{09E2ED6E-2A5E-4EC8-8994-7735B1CDF900}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0AF0F600-A6B8-455C-94DD-8A90FA14FE25}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0C30A416-DEC5-4032-97C1-59F8F12C30DF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0D952F25-0347-497B-BB3F-313552FB00D0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0F55C9F8-751B-424F-80BD-DE93DD5188C5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0F90CC8D-AA6F-4A83-9951-A523ABE39E75}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{0FD7520E-52D4-49E3-922B-54044BC22ED2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1100BD66-698D-498C-B55A-45FF41672599}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1131CE16-55E1-45E5-ADDD-6262B54E32EF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{11476FB7-1C4D-402E-99A8-CA546EECB8B9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{11E5DB96-72D0-471B-BA65-E606E7EC6DDF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{12FE0972-3CFE-45CC-9D1C-C635E1E80BE9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{13780ED5-25AE-4FFC-A3F7-6C522F09A98C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1434609B-92C7-4EBB-AEDB-229D41E433F6}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{15618C2A-236B-452E-ABBE-33ECB403D64C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{171DE93C-B899-4694-9192-694E8D57B87E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{19C87BD8-5BC2-420B-8750-0A84D07BBC30}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1B5B53E2-6366-4A83-859B-F388CCE2ED31}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1B624095-0FBA-48D8-9BC5-762FA4A90CCD}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1C76DB32-6D60-43EE-9686-AAA328ADF584}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1CF3C4E2-C29F-40DD-9122-E5845ACED661}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1DE26DDC-E897-4B7B-8F2C-887E27B2BD28}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1F079DAB-7624-411C-A1CF-565A9274616F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{1FC328B6-B8BD-4019-B52A-78AAC5B3CB32}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{20D13C98-9DEF-4228-80FE-74E6497B27C0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{21F45533-C1A8-4FFA-8258-CDD4905CA8A4}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{22CA4BC9-B05B-4120-AEB8-1B09DEC0DD36}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{22DEA021-E04A-4D78-8354-DB51BB7C41FA}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2307DA20-297E-41E8-96E9-A148FA284E46}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{23E3B94F-8084-4202-9D19-2C2161E71188}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{240A6FBB-5949-45A6-89DE-E05632E80EA0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2470CEF4-C45C-45F2-BA48-3D0F543FBF24}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2699BDDC-C3CA-47C1-961B-DBADC7900FE0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{278DBAF9-8EFD-4729-8BDC-180E5FC96C7C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2848EF11-DC66-47CA-AADC-C2BA0C33E5EB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{292E1E2A-B729-4E36-B8B2-E1B02CC367F4}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{29EFC3DC-697F-4FCE-825E-D718D96D74C4}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2A8D3A91-6B8C-4B65-87FF-BB57E1A57021}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2B0A2B7A-D75C-4A45-8A3E-4AAB8B30DF2D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2BC87C5D-9C5B-414C-9B08-C1D342345592}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2BECB411-1BB5-4D48-9799-5B2F94AAF231}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2CAD133C-124A-4D26-B18A-8F23303474B2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2F4BECB9-C4E5-4540-A8ED-10699AF7A193}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2F68CCAB-1344-495A-8618-EBB7E7BF3026}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{2FA4149A-A66D-4B48-A993-CCA09D395CCF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{302F122B-23C7-4D5D-9A99-5409A32E92EE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3054C321-6C57-484C-9DAE-DE285C8479A8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{308CE92A-1EF2-461E-8536-7C5CFA1EA78D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3093CF2A-6BBA-4790-8DE0-4F552E7D1B64}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{30C652AA-5E02-4EB5-90DB-4A042E725B07}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3120FEAC-78CF-4973-B89D-E846456F649D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3161C450-75AD-4D10-9585-4E834F29B19A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{32A3D1EE-A4F9-4E67-BF69-42DE070A7F59}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{32EFDDDD-DFDA-4269-BAC2-FED2C2E38746}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{32F81023-53E4-485C-974D-4409AD889DA5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{33508D2F-D8FB-47B1-8744-072BC3FAFFE3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{33E29B40-F29B-47D1-BB2A-6D83B3A4C0EC}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{34720426-BD2A-41CD-9C93-3DECA9D9C8DE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{36452671-B403-4F06-ADEF-0139D95BD779}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{36BFA24D-CEAD-44C1-BDFA-192B4E24F1EE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{36F77AB0-D72E-478B-A7E6-64BE5EF0C38E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3703DCBC-3B5F-4117-98C6-4CF8D2BD7780}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{37743005-E0F5-463B-9CE3-48196ACBB6A8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3814D185-E113-47E1-978E-9666705E3EB0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{384ACE18-2314-43AA-BF6C-BB914ACEE354}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{38A64697-ABB7-49C0-8124-9B2B6B7A47AD}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{38B3E990-F4E7-493A-BEC9-BBCABD6862E0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{39553A89-14CF-4176-899C-08AA1A60D699}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{39806B12-FFCC-4586-83F4-E80B2A9F7322}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{39ED901C-F4F7-4B1F-B250-75FCE458C34B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3A85FC3B-1786-4BED-9086-A9BF392C3917}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3AF98678-DDF7-4A62-BAC0-4088F6D72644}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3B0FE778-BCE9-4607-9BB2-6BE6E62CF4A5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3BB8F54F-2ADE-4667-8BB3-D640FC17FFB4}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3D9135BB-26AF-4479-827A-A4B38E96AC97}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3DA693BF-690E-417F-9835-076B6102BA89}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3EB40B14-C7BA-446D-86C2-77AD9653F994}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3EB8D21D-F7FD-46D4-891E-AB6BF697D23F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3EDAE367-343B-485A-B232-DF88492E7B4B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{3FB4B16E-55B0-4145-9330-EFBB89C45539}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4008E0BE-76CA-4612-8060-B605B7B37819}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{40B151E2-A613-403C-86D3-2B4AD9CEE9D5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{40C6EC27-330C-4F56-8C56-C554E1A0CFCB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4123022B-CBD8-4F7E-BBBE-635C89E503D8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{42644BF7-5DC3-4815-B473-FCFA2CDC6783}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{42825DF4-562D-4D85-B991-D4EA86E21F1D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{43B3CB9A-48ED-47F8-A3E5-B3FC5920745D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{43DD46D2-DC0A-4606-8D2A-A31F1E9ED563}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{45A09776-175B-43CC-9ABB-A76E618B336F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{45C1D93B-E8A7-4AB1-B917-396CAF2CFE3E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{485B3E92-CD5B-4745-BEE4-A20323537D44}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4921C85D-3EB8-46C4-A104-9527488E7548}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{49A1DCE6-82DF-4DB3-8E1C-DDF0AE9195DE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4A19E808-9E8F-47C9-8DF0-A4D4D1BBFF60}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4A66A078-9962-47B1-9F03-599BFC1E6FC3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4AA32ECD-67DD-4DB0-B580-10DF5473BDFB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4AD7CB80-E1D3-488A-AAFE-D642090D308F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4B509EDB-1DEA-4447-BF21-F983F108EFA9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4B59FB8C-119C-4DD1-A0FC-8466F9FA60BB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4D0FBC2F-C9A3-47D3-9851-98AA835E1944}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4D1467F3-84CE-41AF-8D3D-275355271D88}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4E6F592E-9AA9-48C7-AD0E-2BA27E866FC2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4ECDDC48-A301-4CC9-86DF-58937F14256D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4F41BBDC-39D9-498F-95D5-D6A10CF9F644}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4F59250E-7229-4948-A4D0-137D22D8395E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{4F7FBBA1-5ECE-493F-8475-363B8E6C92C9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5005EBC7-2D1B-4366-9E43-D71C1003BEE6}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{506A9126-97E8-4706-A870-D921D61B6EA4}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{52149834-A47A-48D0-99F0-AB10F430C446}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{52AAEA3D-D4CA-42DD-90B4-683963ADBEE5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{52DFCB29-5597-4792-914E-AE23F37878B2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{555B7505-2B5E-457B-B487-5B59F325852A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5625692E-F312-4A63-A8A4-92E5694EF934}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5641BBC2-9D9F-495D-9C5E-FC1ED0E2A98A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{56843FFA-AC61-4D39-B18A-70939B04AA44}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{56B2232A-92B5-4E16-B972-2D971D3CABD5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5754696E-8084-486C-ABB4-1255F572A54F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{58177C64-90A4-4654-83D1-89F93E8E48EF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{583A7A58-B8B9-4E39-A7B6-6A4620114A4D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5A1D7341-69CB-41A8-BB9C-0FAAC2E15827}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5ACBBCCB-8BFF-47FB-A200-012BFD4CF37C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5BADC15B-8EA4-4BFA-AFFA-EE59E1EBF3C9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5C3635DB-F8B7-4EBA-93ED-2A0C90EF631D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5C9CBF30-311E-48DD-84DF-6389EDAD6B70}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5D43A493-3388-4C6E-8CA1-9129C668A6E0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5D8BE7AE-C533-443B-95AC-F3EDB2C9027E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5DCEE952-6253-4299-8314-2D9D6AA138A9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5E114981-2317-4F47-AD77-9C2639C74593}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5EAD9CAA-C7D4-482A-9C58-2775779144AF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5F81913C-5F9F-4C13-AB62-13587DF47FE9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{5FD3E421-13EA-4FF2-BEF3-636163FF8AE2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{605E9588-DBE1-44B6-9BEB-8F1C9DFF45A2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6172C9DC-E44B-4BA5-A80F-2DDDDD33BA44}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{61D779A1-B618-451B-AABC-167612DE9AF0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{62F9F74C-D3C5-4E10-AABB-F81A44BEC19D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{640267D7-FBB4-4482-A37A-B3D1E1E2EA46}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{64607471-636D-455B-9B7D-8A9D21F2073F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{653DAEB0-341E-41D8-A164-FFC13B2FECFF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{65E69D82-7579-41B7-AC93-3457328B20DC}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6629BC66-B62B-472D-8202-EB46C58AF605}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6C2387EA-1383-4004-BA78-190FE1A9BD9B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6CCD65F5-3611-472C-A816-054D89B282DA}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6CDB57CC-DD87-4C76-ABA6-DFFABF51D4AB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6D15EE49-A8D8-4F6F-AC83-1F137FEEDFFB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6DCE7085-A63C-41C5-A5F0-3C5D0BC7A273}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{6F18A74C-FEDB-43A0-B092-08BC975E3BE8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{701566E5-C3BB-4A1C-AB9B-510F12D15E05}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{708D904E-84FB-43D2-B8F6-C7B431887CEE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{70BD294A-75F2-49F5-B81C-C4E4F8E2C88E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{70E53A09-BF8C-409B-B0B6-D311E6295709}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{70F5FE25-0B5B-4D14-9FC2-7244CEAF53A0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{715AB8D3-26C1-4DDC-82F1-2B1390DC94E8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7167F22B-10F8-491C-AC57-C8AEEC2496FE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{71D48178-739A-4F01-91B1-D514589D1796}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{725CAB65-D624-4060-9A15-D5E6A7D6CEB7}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{729C0306-637A-4FB2-A78D-627E84EF864E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{72E0A310-8538-4A07-919C-2B7FCFC524C3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{73288916-7D60-4482-914A-4C92F1153FBF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{74E013D5-60E5-416F-B042-0081FE2DC26B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{750CFC5A-09ED-4B45-92CC-D9C928EAF56B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{754A1108-6FD2-46C2-965E-5653F40A2AB0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{756E30A9-1ACB-4D0C-A3F4-F9C0C02EECDD}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{75864425-37CE-4BF3-9002-F4F026CA6104}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7651F47F-202B-4CA0-AF85-B03A91B5372F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7749C3EF-E0B9-4082-997A-0E0168745B26}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{795AB137-FCD8-4251-BA53-E5C7F37A09E3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{79D33781-AB40-4457-A7C4-D2E00EDF07EA}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7A34F197-339E-417C-A27E-3FE5B0B250A2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7B30FF0A-1D19-41C1-AD2F-BEE7220F4176}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7B87B01F-0204-46B7-A32C-E170F72284D9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7C9C3F24-9D5C-4B70-B628-0C0D6679190C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7F016534-BE6D-43BB-A4AC-FE083AF04A9A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{7F1507A0-64EB-42E2-9E88-2DF2F5E8C8DE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{80082049-1624-4927-AE27-4D2AFC70E150}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{81A9AC94-5E1D-431F-A6B3-86BC0D3D5474}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8200D93D-BBF7-48CC-A2BA-5DB9AF5A9308}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{82257E7F-6643-4943-ABB0-B7C373E921DB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{82EF1D43-C76A-45DC-A5CD-7FF6626E2441}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{843BD4C2-9CD8-4D8D-8BA3-2B77B91A1328}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{84637F37-7869-49A3-A75C-2900D7094435}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{847BE3AD-D8D3-4869-8F68-20BE8F869382}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{84EDC998-77B5-44B2-9B56-61BB1A143850}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8565A3C0-9FEA-456F-AEBA-7B3A3BE746AE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8607F21E-ADEB-4E8D-B337-D1CF5CCE4610}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{86A987BF-5014-47FA-9E07-D7C54A2C9F93}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8836EEE2-EE55-49A5-9574-16F3312C3BCE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{89A2E6CE-8788-42B4-B63E-644C01D39EFD}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8AA43347-7ABE-45F5-BD91-301D1BED9468}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8AEE2BCC-7AA1-4A0C-9779-51C02CAA7344}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8B889D81-B2E5-4309-A344-A14CE76C567C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8C28A8E8-E4A2-4310-92ED-6B09363D60E7}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8F053C7C-91D7-46D7-9C25-D6852C6E7DC1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8F33DE43-0CA8-4080-928D-A3B2DA2E0BB3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8F8A81B8-0E92-4314-9C2C-F84C0CA8429E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{8FD3809E-B21A-4D31-90AF-D05170F6BDDC}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9005ADB6-0744-46B3-8152-D15F2A968F68}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9015092A-A0C8-481D-B2CD-A591CAA55A6B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{90299939-10FD-4E57-BA72-DAE833440039}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{929BDD08-7937-4107-9A37-7623BEDC9795}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{92E21098-997C-490F-9DD6-80915F69C36F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9423EBF7-9110-446A-B846-2F58F5A4E1C3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9461D652-3D81-42FD-BB6C-12D074B9A514}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{94649430-1913-4D12-B4C7-63C4F5877E60}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{947542DE-2CAA-4528-A6D1-CDAD2CD28043}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{94A68458-5037-42CF-8ACD-C71E28521946}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{96D6D175-F043-4363-8043-88F45EFE1BFA}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{971DFE2F-9CF3-46CF-B393-5D9CD42EFC79}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9727083E-208F-47E9-B005-80C34107C180}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{97B38D1C-C21E-469D-AA93-5D1ADA6118D0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9917FE8C-0F16-47BA-AA85-CE4F2CB14F1C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9947944D-E859-43F6-B8D9-4CD67677D0CF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{99D493E3-88DE-49C9-BD81-D7EAB8778676}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9A0CA4BE-2598-40FF-B3E0-E5284E0BE935}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9AB4BDCD-3CF5-4167-9E15-0D4489499CF1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9B7E417D-24FE-49EF-98DF-BE1076FC22FF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9CB6CD38-E26D-4FC2-8A72-503085CCD5C2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9E44E9DA-682D-495A-AF16-996C1B13AC4C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9E6A607F-097B-4828-BECC-3F85042C1047}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{9F6F9A97-BED7-41A9-8F48-089DADC4396A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A03955FB-7FE7-41E4-8A90-374AEEFF49AD}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A039A883-12C9-4B4E-8999-CA4BD33B2DD8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A082E3C1-8053-442A-BB8A-3DD882293A90}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A1401354-1E1A-4C26-B91D-03862E24A37A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A1DE759E-B7A7-48E9-85C6-73455A57F2F8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A3A3A693-921F-43DF-B03D-967350FF8744}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A44780BF-AC66-463F-9B1D-A8FBCBD352F7}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A47BAE73-8C8A-451E-B830-47F0DFB3FDA7}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A530DE39-CB6B-4808-9419-1F0722BD3894}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A6BF87CA-1328-4159-B6D5-D16C12565F24}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A76E20AB-814C-4B97-A103-C026865BC996}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A8189891-1838-44E2-B338-9FA90C09FF72}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{A8E4B006-5A70-4890-B94C-6416B7932FC0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{AA809A17-C72C-43C8-B0B8-A940FD00A36E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{AB6DCBC9-6EAB-4059-BE9E-58FD2BA1F807}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{ACA6FC25-D900-4BCC-B8B4-8FEF167EE578}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{ACF878D5-F32A-4B73-A34F-282A7AD5F6D1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{ADA12729-8A1A-43E4-B1C5-0EDC470896AB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{AF4438BD-5728-43B6-84E7-5E0C77C5F1B4}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{AFEF4321-240E-4AC9-8E24-D6FD5D1EB07C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B1F3FF6B-7BC2-476E-AD2C-2AB1F2A77758}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B32590C9-3AAF-4A07-9587-D79AC84B606B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B41EAEA6-FB87-4BDC-95CF-B8394DF3E653}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B43EE009-9A0C-440F-AD45-ED4081817A1C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B4B87F7F-0E5F-4E7F-95BA-1430980A3F9E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B4FE054C-335C-4636-BF8D-F1F2A998F2A2}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B6978213-0C49-46D4-B577-A9C315DE6B31}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B6C4F6F2-BBED-498B-850B-B5CAB1C41CAC}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B7B8C4D0-8ED4-4389-92A7-A23BA4BE99B1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B7C8F02E-85ED-4F75-82F7-A180B5B32D59}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B8E57FA5-8BE8-4BEE-90B6-FED053FB7195}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B92FFD52-6FD5-4488-A37A-33D3BBF59ECD}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{B9C3BF5D-BAB4-49EC-AFAA-704EA573FC6F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BA6C68C8-26C7-484B-9D0A-32C68E24930E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BB257673-B676-4D60-9DE8-834B7B58282A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BB4CADF9-771F-4E6C-A097-05BF20C56B85}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BBA251FA-E5C3-4942-BB95-D698A0163CF0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BC6E4A8F-56A8-4595-9CF3-ECD6E2BB638F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BDDA1E0A-A376-44E4-9E7E-987C66D78256}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BDF87694-564D-4128-8A67-1627B735F85E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BE32DD22-6520-477D-9B94-C31678478D92}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BF0DB5FB-5B85-4243-833D-B3602F468DA5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BF4EA64D-0FB3-4097-9C48-F09388D56B92}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{BFCEFB5A-A224-4B54-B8B6-080878183B9D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C1225E79-C1D3-4E0B-AE89-82602D19A13A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C2297D6D-1FB4-4C8F-A090-256151F2467A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C3569D98-733A-4967-AEAE-F72971E71C1A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C3CAEFAA-3DF9-4E88-BDA5-BBE79D69C60B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C48E85BC-000C-4DB5-B347-CCBEE6887E4D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C4B6F57C-470D-4231-8C0B-D80C266BA458}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C59025FF-883A-4750-860E-A8BD64798A4B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C60A780F-4F6C-4E7D-AC7F-F8692A9E4017}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C6900E24-7AE1-4FCD-8600-BECF618B4162}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C700E757-D998-4283-8ABE-D40C17138D36}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C73EB3F5-7EEF-4D85-9C23-C0F9F1AF7E4C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C809217A-665A-431C-8586-2C12EDE9C1C1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C829A5BD-06D2-4B8E-B92F-530A75CBD8BC}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C8CD2D45-67C3-44BC-ACB1-41E36A00FF08}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C8F99BBA-9C69-4C40-99C7-7B50BAC2A1CF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{C9AE3952-51CA-44CB-9893-0E8BA8BFE6EB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{CA09A87D-4607-4E3B-B851-5188AD039268}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{CBE42D3C-332C-4713-AC06-3A30319EC520}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{CD15CF80-835A-4574-9371-330743896384}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{CD533EDF-610F-4976-B25D-746E8A678DFE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{CE74016B-15E6-4716-B9F8-EC4C51127E87}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{CF3EFAAA-01B7-46F4-B9E1-8B95D5C1AA4E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{CF8EFEFC-9038-418D-B4D2-AF89663370B3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{D1F8D2AA-CC05-44AF-B6FB-33DB5A6EF4D1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{D26F0B94-04D6-4497-8C1A-5EBE918F84E1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{D2E0CD19-1E00-45B7-8963-7434550DCA16}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{D4DE7B8C-5BEE-4527-A448-CFE85422ED53}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{D576F517-A8FE-4A74-B17F-3E0780ED2D2B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{D5CB6291-C2E9-41D1-A883-CCCFFC92CA4A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{D60045B1-1FDA-40E4-B3B1-8F0FEEB9291D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DACBDF86-F6D9-4789-9D01-D10130C34E12}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DC6AE560-AA6F-4D56-B0F3-68420FFE76AE}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DCFA692F-957B-4035-B3F3-75012C76F093}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DD5AAAB8-FAD3-4C5E-934B-956AEF84797D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DDFAEC75-187C-4218-937C-5D036F13A7DD}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DE37C3D6-1DC7-4E45-86D9-95BA1271CDC6}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DE7BEA9D-093A-4F7D-97F3-3B4C9631736B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DEC31616-907E-483A-8136-A0EAA1363624}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DF00453D-6357-4724-A9D6-67689A43829D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{DFDC0E0C-5526-454D-8DFC-0A50ADB0B8EB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E03A197F-AEDC-4317-928E-3F23A2DE4252}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E0EA0459-0086-44F6-B6FC-E8B0971CE18C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E1EBF981-EBD9-4B3B-9A91-070380E77A31}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E1F94C39-7FC1-481F-8D34-2A4BD14CC067}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E224B736-9C82-4208-B8F4-D43F1C37764A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E263E8AD-CBAC-49EF-BC17-019F978B35BC}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E2B7223F-4C4A-48E9-80DA-471FD7CCB98D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E30362E3-59A8-474D-98F6-9C3DEE79C835}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E32F939F-8B37-4FC9-9241-59AD66A27918}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E385A3D5-4876-45B6-B407-557482B84607}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E39AD4F7-D06B-401B-88E0-E217A3472035}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E3C84217-1E7D-4C90-848C-5F6D77F80F72}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E4639CFD-324B-4213-B712-97811B52B670}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E4B95D8D-A7B6-4F61-AA3B-9320ED234E02}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E692E225-399A-4D7E-BC58-C440AD5C909F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E6B4DA00-2F2B-4FC3-8354-0ED4144A156E}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E6FFC0CD-548C-4313-8BF9-118159454145}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E76D4E2F-FDE7-4409-904D-1E41778145DB}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E7CD9A08-873C-454C-9348-4FF04D45839C}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E866ABA7-CF88-4E40-A366-1C00FE4C3C99}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{E9FF4D34-BBB2-40D5-A403-A14935D5FC03}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EA6D5206-4952-4B7D-A209-737295C10BBF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EA935626-04A0-4C58-91AD-B5B4EE0F5052}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EAA776F3-447B-4973-B9C8-33EB067FCCD4}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EB4DADFB-E1D8-49C7-B8F7-18E017EE1BF3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EC2D3188-4129-42AE-B2E1-388C95CBB8E5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EC91A475-90E1-496B-98CE-5316ADD214EC}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EC93F4A0-66CD-4595-97B6-5283A22B6AB5}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EDD2EF77-D113-4557-8F22-1A8F6DB2FC31}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EF1E254C-A022-4C31-817F-D65843FA9F40}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EF6FA3D9-D0E0-44D3-9647-4969CCC97482}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{EFF4AA5B-D7DE-4702-B7BF-E2F353A23BBF}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F13F87A9-E64C-4370-8B14-721C2F5933E0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F1BE519D-620F-4031-83F8-4DFE6E43DDA0}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F1C74E70-B4F3-4B4F-BC52-B6CB9D7C069F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F24931E4-59E9-4BD3-879E-25D532C9E735}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F432B5B8-65FD-466A-A8B1-D9418B4E22C6}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F44FBDFC-22ED-419D-9B32-C394B7F512C8}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F45EB576-1233-4B54-8D07-04D947DB7207}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F48587A4-1565-4B0D-907D-65F658B0F1D1}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F4E00988-FE6C-4E33-AEC2-72F660C5B17F}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F53B0F56-0B91-470A-ACB0-A2D40EFC4C1D}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F54580F9-2AA0-4F4A-8E54-E2EC3160DF77}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F6E6D09D-2CA4-43A3-B3C8-0A4C024481A7}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F772170D-81F5-49F8-8252-724CAE333279}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F82A1209-B920-4B04-B99A-143BAB8EB7D9}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{F858C8D7-0DE1-40D8-B720-FBF1333DD542}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FBE42E0A-6F9E-439A-8847-D47EC56033A3}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FCA58CAB-2F9E-481F-B1D1-A529783E9E21}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FCB70444-F0F9-4FD0-AB5B-B6E42C9B7C6A}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FD1B4096-598C-401E-8CED-B13466A42944}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FEA5E211-9A66-4195-8643-D467BF5E1197}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FEBBDA06-F4C0-4ED1-9C42-A09B5BA1CAF7}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FF3A6045-3EB4-4E32-967F-CFF174EFFB76}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FF3E3C8A-DFE0-427E-812D-0D94A9CBD64B}
Successfully deleted: [Empty Folder] C:\Users\Danny Hahn\appdata\local\{FFB2F8C2-BE1F-43E9-B47E-1432120D0AC0}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.12.2013 at 22:34:15,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

dannyhh · 01.12.2013, 22:45

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.014 - Bericht erstellt am 01/12/2013 um 22:24:37
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Danny Hahn - DANNYHAHN-HP
# Gestartet von : C:\Users\Danny Hahn\Desktop\adwcleaner.exe
# Option : L�schen

***** [ Dienste ] *****

[#] Dienst Gel�scht : dealplylive
[#] Dienst Gel�scht : dealplylivem

***** [ Dateien / Ordner ] *****

Ordner Gel�scht : C:\ProgramData\Babylon
Ordner Gel�scht : C:\ProgramData\BitGuard
Ordner Gel�scht : C:\ProgramData\BonanzaDealsLive
Ordner Gel�scht : C:\ProgramData\DealPlyLive
Ordner Gel�scht : C:\ProgramData\DSearchLink
Ordner Gel�scht : C:\ProgramData\IBUpdaterService
Ordner Gel�scht : C:\ProgramData\ParetoLogic
Ordner Gel�scht : C:\ProgramData\Premium
Ordner Gel�scht : C:\ProgramData\Tarma Installer
Ordner Gel�scht : C:\Program Files (x86)\BonanzaDeals
Ordner Gel�scht : C:\Program Files (x86)\BonanzaDealsLive
Ordner Gel�scht : C:\Program Files (x86)\IminentToolbar
Ordner Gel�scht : C:\Program Files (x86)\MyPC Backup
Ordner Gel�scht : C:\Program Files (x86)\Uncompressor
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\BonanzaDealsLive
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\cool_mirage
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\DealPlyLive
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\Searchprotect
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\torch
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\Wajam
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\LocalLow\Conduit
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\LocalLow\Softonic
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\LocalLow\Toolbar4
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\LocalLow\weDownload Manager Pro
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Babylon
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\BrowserCompanion
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\DealPly
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\DriverCure
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\file scout
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Iminent
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\ParetoLogic
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\PerformerSoft
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\SpeedAnalysis2
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Systweak
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\zulagames
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\zulagames@ZulaGames.com
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Ordner Gel�scht : C:\Users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\Extensions\ftd@ftd.com.xpi
Datei Gel�scht : C:\Windows\System32\roboot64.exe
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\speedanalysis.ico
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\Babylon.xml
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\BrowserProtect.xml
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\delta.xml
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\iminent.xml
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\searchplugins\mixidj.xml
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\user.js
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gel�scht : C:\Users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal

***** [ Verkn�pfungen ] *****

Verkn�pfung Desinfiziert : C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verkn�pfung Desinfiziert : C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verkn�pfung Desinfiziert : C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verkn�pfung Desinfiziert : C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verkn�pfung Desinfiziert : C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (64-bit).lnk
Verkn�pfung Desinfiziert : C:\Users\Danny Hahn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gel�scht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Wert Gel�scht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Wert Gel�scht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Schl�ssel Gel�scht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schl�ssel Gel�scht : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Schl�ssel Gel�scht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schl�ssel Gel�scht : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Schl�ssel Gel�scht : HKCU\Software\SIEN SA
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\FTDownloader
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Prod.cap
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{2_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{2_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Schl�ssel Gel�scht : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Schl�ssel Gel�scht : HKCU\Software\5c55dedfe73abf15
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hackthegame_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hackthegame_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keepass-password-safe_RASAPI32
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keepass-password-safe_RASMANCS
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schl�ssel Gel�scht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schl�ssel Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gel�scht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gel�scht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schl�ssel Gel�scht : HKCU\Software\1ClickDownload
Schl�ssel Gel�scht : HKCU\Software\APN DTX
Schl�ssel Gel�scht : HKCU\Software\Blabbers
Schl�ssel Gel�scht : HKCU\Software\BonanzaDealsLive
Schl�ssel Gel�scht : HKCU\Software\Conduit
Schl�ssel Gel�scht : HKCU\Software\DealPly
Schl�ssel Gel�scht : HKCU\Software\DealPlyLive
Schl�ssel Gel�scht : HKCU\Software\distromatic
Schl�ssel Gel�scht : HKCU\Software\filescout
Schl�ssel Gel�scht : HKCU\Software\Grand Virtual
Schl�ssel Gel�scht : HKCU\Software\IM
Schl�ssel Gel�scht : HKCU\Software\ImInstaller
Schl�ssel Gel�scht : HKCU\Software\InstallCore
Schl�ssel Gel�scht : HKCU\Software\ParetoLogic
Schl�ssel Gel�scht : HKCU\Software\torch
Schl�ssel Gel�scht : HKCU\Software\Wajam
Schl�ssel Gel�scht : HKCU\Software\WEDLMNGR
Schl�ssel Gel�scht : HKCU\Software\AppDataLow\Software\PriceGong
Schl�ssel Gel�scht : HKLM\Software\aartemisSoftware
Schl�ssel Gel�scht : HKLM\Software\AVG Security Toolbar
Schl�ssel Gel�scht : HKLM\Software\Babylon
Schl�ssel Gel�scht : HKLM\Software\DealPly
Schl�ssel Gel�scht : HKLM\Software\DealPlyLive
Schl�ssel Gel�scht : HKLM\Software\Iminent
Schl�ssel Gel�scht : HKLM\Software\ParetoLogic
Schl�ssel Gel�scht : HKLM\Software\SearchProtect
Schl�ssel Gel�scht : HKLM\Software\systweak
Schl�ssel Gel�scht : HKLM\Software\torch
Schl�ssel Gel�scht : [x64] HKLM\SOFTWARE\DomaIQ

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Danny Hahn\AppData\Roaming\Mozilla\Firefox\Profiles\om658jjh.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Danny Hahn\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [42614 octets] - [01/12/2013 22:23:48]
AdwCleaner[S0].txt - [39832 octets] - [01/12/2013 22:24:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39893 octets] ##########

--- --- ---

M-K-D-B · 02.12.2013, 14:25

Servus,

so geht es weiter:

Schritt 1
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
Starte Zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
FFdefaults;
CHRdefaults;
iedefaults;
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Bitte poste mit deiner nächsten Antwort

die Logdatei von MBAM,
die Logdatei von Zoek.

29.11.2013, 14:23	#4
M-K-D-B /// TB-Ausbilder	AARTEMIS virus Servus, poste mir alles, was in den beiden Textdokumenten (FRST.txt und Addition.txt) steht. Und bitte bemühe dich, einigermaßen gut verständlich zu schreiben.

30.11.2013, 12:45	#8
M-K-D-B /// TB-Ausbilder	AARTEMIS virus Servus, dann lade dir von einem anderen Rechner (der funktioniert) FRST auf einen USB-Stick, starte den infizierten Rechner, stecke den USB-Stick an, kopiere FRST vom USB-Stick auf den Desktop und führe das Tool so aus.

AARTEMIS virus

Log-Analyse und Auswertung: AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

AARTEMIS virus

Ähnliche Themen: AARTEMIS virus

28.11.2013, 16:42	#1
dannyhh	AARTEMIS virus hallo wann ich meinen Internet Explorer öffne wird er mit AARTEMIS geöffnet und das kann man nicht mehr entfernen doer mit goggle starten.

28.11.2013, 18:41	#3
dannyhh	AARTEMIS virus hallo wann ich denn scann ´Durchführe gehen 2 Fenster auf mit ziemlich vielen Worder leider kenne ich mich nicht so gur aus was muss ich dir das Posten alles ??? oder das wo mit dem hir anfängt Scan result bitte um hilfe es geht dann ein Fenster auf mit viele Geschriebenen Sachen danke oder alles was dort im FRST text drin steht ??? __________________

29.11.2013, 15:07	#5
dannyhh	AARTEMIS virus Hallo nun habe ich ein weiteres Problem ich habe keine Netzwerkverbindung seit gesren abend . Aber e mails und so weiter geht es kamm auf einmal internet explorer wurde verschoben oder geändert . Hängt das mit dem virus zusammen . Schreibe dir gerade vom tablet. Bitte um hilfe