PC Performer entfernen!

elliio1 · 17.01.2014, 17:10

Guten Tag,

da mein Laptop sehr langsam geworden ist hat mein Bruder nach einem Programm gesucht, dass etwas dagegen tun kann. Da hat er das Programm PC Performer installiert, nun kann ich es leider nicht mehr löschen, könnt ihr mir bitte helfen? Danke im Voraus!

FRST Logfiles:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-01-2014 02
Ran by Artur (administrator) on ARTUR-PC on 17-01-2014 16:58:06
Running from C:\Users\Artur\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-05] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-07-31] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2013-12-20] (APN)
MountPoints2: {afd19363-7acd-11df-ac35-001e6422cd62} - E:\autorun.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
AppInit_DLLs:   [ ] ()
Startup: C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFD03B172C4CDCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r
URLSearchHook: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=0974917D-9EF6-408C-A2C3-6F843A9BD6A0&ind=2013082610&n=77fd33f2&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.opti-page.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F23800262D60FFC0&affID=126473&tsp=5039
SearchScopes: HKCU - 823C7E8B31744814AA572A31E9552DC7 URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE372DE372
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.opti-page.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F23800262D60FFC0&affID=126473&tsp=5039
SearchScopes: HKCU - {0EEC9166-4771-41B0-A797-0075A417E820} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=564e6dd9-0fc9-4ed8-93f8-b457134e43c1&apn_sauid=DF29DF69-B163-437B-B411-BA74669F9D33
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=0974917D-9EF6-408C-A2C3-6F843A9BD6A0&ind=2013082610&n=77fd33f2&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll (Feven)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho.dll (Feven)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default
FF user.js: detected! => C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\user.js
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @ei.VideoScavenger_1e.com/Plugin - C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\NP1eEISB.dll (VideoScavenger)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\optitoolbar.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Feven 1.5 - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2014-01-14]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\Extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi [2013-12-20]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-01-14]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@optitoolbar.com [2014-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR HomePage: hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
CHR RestoreOnStartup: "hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=564e6dd9-0fc9-4ed8-93f8-b457134e43c1&apn_ptnrs=%5EABT&apn_sauid=DF29DF69-B163-437B-B411-BA74669F9D33&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll No File
CHR Plugin: (Skype Click to Call) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll No File
CHR Plugin: (registryAccess) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background/registryAccess.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (VideoScavenger Installer Plugin Stub) - C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\NP1eEISB.dll (VideoScavenger)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Avira Toolbar) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.24169_0 [2012-10-18]
CHR Extension: (Feven 1.5) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg\1.25.35_0 [2013-10-10]
CHR Extension: (Skype Click to Call) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0 [2012-10-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] ()
R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-06-17] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2010-06-18] (Mobile Connector)
S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-28] (Duplex Secure Ltd.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-08-04] (CyberLink Corp.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 16:58 - 2014-01-17 16:58 - 00021797 _____ C:\Users\Artur\Desktop\FRST.txt
2014-01-17 16:57 - 2014-01-17 16:57 - 00000000 ____D C:\FRST
2014-01-16 01:28 - 2014-01-16 01:28 - 00000000 ____D C:\Users\Artur\AppData\Local\AskPartnerNetwork
2014-01-14 15:23 - 2014-01-17 16:46 - 00000524 _____ C:\Users\Artur\Desktop\defogger_disable.log
2014-01-14 15:23 - 2014-01-14 15:23 - 00000020 _____ C:\Users\Artur\defogger_reenable
2014-01-14 15:22 - 2014-01-14 15:22 - 02075648 _____ (Farbar) C:\Users\Artur\Desktop\FRST64.exe
2014-01-14 15:21 - 2014-01-14 15:21 - 00377856 _____ C:\Users\Artur\Desktop\gmer_2.1.19163.exe
2014-01-14 15:21 - 2014-01-14 15:21 - 00050477 _____ C:\Users\Artur\Desktop\Defogger.exe
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Avira
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2014-01-14 15:05 - 2014-01-14 15:05 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 15:05 - 2014-01-14 15:05 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 15:05 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-14 15:05 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-14 15:05 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-14 15:05 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-14 15:03 - 2014-01-14 15:04 - 129598176 _____ C:\Users\Artur\Desktop\avira_free_antivirus_de.exe
2014-01-14 15:02 - 2014-01-14 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-17 16:58 - 2014-01-17 16:58 - 00021797 _____ C:\Users\Artur\Desktop\FRST.txt
2014-01-17 16:57 - 2014-01-17 16:57 - 00000000 ____D C:\FRST
2014-01-17 16:54 - 2013-10-10 21:49 - 00001814 _____ C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job
2014-01-17 16:51 - 2013-10-11 18:10 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8F7FB2F0-977F-4BA4-A2B8-CDAB1E01CC7B}
2014-01-17 16:50 - 2009-07-14 05:45 - 00022672 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 16:50 - 2009-07-14 05:45 - 00022672 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 16:49 - 2013-10-10 21:49 - 00001890 _____ C:\Windows\Tasks\Feven 1.5-chromeinstaller.job
2014-01-17 16:49 - 2013-10-10 21:49 - 00001284 _____ C:\Windows\Tasks\Feven 1.5-updater.job
2014-01-17 16:49 - 2013-10-10 21:49 - 00001186 _____ C:\Windows\Tasks\Feven 1.5-codedownloader.job
2014-01-17 16:49 - 2013-10-10 21:49 - 00001086 _____ C:\Windows\Tasks\Feven 1.5-enabler.job
2014-01-17 16:47 - 2009-11-05 16:06 - 01651821 _____ C:\Windows\WindowsUpdate.log
2014-01-17 16:46 - 2014-01-14 15:23 - 00000524 _____ C:\Users\Artur\Desktop\defogger_disable.log
2014-01-17 16:44 - 2013-08-26 15:22 - 00003118 _____ C:\Windows\System32\Tasks\PC Performer
2014-01-17 16:42 - 2013-07-05 18:37 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-17 16:41 - 2013-11-12 16:04 - 00001848 _____ C:\Windows\setupact.log
2014-01-17 16:41 - 2010-08-15 23:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-17 16:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 01:21 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\tracing
2014-01-17 01:06 - 2013-02-10 12:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-17 00:42 - 2013-02-10 12:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-16 01:28 - 2014-01-16 01:28 - 00000000 ____D C:\Users\Artur\AppData\Local\AskPartnerNetwork
2014-01-16 01:24 - 2013-11-12 16:04 - 00103934 _____ C:\Windows\PFRO.log
2014-01-14 15:23 - 2014-01-14 15:23 - 00000020 _____ C:\Users\Artur\defogger_reenable
2014-01-14 15:23 - 2010-03-27 14:48 - 00000000 ____D C:\Users\Artur
2014-01-14 15:22 - 2014-01-14 15:22 - 02075648 _____ (Farbar) C:\Users\Artur\Desktop\FRST64.exe
2014-01-14 15:21 - 2014-01-14 15:21 - 00377856 _____ C:\Users\Artur\Desktop\gmer_2.1.19163.exe
2014-01-14 15:21 - 2014-01-14 15:21 - 00050477 _____ C:\Users\Artur\Desktop\Defogger.exe
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Avira
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2014-01-14 15:06 - 2013-02-10 12:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-14 15:06 - 2012-07-14 18:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-14 15:06 - 2012-07-14 18:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-14 15:05 - 2014-01-14 15:05 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 15:05 - 2014-01-14 15:05 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 15:05 - 2013-08-09 17:25 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 15:04 - 2014-01-14 15:03 - 129598176 _____ C:\Users\Artur\Desktop\avira_free_antivirus_de.exe
2014-01-14 15:02 - 2014-01-14 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-14 15:02 - 2013-08-26 15:23 - 00000276 _____ C:\Windows\Tasks\PC Performer_DEFAULT.job
2014-01-14 14:56 - 2013-10-20 21:15 - 00000000 ____D C:\Program Files (x86)\Belarc
2014-01-14 14:51 - 2013-11-12 15:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-14 14:47 - 2009-08-22 09:43 - 00000000 ____D C:\Program Files (x86)\Acer GameZone

Some content of TEMP:
====================
C:\Users\Artur\AppData\Local\Temp\avgnt.exe
C:\Users\Artur\AppData\Local\Temp\Offercast_AVIRAV7_.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-05 16:30

==================== End Of Log ============================

Addition Logfile

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-01-2014 02
Ran by Artur at 2014-01-17 16:59:35
Running from C:\Users\Artur\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.22 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.74.216 (x32 Version: 1.1.74.216 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (x32 Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.5.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3014 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.2 MUI (x32 Version: 9.2.0 - Adobe Systems Incorporated)
Alice Greenfingers (x32 Version:  - Oberon Media)
ALPS Touch Pad Driver (Version: 7.105.2015.1103 - Alps Electric)
Amazonia (x32 Version:  - Oberon Media)
ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2951 - APN, LLC)
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
Chicken Invaders 2 (x32 Version:  - Oberon Media)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Toolbar (x32 Version: 1.1.2.0185 - DT Soft Ltd)
Dairy Dash (x32 Version:  - Oberon Media)
DVDVideoSoftTB Toolbar (x32 Version:  - )
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Everest Poker (Remove Only) (x32 Version:  - )
Farm Frenzy 2 (x32 Version:  - Oberon Media)
Feven 1.5 (x32 Version: 1.28.153.5 - Feven) <==== ATTENTION
FIFA 10 (x32 Version: 1.0.0.0 - Electronic Arts)
Free Audio CD Burner version 1.4 (x32 Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128 - DVDVideoSoft Ltd.)
Granny In Paradise (x32 Version:  - Oberon Media)
Heroes of Hellas (x32 Version:  - Oberon Media)
Identity Card (x32 Version: 1.00.3001 - Acer Incorporated)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 16 (x32 Version: 6.0.160 - Sun Microsystems, Inc.)
Java(TM) 6 Update 20 (x32 Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 3.0.04 - Acer Inc.)
LSI HDA Modem (Version: 2.1.94 - LSI Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
OpenOffice.org 3.1 (x32 Version: 3.1.9420 - OpenOffice.org)
PartyPoker (x32 Version:  - PartyGaming)
PC Performer (x32 Version: 11.10 - PerformerSoft LLC) <==== ATTENTION
PokerStars (x32 Version:  - PokerStars)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 6.2.10687 - Skype Technologies S.A.)
Skype™ 6.9 (x32 Version: 6.9.106 - Skype Technologies S.A.)
Uninstall 1.0.0.1 (x32 Version:  - )
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (x32 Version:  - Microsoft)
VideoPlayer v2.0.6 (x32 Version: v2.0.6 - TUGUU SL)
VLC media player 1.0.0-rc1 (x32 Version: 1.0.0-rc1 - VideoLAN Team)
Welcome Center (x32 Version: 1.00.3005 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-Bit) (x32 Version: 5.00.0 - win.rar GmbH)
XSManager (x32 Version: 3.0 - XSManager)
Zoosk Messenger (x32 Version: 4.157.2 - Zoosk, Inc.)
Zoosk Messenger (x32 Version: 4.157.2 - Zoosk, Inc.) Hidden

==================== Restore Points  =========================

14-10-2013 16:38:52 Windows 7 Service Pack 1
14-10-2013 17:21:56 Windows-Sicherung
14-10-2013 17:33:24 Installed SpyHunter
18-10-2013 21:07:32 Uniblue SpeedUpMyPC installation
20-10-2013 18:13:45 Windows-Sicherung
20-10-2013 19:30:11 Removed SpyHunter
17-11-2013 18:00:16 Windows-Sicherung
14-01-2014 10:41:07 Windows-Sicherung
14-01-2014 13:57:16 eBay Worldwide wird entfernt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B02366D-7912-4F82-9190-36DA9856722B} - System32\Tasks\Feven 1.5-enabler => C:\Program Files (x86)\Feven 1.5\Feven 1.5-enabler.exe [2013-10-10] (Feven) <==== ATTENTION
Task: {0F6451BB-C4AC-47DD-AC86-EA0797E62D90} - System32\Tasks\{A8F938EE-BE11-47EE-B4BD-5936895BD75D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsProgressBar
Task: {1A67FCE2-8AB7-49CD-B52C-2F53E59B9ED3} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION
Task: {2EC928C5-FA14-4917-96CE-79B18EC5F980} - System32\Tasks\PC Performer_UPDATES => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION
Task: {31ACF54F-5C62-476F-BEBB-7709ED7254AB} - System32\Tasks\Feven 1.5-chromeinstaller => C:\Program Files (x86)\Feven 1.5\Feven 1.5-chromeinstaller.exe [2013-10-10] (Feven) <==== ATTENTION
Task: {3BF8D7C6-8A73-4155-A68B-9A41406823C4} - System32\Tasks\{41A26154-8371-4B30-AA5D-1E480D131825} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=12007&amp;installinfo=google-toolbar:notoffered;disabled,google-chrome:notoffered;disabled
Task: {579FAA0B-6F55-4C01-85DA-99D7073404D3} - System32\Tasks\Feven 1.5-firefoxinstaller => C:\Program Files (x86)\Feven 1.5\Feven 1.5-firefoxinstaller.exe [2013-10-10] (Feven) <==== ATTENTION
Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {6A6FCBE1-BB2A-4E42-9430-22EE71EFFB13} - System32\Tasks\Egis technology-Online-Aktualisierungsprogramm => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
Task: {8B272B69-47D0-4326-8C06-15D6FE9E88A8} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {8C91A8AC-FAE7-4AD8-8A7D-068131A9F587} - System32\Tasks\DealPly => C:\Users\Artur\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {B189A1B2-391B-4268-B4E8-556677D2FEBA} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {B786AAC0-09F4-4634-911A-26EA02FAA3CB} - System32\Tasks\{D489B908-421E-402C-A4FA-3A7162BEA636} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.1.0.104&amp;LastError=404
Task: {C9F4C42F-29ED-4C52-AC05-1AD0662CE3EF} - System32\Tasks\Feven 1.5-updater => C:\Program Files (x86)\Feven 1.5\Feven 1.5-updater.exe [2013-10-10] (Feven) <==== ATTENTION
Task: {D55A0450-9A20-47E9-8251-7C521CE0BA06} - System32\Tasks\Feven 1.5-codedownloader => C:\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe [2013-10-10] (Feven) <==== ATTENTION
Task: {DDF6DCC0-691B-4052-8BD5-269B9A047B3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-14] (Adobe Systems Incorporated)
Task: {E0DC8D2E-6663-4BCD-94D1-85F04CFEFCF2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {FD9B3687-B21B-4213-A8B5-24657658F8A9} - System32\Tasks\PC Performer => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Feven 1.5-chromeinstaller.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 1.5-codedownloader.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 1.5-enabler.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 1.5-updater.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-01-14 15:05 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-08-18 15:54 - 2009-08-18 15:54 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-01-14 15:02 - 2014-01-14 15:02 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-14 15:06 - 2014-01-14 15:06 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2014 01:28:48 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/14/2014 03:02:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/14/2014 02:44:14 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/14/2014 02:44:14 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/14/2014 11:34:05 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/14/2014 11:34:05 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/14/2014 11:31:56 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/14/2014 11:30:43 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (11/20/2013 02:56:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (11/20/2013 02:56:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.


System errors:
=============
Error: (01/14/2014 02:52:12 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004

Error: (11/20/2013 03:34:36 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (11/20/2013 03:25:01 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (11/20/2013 03:09:20 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (11/20/2013 03:05:05 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (11/19/2013 04:27:18 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{9839465E-A9AB-4BA1-8916-54820078213A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (11/19/2013 04:27:16 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (11/19/2013 04:27:15 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (11/19/2013 02:24:50 PM) (Source: DCOM) (User: Artur-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Artur-PCArturS-1-5-21-3246686102-3015398580-2044362402-1000LocalHost (unter Verwendung von LRPC)

Error: (11/19/2013 01:41:36 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 4090.93 MB
Available physical RAM: 2413.77 MB
Total Pagefile: 8180 MB
Available Pagefile: 6202.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:76.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: CCA6CCA6)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

M-K-D-B · 17.01.2014, 17:15

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 4 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
Starte Zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
FFdefaults;
CHRdefaults;
iedefaults;
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von JRT,
die Logdatei von MBAM,
die Logdatei von Zoek.

elliio1 · 17.01.2014, 18:39

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 17/01/2014 um 17:23:41
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Artur - ARTUR-PC
# Gestartet von : C:\Users\Artur\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB
Ordner Gelöscht : C:\Program Files (x86)\optimizer pro
Ordner Gelöscht : C:\Program Files (x86)\PC Performer
Ordner Gelöscht : C:\Program Files (x86)\VideoScavenger_1eEI
Ordner Gelöscht : C:\Program Files (x86)\Feven 1.5
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Artur\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Artur\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Artur\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Artur\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Artur\AppData\LocalLow\iac
Ordner Gelöscht : C:\Users\Artur\AppData\LocalLow\Opti Toolbar
Ordner Gelöscht : C:\Users\Artur\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Artur\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Artur\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Artur\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Artur\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Artur\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Artur\AppData\Roaming\SpeedAnalysis2
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@optitoolbar.com
Ordner Gelöscht : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com
Ordner Gelöscht : C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj
Ordner Gelöscht : C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Artur\AppData\Roaming\speedanalysis.ico
Datei Gelöscht : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\invalidprefs.js
Datei Gelöscht : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\ask-search.xml
Datei Gelöscht : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\searchplugins\optitoolbar.xml
Datei Gelöscht : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\user.js
Datei Gelöscht : C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer
Datei Gelöscht : C:\Windows\Tasks\PC Performer_DEFAULT.job
Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer_DEFAULT
Datei Gelöscht : C:\Windows\Tasks\PC Performer_UPDATES.job
Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer_UPDATES
Datei Gelöscht : C:\Windows\Tasks\Feven 1.5-chromeinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\Feven 1.5-chromeinstaller
Datei Gelöscht : C:\Windows\Tasks\Feven 1.5-codedownloader.job
Datei Gelöscht : C:\Windows\System32\Tasks\Feven 1.5-codedownloader
Datei Gelöscht : C:\Windows\Tasks\Feven 1.5-enabler.job
Datei Gelöscht : C:\Windows\System32\Tasks\Feven 1.5-enabler
Datei Gelöscht : C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\Feven 1.5-firefoxinstaller
Datei Gelöscht : C:\Windows\Tasks\Feven 1.5-updater.job
Datei Gelöscht : C:\Windows\System32\Tasks\Feven 1.5-updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox.1
Schlüssel Gelöscht : HKCU\Software\d4ddd1b03cbd14
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader64308[1]_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader64308[1]_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skype[1]_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_skype[1]_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31C5EB7A-96D8-4939-9F0F-7BB1845C444A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311851132}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322852232}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355855532}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366856632}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344854432}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311851132}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD1A63BA-A08C-431B-9A34-F240AADC728D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F498380A-7935-4DC7-88B1-C158321DF79E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE560166-CBE3-4A0D-80B5-A3B216F93EEA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311851132}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD1A63BA-A08C-431B-9A34-F240AADC728D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F498380A-7935-4DC7-88B1-C158321DF79E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE560166-CBE3-4A0D-80B5-A3B216F93EEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{31C5EB7A-96D8-4939-9F0F-7BB1845C444A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04cdd24c-c639-41d3-8934-22de3f943c90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1769ff35-7b0d-4c08-9823-1a407e838a97}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5a0dadb3-ea02-4086-9980-5e31b637c5b7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8880fad3-b0a5-4c17-b866-34431f1f8a9a}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bca8eac9-8776-4bed-ae22-11016d581b67}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311851132}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322852232}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{53F6A516-3DCC-48F4-835C-6C670CB39CEA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355855532}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366856632}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311851132}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04cdd24c-c639-41d3-8934-22de3f943c90}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1769ff35-7b0d-4c08-9823-1a407e838a97}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5a0dadb3-ea02-4086-9980-5e31b637c5b7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8880fad3-b0a5-4c17-b866-34431f1f8a9a}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bca8eac9-8776-4bed-ae22-11016d581b67}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\Grand Virtual
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PerformerSoft
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Feven 1.5
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\PerformerSoft
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\VideoScavenger_1eEI
Schlüssel Gelöscht : HKLM\Software\Feven 1.5
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Feven 1.5
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.16912


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationThankYouPage", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationTime", 1382297562);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.active", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbar", "NA");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb.was_copied", "true");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.backgroundver", 1);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.changeprevious", false);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.value", "1382297562");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.value", "%221382297681%22");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.value", "%22345637%22");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.value", "%22393672%22");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.jw_token.value", "%22583079c1-9a4e-e0c7-8e4d-1673809d4cb8%22");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.description", "Feven Shopping Companion");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.domain", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.enablesearch", false);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.homepage", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.iframe", false);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%229CB832B852924329B203C7F407655[...]
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000272%22%2C%22sub_id%22%3A%220%2[...]
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%229CB832B852924329B203[...]
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.value", "82");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.value", "1");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.expiration", "Fri Jan 17 2014 22:44:45 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.value", "%22DE%22");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%229CB832B8[...]
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_request.expiration", "Sat Jan 18 2014 05:19:47 GMT+[...]
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_request.value", "%22hxxps%3A//interyield.jmp9.com/i[...]
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastDailyReport", "1389973480033");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastUpdate", "1389973479633");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.manifesturl", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.name", "Feven 1.5");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.newtab", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.opensearch", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/38532/plugins/093/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsversion", 78);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.publisher", "Feven");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.setnewtab", false);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.thankyou", "");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.ver", 82);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.apps", "38532");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.bic", "141d75aea50e8bf28310b114981983b0");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.cid", 38532);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.firstrun", false);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.installationdate", 1382297562);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.modetype", "production");
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.reportInstall", true);
Zeile gelöscht : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.statsDailyCounter", 14);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "141d75aea50e8bf28310b114981983b0");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "f23840ae00000000000000262d60ffc0");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15988");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.622:49:25");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=120524&tsp=5031");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v

[ Datei : C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup
Gelöscht : search_url
Gelöscht : suggest_url

*************************

AdwCleaner[R0].txt - [38952 octets] - [17/01/2014 17:21:47]
AdwCleaner[S0].txt - [35132 octets] - [17/01/2014 17:23:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35193 octets] ##########

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Artur on 17.01.2014 at 17:35:13,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SuperLyrics-16-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SuperLyrics-16-codedownloader_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SuperLyrics-16-firefoxinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SuperLyrics-16-firefoxinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SuperLyrics-16-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SuperLyrics-16-codedownloader_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SuperLyrics-16-firefoxinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SuperLyrics-16-firefoxinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0EEC9166-4771-41B0-A797-0075A417E820}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Artur\appdata\local\apn"
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0076EA18-3641-4AF0-819D-CD325999100D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{01274943-798D-4CB2-9290-98DD61589058}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{02AEF895-A3B5-4CD1-9A74-79AB7883ACBD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{02FE5238-0E2B-41AD-ADAE-3E9E3CB25566}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{03A75351-BF8C-4794-87A2-1870731DCA8A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{04E9717D-BEF1-4BF5-9346-3EB66E820C53}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{05796733-59BB-4251-86C6-7D3EE20E0EC3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{06991B01-6FCC-4C93-8D67-81505BD6FF97}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{07DE5A90-B2B5-4912-9AED-BF5E61F97DA6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{081962D5-DF63-43E3-B9FD-F11E7AA9B31E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{08199DB5-85A3-43A0-9AAC-08B851DC6A49}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0825B867-4696-4D2A-B748-5AEC1C098D2C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0848A0E9-006C-448D-9022-A8E7D70F774F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{087E32F8-7158-4929-A68B-E5BF0CDBE49C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{08D94CB9-70BB-46A2-8563-C3DB2FBCD67A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{09062890-5801-4FFE-BCC8-268A12C55228}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{09CEBFB4-47CE-4D74-B83E-0B56255529B2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{09FF60DB-133C-4373-B424-F5B886B6D64E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0A8E0BD7-C1C0-4D00-8005-F8C655D8BDE5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0AC9D497-EE29-462A-BC7C-E2755F32FBA8}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0BD1D360-1B79-405A-B4FE-20D5BB372F1D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0CDF8AF3-BF79-424D-A64C-EE901C2C004D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0CF007D2-C5B6-48C4-BBFF-042E07D3D259}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0D174CEA-00AC-4DA9-9A02-65C1E8936D90}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0D1D4B70-1DFA-4BFC-AB54-0C0CC382E6B2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0DA4FD60-6825-4348-83E0-89FFCA2A7ECB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0E46CD33-F1AC-4079-A63F-ED4DBE950536}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0E719816-CBD0-42EC-9205-722DD055278E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0F341FB9-6D4D-4E79-B605-7CB2567F88AA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{0F8CC1C7-D0CE-4335-8C47-C69A2720C437}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{105B2392-405C-421A-B007-1FCEB791E98F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1109C8DE-7583-4E2F-9067-A81CA0982BD0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1155BB01-0242-494B-8B13-876E36F5CDA0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{119916FF-CB02-4A4B-8372-C766EBEA2E7F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{11E84E7C-032B-4705-9F1A-25E0CACB3F99}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{11EF8C89-9737-403A-885F-2D0276D86E5C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{12295275-C896-4B81-BFC0-B4BE976607C5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{12EE4662-FCA7-4321-A41E-D4532DB6AC67}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{14369278-34FF-44B9-AC5B-F482295A626F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{14C0A563-ED48-4186-9A04-23A79C2ACBDA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{16207EF6-EE5D-4FA4-8C3A-EA09416E584F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{16E9E573-DE10-449D-979C-D5CACAD8F34B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1711551A-2438-486D-8DFC-0A3DB502F796}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{17FC5D18-5949-4DB4-8FFE-6B3D72979C07}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{18C5B818-9E92-4B19-A520-8464BD2E50B6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{190BF28D-D965-494E-90D9-49828195C59C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{193C8B79-AFB8-4423-B300-D2EDD7A751DD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{19B9DCD8-EEAA-4F6A-AEF9-56A41FACDAED}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1ACA52CA-2CDB-4C4E-BB8E-9C03C4E6EB3B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1B460512-BA26-4CD8-A1A2-EB12B7A510D5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1B8CE216-63CE-400D-9BF1-9721FD1C9E5C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1BD89352-92D7-4543-9A41-73125A770325}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1BEA347B-74C1-4013-A94E-64F0CFBB5C4E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1D18E9B3-F2DE-43F2-9D50-B6CCFCD590DA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1D6776B9-AC82-49E5-94B1-AB5C463C144A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1DA10FC4-C65E-401C-B593-0D6B5761B35F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1E956526-AAA1-4B9F-811C-3199EA4C9211}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1EDA72A2-63D0-4366-B7CA-98D6AEC1CE2D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1F07B2F0-04C7-4DD4-8B7E-AE6B6A7A9323}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1F289E95-789A-4E1C-B8C5-8B7B27B2266E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1F42BF1D-D75E-4D0A-BE1C-1AB0087A54C3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{1FABF25E-8AE8-4C72-8514-9662CF96D8FC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{207BB5B8-371D-4A13-A5B6-4C35BBAE0329}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2085303C-BDD4-4958-8895-EFF5236CE5D7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{21E63A2D-56FA-4D6A-8616-B1BC6B94D2F3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{21FCDFCA-3516-4A5E-A4A0-6245A45141E9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{228CCFAD-3344-4EC3-82B5-B90FDCF47C3E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{23025272-BA1E-4540-BB1A-A92CEA429D58}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{235B280C-898D-4421-904C-780C8A9B9EFC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{23EED5C4-6338-489A-8932-BACDD73C4797}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2403E4D2-0DA4-4329-A163-A3CF49DFE1EC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{243EE906-C511-468C-8016-54A5E979382A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{247D52F6-5393-4404-9AC0-5A4AE6BADADA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{252DCE14-59C4-4489-94A6-5D4FD87AEC85}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{25AAC544-6C7A-47F8-8ED0-B6087A8388F9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2660293E-91E4-4026-8EBF-29A0B2634D7F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{26D0CE09-7044-43DE-BA53-8D5F1231CBAC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{273D69C1-BA9E-43CE-BCD5-C72E9167E5CA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2753E805-FD95-44A1-A112-31D120CE393B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2852097A-51DE-4824-A2E6-DA8945066345}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{287DF109-75FD-426A-94B8-7358ECD14FDE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{28C1A391-4177-4D38-BB17-0F8A260EB2D1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{29157BF0-3C21-4C6C-AB78-28EA9B8C70F6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{29413F90-F9C2-421F-B0DD-C7C3044DFDFA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2A8D3513-D544-41F0-AF9F-F72E3CB21CD9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2B34A20F-77B4-474C-8CFA-F41842271613}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2B359399-5618-4ECD-BF22-7DA75EA00FA3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2B73E717-4F53-4D95-B1EF-D5D6FA8DBB5A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2C05012D-0AA9-4B49-9F11-AD776850BD34}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2D0EF581-43D0-4000-883C-4A31536880C8}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2EDB3125-04B0-405F-81B0-248462E457A4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2EFAD351-B1F5-475C-8408-A08F88F0510D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2F0BA831-759A-4D14-B4CB-9B95FA0D81A2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2F4D491C-59AA-44BA-AB9B-132FC1DFE826}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2FC61FDA-42DC-4AA8-AE90-974D522776D4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{2FDE0681-0186-41C4-A16B-A08E0A07E617}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{301E8E7F-8592-4901-90E0-3316D93F47B5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{30FDD126-EEE4-44E1-BC86-0B428175BA21}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{31DD3ABD-E69C-4AA7-AD6E-5BE3A1C6A5EA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{322AB362-7642-47A2-BEE9-8F6931ED2A93}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{32FC5D1A-0AE9-4AF3-8F58-B7FC60E2A55E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{341B91B7-46D3-4D4B-BF48-F4B64935280C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{34986F15-1D27-42BC-9E1B-EE9831E62BCC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{351F4944-A6A5-4928-B3E5-2DB254A60994}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{35DF4B00-3DB6-48EB-B155-B770BC8BE3E0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{35E4E7D8-CC3A-4EA6-A3D1-0BF7CB4F3C29}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{363C1A25-58E1-4D8B-802D-9C6F9E10B235}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{37BA1515-D557-4EA6-A0CF-1858273D708A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{37BA9A74-9C03-4C4F-B5F9-EBB985B1F549}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{389E19CB-2E4F-4B31-AF6C-8AA698141AB5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{38AB8D70-6458-4884-9910-E9CA67F01072}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{38E38D65-245A-4B00-BFAD-E00426C8E608}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3932A14D-4D14-4014-9AD9-9C377FFDE850}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{39ED91EE-1C71-4928-B6BE-7EEF6EAD6CAB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3AF93C41-BBD1-42AB-A904-CD71F348182D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3B1B0F85-B60A-4B17-AD1E-FB083DE3FB3F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3B1C9C0E-78D6-42BF-BD5E-BF215E1989DE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3BAA7330-3BEA-411A-83B4-63ED6100597E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3BAA7F6E-2D4A-41AD-8E34-B61BB4BCBB3C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3C60AB39-2730-4968-9BBF-9F54DD2DE89B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3D644BB5-F685-435E-A522-093D3B789FD9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3DF80FA6-F4BF-4E9F-B0A4-0248F72042D2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3E2C38A3-A0FF-4538-832B-9C65E28F0FA0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3F04CFCE-CD13-4EC9-AEAD-2CEE8B61DF99}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3F382CD1-E125-4446-BE74-57ED79B80DD2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3FACFA84-95D1-471C-8885-29C6C550FD8C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{3FF89B54-4DEC-42A3-B301-74600C29EE99}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{401CEBCC-CDA7-4C06-8223-00EF133911DA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4103DC82-8398-4A14-B16D-E4954A49F9FE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4250F8CD-95D4-4A84-A3C7-62389D857DC6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{436AB147-110C-4F32-B853-E75991258A46}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{437744A2-E397-467F-9447-E4F421D8903A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4473B90A-3B08-4131-8782-80AC4A92B7FD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{44FB0ABA-9B11-4FF7-B4C8-1F200A6AFFD9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4503DEFD-4B12-4AA9-AFC9-19A4AE35699F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{45682F3E-5BA9-43F6-98AE-50A44E43AE09}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4579D0B5-0CED-49A8-ACAB-5C8470BFC36E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4603B767-833A-480C-93AC-B281D0550A58}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4608560B-F57A-48C7-9E02-19DA11281283}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{46DB3E23-B9EF-4312-BBB1-B21D45FB46C2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4703F54F-3B4E-4A8E-9724-98264C8A6009}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4778A3A8-FA97-4363-98F3-FEEC4F9E03B0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{48558C94-6E8C-482B-9559-D9A6409F743D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{486DF9EA-9F2F-4B56-A11E-196004D6F17B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{495990BA-EC70-4FE8-8156-1DE67E3E3CFF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{498BDBB6-A86B-4EF2-8C9C-494729CE38A6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{499F966F-A7F2-4648-90A7-E51614C09DEF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4A229C36-ABE4-46C4-8ADF-9C46A5D800B3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4A2D7023-E663-4951-B36D-CECDD7F7135F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4A5B8A76-7330-4551-9CBB-7A6F772F9938}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4B750B47-3ED8-45F4-9547-BF5A5F8D491A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4BFBF173-C71C-4518-A7FA-5253A4D1F3FF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4C560DC6-6DA1-4FFB-A8DB-26E77053407F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4C60EFD2-C69B-4A43-ACF1-5CA28E955A5E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4CBABE0A-C7BA-4C5A-BB87-8936613C5D1D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4CEA1BE6-855A-4984-903F-4935BE7788CD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4D1798BE-A94E-4367-99A1-91BB7A035E8D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4D3D7597-DF8E-414D-A036-0405EB56300C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4D7B55F3-F682-46A5-8DE7-1BB68EBD771F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4DB98E74-3004-45E9-BDC4-6DEA8D0085CB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4E1CA870-C6D9-4CEF-A755-D2CB220DA549}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4E27D147-9C04-4EA0-8DAD-8F7EC9C1B4B0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4E52F116-6BA1-4479-8079-A330EFA1C8FB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4E7A7CE2-B06F-4BE2-8A9F-7E6CEC9DFDE4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4EAC5B9F-2AEB-438B-91AF-7B9347A6B903}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4ED9DA22-EBD7-4ADC-8C7C-50163B0ABC0B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4F051FA5-2E92-437D-8F3D-3D9D315741AF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4F2C920F-C1C1-418A-B3B6-7C4AA5E0E7F5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4FB786B6-4D16-4ED6-A91C-E38341DF67A9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{4FD2DAEA-5780-4CB0-8E06-04CD6E482B19}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5031D330-74FC-4A31-B952-DB0DFC6796F7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{50CA1FF6-914A-4A20-9674-0575157FDEB4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{518AD289-F7E0-48AD-B600-AC48082F996E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5498ADC4-4866-4EFE-909C-B2CAC0D2ED89}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{54B55959-1836-4CE7-AB2F-478C612F4BAE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{54C1558F-3F93-4DAD-9ABA-75D09E5CBE16}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5525B3CC-4C68-4C18-A6B5-88685F516191}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{55671414-2743-4056-B037-A2F6CC8D9644}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{55E7AD18-4C3E-4693-92C9-68C498375A5F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{562282CB-C49D-4DD8-A9B0-E151E43547AD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{56608797-C037-4C08-8B10-84B113F4EDE6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{58417C0C-1BD1-486F-828B-595BF920CDE7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{58CBA025-B322-4310-B3F8-F8A78C955880}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{59853B1C-F323-4F91-8C11-48B9AFA95F62}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5A559DFB-C60C-4130-A5E4-BBB3C56D5CD3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5AD29DEF-7EB4-4D21-98BD-95110B016950}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5B083465-0318-4055-87FA-26F6D8C7C1A6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5B16108F-BD31-4C8B-B273-742D82F6665D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5B20B29F-E5EA-479A-8135-3976CF1DE2C4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5B906B17-21EA-401F-93A9-1606F702B688}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5BFA2B02-B3AC-4D73-81EF-0E07F92E4433}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5C1637F7-2E23-4792-A8A3-AAAEFA5562DE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5C4BFB4D-74FA-4B21-BCA8-EAE844158045}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5D2124FB-E4E3-4CD2-AF63-725BC2F2A70F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5D90346B-6D2C-43D5-904A-6A39DB24750A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5DBD4AE1-D29C-4548-82E7-60FC4F556582}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5E207215-04C0-47FC-AB42-D5DFE90F18D6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5E5A6984-0FAC-4F5D-8BD5-15648C79030C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{5F9489C0-E2C5-4586-8D0A-0D934DF0FBAF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6055538B-6FB3-4F01-A31C-EACC51069000}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{60BDE709-B27C-4475-886C-6F1A9B4209F4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6216F9D0-EC74-48D8-A6DD-C3D7F0DCEE4C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6263FFD1-8D86-4CD5-9221-AA48B9AC66FB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{62F79635-7FE7-4057-B542-8D5B961942EA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{635276D1-EBDF-4F5A-BE13-233B5F6AC6C9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{63DEF7C6-B1F9-48B9-A2E4-26D9E53F5647}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6428F01E-29C5-4C0F-B3AA-3BCB27E776C8}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{654353AD-DCAA-42ED-AC5D-28CF43FE522F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{65446E46-D390-4DF3-A456-03132EE36C43}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{65B5B662-C6FC-461F-B14C-0808F70090D4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{664BD9A5-E80E-4DBC-88C7-456227470DBE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6672E5E7-D70F-4652-8A08-D09219AB474E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{67912DB6-E5CE-4CE4-A1D2-09926568826F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{67CAC30F-B3F8-4D80-AA12-F2901E91EEC6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{67FD5C63-05C5-4652-AE99-F062905CE445}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6802B2E6-C941-4FE8-885C-40FF61D30671}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6805F92C-9C06-4BF4-847C-B43DF248F3A4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6864CC64-F6ED-480A-B3C1-8B5F9246F2D9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{68A5501B-4067-4B9D-97D7-2DB66B45176C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{68FD28BF-3C92-48D2-9A16-9EFF1D13B903}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6A452C57-2CA6-42DF-AD39-6C60896BAA0C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6B2CD185-4793-4AA4-BD33-E3D6884A7560}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6B580762-4B1E-469B-ABCA-A6D14CED7D62}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6BFF0340-BF76-42B0-A0BA-226EED1C463E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6C58DD3D-F72F-4B3F-AE8D-471A262455D0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6C690CA7-FD77-4C19-A256-A61EB3455194}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6D1094DC-D38D-4C57-B4F1-9CFB7C1989C0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6D1F70F2-A096-4812-ACCB-65EF963A7C38}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6DBE34D4-809B-4B9E-9895-F39E191AE51A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6DCF7BD2-9D4B-4BD3-8686-82F40F457E82}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6DE2D8E0-0D13-4DAC-B290-BC4E4D23EA6F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6EBB77E8-65DE-4A3F-827A-574CC6FCA84D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6F160021-B3CF-40FC-81EE-9B9E1C849DF6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6F44B9DC-C88D-4744-BECE-B5A3A907B061}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{6FE99F87-3A27-4ECC-97EB-5096E2482E13}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{702BA9D9-787F-4055-BC3D-FEAF57939779}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7179ED29-0F29-4A4D-B374-0F801F91E746}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{71DE1BC3-E19D-4D01-9F45-EAF125EEABAC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{720D1FB2-EB6C-4519-8B83-360E01939816}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{728EBEF7-02C8-4D81-B537-9222D37B8003}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{729DE62C-2D25-472F-96C4-1ECE013461B7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{72B47528-7313-4C6F-BC69-867C437AF614}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{72BE9E01-E9C5-4A3B-88DE-7700307F2FC9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7322EF3C-4CA2-4B77-AB44-C2B2AE4CB6A9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{733F74D9-95BD-4CE1-9BCE-2D407431DE35}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7400C6E1-477F-448E-A688-AC98185F4D15}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7400DA41-E664-402E-8D57-030E81D202F2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{74010B26-4DD4-494D-8417-798101CC934C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{747486D0-8ED0-4A82-96A1-4FC371703F59}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{748FE4DA-7A70-4D3B-95D3-FFBC5971F048}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{74FDA03B-CB83-48C4-AC75-06F43145F7F1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{752CD7D4-474D-421B-BD69-3C8192B203AA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7549DA2A-CBA4-4616-B95C-81955788A0BE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{75B2EF91-AB4A-410C-8984-D86CAF84D921}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{75E855E6-DFD0-408F-B75D-4E69D4A59F19}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{761020A2-41B9-4CA9-A5F6-68C3EF9CA655}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{76D8F322-C3C8-46E4-BDBD-03D39E410112}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{77CADA9A-4273-4416-94EF-09FD39BCF9EA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{77FB619B-2973-4F23-A73A-914D4F361EBD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{78E69D42-D7C2-453B-B8D6-2C5425A26148}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{795EE64D-36D2-4064-8DC3-B6B80E0720F9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{79A3A131-D212-440D-AD9F-A7F4D5D88CC1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{79B690C3-BD59-44BE-BDC2-80281FE84E78}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{79DA2832-994D-4404-87C0-35A158CD3BD3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7A474EA1-CDEE-4DDC-9590-375E5C307252}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7A6B2C9B-8367-4C01-8038-4FC972B62F25}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7AC221E6-CA18-4723-B00B-4746732BE56D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7AE7719F-2007-4790-A4A1-79640DEFC646}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7C2D5446-2F3E-42B8-AF6E-722645BFDC57}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7C535EB2-8E41-4595-B489-3E62522DFD6A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7D75D69E-8616-4CBF-A6E6-04628BBDFB6B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7E11E3C1-C21F-4924-9FC4-7D253BD248F0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7F738E54-829B-4CE6-9522-ACD47CAC7566}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7FE12FEF-5D20-48AC-8008-282EB9BC32E6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{7FF241AD-66F1-405A-8072-B889F2CDA572}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8079DA22-E8C4-4E00-B01D-A3B6BF61C152}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8093C608-67E3-480F-BFBB-7A6FE038E1B1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{80AEE733-D310-402F-AFBA-B325DC9A9C20}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8124FA6B-4683-4354-A314-731A6E3B13EE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8153B861-9FA2-4CC8-9D96-C4B30E81EC62}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8227C393-7124-48D7-AFD8-6BF294573BC2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{824A77EC-2BBE-4E0D-8492-F538642A11EF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{82695CE1-0CE7-4F98-9107-0FB0DA118CC0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{831EEFC2-1814-4443-B122-60EABCAA8BCA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{839B059F-8B53-40EE-A59C-9CD9E5143993}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8535FB25-90BD-4422-9166-2FAEBC9E085C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{854271B4-2FB1-472C-87D2-5DA0C51CC3E6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{859F9077-AC25-45E3-8F9B-43D9FC1FD94F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{85B874CF-A47A-4E87-9BEF-BCB7BDD57520}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8718F41D-5966-48FE-855A-98D133720A47}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{87805F90-66AD-4CEC-9B8D-CF841D3BC5CD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{87DBC343-8247-4E2F-BB25-7B5471685ABB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{881F85D5-78ED-4A6D-B2F7-5FC6A0B3B0DA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{884FD793-5BD8-4693-9BEB-664C1D260221}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{88913726-C234-478F-A77A-043AA50BE5CD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{88E85254-971B-47C2-81C5-9A65BB0CDAF5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{899050E1-EAC3-40BC-AE0F-397383797071}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{89BCEE73-4801-4E50-8987-B738CE9CBF55}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{89DD24EA-0CDC-414A-9A17-3B2396F011D5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{89FECE49-C824-40E5-A599-0BA61BC4013B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8A054454-1868-4E94-B4D4-24348F100574}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8AF7B280-5C2A-4840-9111-6573D283E93D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8B02058F-AA4A-4539-8E7B-40C73F313549}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8BD2E281-5DC1-4B5B-90D4-27D196A69797}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8C368AF4-4C0A-4BBC-8B0F-C9E8D41699CC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8CAC8E01-2088-40BD-A0DB-E7A60E9EBA56}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8CCBEB0B-EDB7-4E0B-8BF3-9F6C808B1E0A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8DCA91CA-B8FC-49F0-B802-0AAE24ECDBC5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8E490E06-4D7D-439B-9B7E-26AD23242923}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8E4E65A3-0C71-4FB8-B06C-E536002D51CA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8E5167BA-FDEA-4AA1-AE31-D7BAF60849E3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8EFB773B-EC65-4BA7-BC8B-5AA5F218DF29}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8EFED404-91D7-44BA-8F36-98F9764B7F28}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8F96C096-76CC-4E4F-B141-08EFA4F6C2C7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{8FB0762F-6674-42FE-844B-4EAA01F9B7A1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{903AE886-5C6C-4864-AB01-051FF26013E1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{90D7B854-8C6D-44F9-8C45-F4F744FFA3B6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{913F5B6C-4E5C-43CD-95C3-C3DAF90B3A58}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{91CD67A0-F7DB-44E5-AC1E-6098C3B60AF9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{922111C9-2173-4CB5-9882-94C95B403F1E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{92413762-0520-45FC-BCAF-11E214AE34A6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9387D03D-5D71-47F4-B153-7BDA2D5EA7D3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{93896B81-1348-4533-9501-E4B23A3B7505}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{951F14F4-194E-47BE-A15C-DA086C33AA70}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{954574C9-579E-4C1A-9520-27B054F1FE25}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9564881F-5C14-48BE-A382-26573697D008}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{959F924D-466A-448F-8B44-0E1C00A61E45}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{95C63AB7-6C76-4AA1-92B2-0E5D45B5EF9C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{96A9067D-E9AB-4FA6-A37A-F5299A1D0A44}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{96D9C7FA-26DE-4190-BAD3-356B739AAF56}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{97B166D2-298B-42BC-A258-3FAB6A54BF96}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9844126C-6F51-4DFA-B63C-4460582EE94F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{98B16DD5-6938-4183-BD5B-15BABA564443}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{99386FDA-6A38-426D-B3C3-8A4C683B74A3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{99DCB284-5CE0-45A7-B19A-13FCB7D0E032}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{99F2C08D-48B8-46ED-A0FD-32A5647D5B61}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9A010444-D647-4BD9-BC9C-32FE0C190B91}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9A10E8E7-B9AE-45E2-8DB1-1C6B9DAC0E0F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9A7AC642-CEDD-4DC8-905E-F70F32DB443E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9AD1AFE5-464C-4CD2-A52B-341B5BF0A5A5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9B7DE21F-5032-4F72-B834-9A4D6B279738}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9BD54139-0D7F-4B77-864D-9EE5AFB0AFB8}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9C1B8F9A-37E8-49B8-B4D9-6D98FA82F58B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9CB30DFD-6AD8-404F-8436-6D39E92A9B03}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9CC97065-A939-4117-B54C-225A5E828FCF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9E2E1A59-27D1-4853-8441-96D60FB6F5E3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9E75E0E8-60F7-4D0C-B9D6-6AD2A49D9831}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9E8A89BD-F78B-4DD2-950E-FAC95D7D39FD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9EA2242D-97C0-4D99-9599-F70461302492}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{9F9F783F-9DFA-4A0D-B6AE-048114C0E70F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A045F220-3C7F-43A9-82EA-E6FF4EDFC794}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A05DE6D0-046C-450B-B5F2-400D6CD233D3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A0C220FB-283D-4C37-BF6D-999F0785F26A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A108AEFC-5D6F-4FEA-88CB-CC4CBFB6D32F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A124364D-A9EB-44CE-BD46-1088B96920CE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A134C9B5-DE64-4CB7-BC55-E971EAD6DA3B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A1C5F9CF-FF21-48CC-B943-4C7DFE72A02D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A1F6C9AA-7F34-4CCB-BA03-9CD26FEF6917}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A1FE4932-AE15-4CEE-B6DF-D6970E5C8478}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A2364134-F8BC-4980-AFBE-385D8615434B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A279A40A-BA89-4162-A796-D7FDB89C5F23}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A2B23118-7771-45F3-9BF8-9E7F8C69B59E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A36B523A-0D93-4C78-BE83-552A8984B1C3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A3F55E5F-DDB2-4C04-8424-330A5060DF61}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A466F53F-0F4A-44C7-BEFD-3A9D701493B2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A4AC9924-05C0-41DC-A9F3-D68250876ABD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A4DA5726-0A7F-4B95-9CD6-BE5C3EBEABD7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A52AF3F9-F829-4819-813A-D53FE0A5877E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A5B6DD55-F218-406A-AECF-D941B404C654}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A73A0F41-2CC7-49CC-85EF-25D0C0DE830B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A843C1CB-0B67-4E70-9CA0-4F150DF8428E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A86BABD5-5643-4F0D-9562-661F18B4C194}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{A8C605FA-42EF-45DE-A1E1-1CFB670D1C67}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AA69A1FD-83F3-4265-9A1A-EBC49CD555A9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AB5E4915-87D6-4C41-9605-E675A8BEA747}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ABAF1497-F1B3-4FCC-BD6F-35BD7C072DBC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AC5F6BCF-A868-44F2-A8E9-C99BB801DB3D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AC988598-9BC7-4CBA-A0AA-51266EF71F64}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ADAEC539-81A5-4B29-87B2-ECDAD6D2AB51}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AE5709DE-470B-4A03-AC14-F8A2A6DB5809}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AE59288E-BBEC-4C97-A4C0-70DCFBC960DD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AEC8676E-F484-4629-BD8C-9AE5AC15178D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AEDFFBBA-C678-4FC6-BF14-99BEB6C64F09}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{AF63FD8B-1F74-4D4E-8785-F6F7266AAA51}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B024F1A9-D6C9-4612-BB70-8865C7149CF3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B07DD6DF-937C-45A9-A2C6-8E229D16826C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B0F0D244-972C-4CEB-9E66-AAA936612007}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B0FD96DE-B2F0-465B-ABDF-3780FEFCF653}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B1B8CAA8-6AF3-4162-90F8-DA6C6598DABB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B215C256-66BF-4EDE-A33C-09A62D9ED14D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B235598D-D7DA-4DC7-AD3C-FFE7E9F09B0C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B289D37C-C47A-4479-AE0C-8AF0D0DBD1C0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B2F4A295-E428-43DA-935A-D0BD213375EC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B384A347-77CE-48E1-94A3-51982EACC5B7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B4328136-E512-421F-84F0-291FDC00DF42}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B5162762-C737-4B96-B69D-89396D859C75}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B516F574-7302-4433-A46D-5DA97FBEB68E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B5BE204E-96E3-45E0-B3E2-8476D5C2EB2C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B67616D1-2F6D-4988-8867-BE2D2FC19732}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B757BAC3-3026-4CEC-A6B9-953B845DE1FA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B7EAE547-28E5-4CF3-B2F5-E4DDB85BDD92}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B873816F-3030-4E9C-B79C-B7996B83D725}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{B994AE9B-EBCA-4AD5-BC37-F1721F453C1F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BA621C78-49C8-4042-A908-DE7B6C8A62B1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BB3CD85F-8D48-4749-8312-115F6D7E8508}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BC23E583-EAF0-4D5F-B599-3F8A4E42501B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BC38394F-06F9-4417-9B7D-6089D686DD38}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BC457DE1-91BC-497E-B2AE-C511E21458D0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BC46C772-3925-43FC-AC85-DF1BE10BE058}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BCDA6640-B33E-45C3-88FE-9E6C2CBF464D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BD03952F-B055-44F3-B4FB-FBC04DC81717}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BD0DB47C-A158-49B4-9446-FEB6ADCCB6A5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BDFD770A-9E98-44AC-ACAE-9A75028D5F18}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BE4FEB96-EBAC-4F69-BD17-12CA2CAAB99E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BE99FFFD-30CC-4A3A-BBEF-186DDBCB1E26}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BEA217EC-B416-4DF6-A8AA-6CD61AB6F61F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BEE6370C-FA60-41EA-8607-507951095481}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{BF59FC1B-C362-4658-B376-07109CEA750F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C03C48F9-E14D-4873-95ED-E03BA6877714}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C130F283-B315-4FAB-8837-E702FDD6EEA5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C2DEC11D-C632-44C7-A1A1-C9AEB08FF50A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C3096949-4E2B-42B4-BEFA-52BFDB2DEEEE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C32AA2EF-C9EB-44F5-8D51-FBB799D07C26}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C35E1E64-12AC-4EE8-9A5E-146C2052DA53}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C3738E04-DEFD-4468-8D4E-C1E3226438D2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C3E49B85-A867-49F6-ABDD-009A4628CAC2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C529297F-A3BF-4BB8-BF3C-2BE623898B4D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C5AB2121-5227-4EA5-B5C7-02671AFA5ADE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C5F06718-7A29-4450-8D8F-C80C460439DE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C63402D9-F3D7-4C2A-98F5-F28E245EFBF6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C6B8CAFA-0FD3-4D54-9FA4-FCBA3C6B7D2A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C737D695-420D-47F1-93FB-7E76EA6F3139}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C79164F8-BE62-42FC-8165-9F5049B9D924}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C950F885-DCA3-4524-9EAC-8FB5FD9BE3B9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C9A8B300-B9A8-46F6-9231-0F622162EB98}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{C9B356D7-C394-40C0-AA25-FA2F16154DC6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CB1D131D-CCCE-4A1F-96AF-9F8C4B850470}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CC59976A-02C9-412D-96CD-7A5DF6A01980}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CCA16BA1-957B-417E-A1F7-7741875EDE2D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CDA10830-7628-47EE-8705-8F5B8AC63DAB}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CDCE3322-54EA-4507-9B47-C94E3ED20CF1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CEB38447-98DD-4AE2-99C9-EF94AA0B2AD6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CF27FD2B-D00A-416C-8BF2-FA653999EBC7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CF99036F-542D-467C-8CED-53E68C70DF8D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{CFE36D52-895B-4C4C-B1A0-4FA56E4DC0DC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D00727A4-AA4B-47A6-8BF3-2B445E640B2A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D052CC23-F877-434C-95AB-4745A8B2ECFF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D1044C77-8A7B-49F9-A9C1-22A1DA921094}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D18FE774-A43A-4AF4-BCAD-55E4FA9C838D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D25B579D-2D80-4DB8-9442-97BFBB11F862}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D2DCF9FE-2D66-411D-9CA9-B47AED0D53F4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D3228CAE-A961-4811-B9D2-73ABAF7D8F78}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D4498DCE-DD91-443A-ABBA-F9A2022D6147}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D49C826F-4622-4203-A0B0-19FACDBC1D55}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D4ED09A8-4502-4A95-A167-717A9BCE5B5B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D4F792E4-9590-40B5-9D14-65B10535E470}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D55BAC1A-137E-4965-865F-F3A6C08CB9CD}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D55CE6BB-E10C-46EA-B0A4-E11AF9D9217B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D6711706-35EE-478F-9FD6-EFFDFD895AB9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D6CD8BE1-DC87-4A99-A23C-32D9BFBBA5EF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D788C460-FA3E-4620-BA6A-54B3FADD198F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D7E37089-878D-4972-855C-E88BDDF6FA79}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D8346AB6-3EA5-4FFC-8BEE-2F2B7F9C43DF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D8D7F6D6-BD0D-4B29-80F9-4E1204D7F00A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D8E2E32B-7469-4CAC-B562-F1EBDED11A1F}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D9225ED8-B7A7-4147-B4F4-0A0F1903D2EF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D92CCCFF-7FB1-4E98-80B5-7E74F6003E4A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D943FED8-F94A-4D74-BC2C-348837A3F013}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D95BC001-A2D9-454A-9D37-0EBC4B4C01AF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{D9D14E32-16A3-45A4-A7D7-FC977D4DF153}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DA0E8771-77DC-4F50-8C42-558FC930B4C3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DA203031-8769-4FF9-914C-D17F62EA4982}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DA590A38-8B9C-4AB6-AB1F-9B9755F56563}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DC43B4EE-A157-4101-B1A8-17B06A9A9630}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DEAFAE88-AE55-4CCC-9C3C-BFC99FD05CF2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DEB81098-9869-43D5-9617-4919D3A7D02A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DF017CD3-D012-4F7D-AE62-ECAB1FEF4927}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{DFF24395-3F53-45DD-95BB-F15B5158832B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E0055406-F255-4C0B-9064-A01219387AC5}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E11D721A-C443-44C2-8D24-0714C636E649}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E1C34C87-32B1-4323-8D6A-F16058A55C3D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E1E6BA96-56D5-4780-95C9-A5DBF5D3F4C9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E2EB0A55-3254-4256-8F61-6AB5AF8B3B67}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E2F66F1F-F874-4E1D-98C4-F8A9D244AEFC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E399A1B9-7CA9-4CC7-881B-E519EA306642}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E47F2FA4-4FA8-4E22-9AD3-0F9534E59D77}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E51C40F9-B20F-4C31-9D4B-D512F3CDB9AF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E5B6D025-FD91-4C13-B1F7-584CACE11E8A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E5F2A6B8-27AC-41FA-90F4-75585A118663}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E626126F-73D2-4B9D-8CF7-F54D5E09A0A0}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E6386DA8-0186-4688-906B-327552CFD102}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E71B09C0-447C-4837-B6B9-105F5E11AF03}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E7D417E5-98B5-4250-94ED-77742B4B310D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E7EFAC69-B54B-4AAD-8764-36CF20F27B2C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E7FB78CF-DF64-481B-AEF2-06CA36D0CFEF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E8DB247E-6FC2-4193-8622-435F82ABF8B6}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E9433D68-2AD2-4C8D-8D9E-C4CB4BFE3B44}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E9465A4C-5289-41B9-BF89-5E668FEE606A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E9907CB0-7E95-455C-AB6F-A3BBC3BEBC01}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E9BF91C8-71FB-4CD9-8453-1CA22983241D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{E9E2CDEE-B10D-47B5-A9DD-A8B21E072B24}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{EA07E22A-6C26-42AB-AB1C-35263AFC7B5C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{EA6ADF08-DF3A-40A9-8355-236514FC7FA4}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{EAF731C7-2064-4E82-98EA-89B605E8EF12}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{EC111458-32D2-4A77-9285-B09F179444B1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ECCFAF31-B6D7-4406-81EB-A79F2BE05652}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ECF90882-0E3D-469E-9501-95CF10F471A9}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ED37EDFB-4888-46E3-8A09-FE986A303BFA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ED3FA578-EF81-42CF-88DD-C937D68CE669}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ED493B74-C879-41ED-8B88-0A95217FA5A7}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{ED7213E3-3471-4B3D-AB31-ABC80823D36B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{EE3D1BF0-5E45-4110-B740-8B8EF2291D0D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{EFC7E957-BDE3-4131-8601-8B3D41A4CE70}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{EFFC8361-2C41-4CF0-B774-DE6B68552933}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F01A3132-897C-4671-B0A5-61A416AC3806}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F051E3D2-E63D-4079-9E95-4E5DFAA39027}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F05BD2D3-8760-48FA-B767-3AE182F3BBFA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F06244A9-3B8C-4712-9F7C-04387E30504C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F0665132-05B5-4B38-A6E4-8149F76E3C75}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F0847F3C-D446-46B4-9E4C-4E1772E35EEF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F0D2B1C0-C9D0-432E-B2B8-BAFE3D4AC14D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F23BC2B8-8AE8-47E1-BDA1-6A3580F2AEFC}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F2F8600D-350D-49D1-B72E-D8EE59CAE164}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F34803A4-6E0B-4119-889A-AEA012815C84}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F34C335E-BB5C-4A28-9D57-D36D7938F962}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F457EA06-575F-4F06-99C0-45827CFC0D5B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F4D5F8F9-605E-4556-8EF3-77321F0FAC2C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F5D16EAC-86BF-41E5-BBA2-240E92902200}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F5D6AFB9-66CB-4E93-8147-85F98C423385}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F5DCCC29-8F5B-4C6C-A86F-3A317EC10324}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F669F232-9D12-4044-B7FD-00C5E691A99D}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F6873840-B964-4951-9DB8-E6F628988FAF}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F7138408-E878-44F3-BC5A-2F19CAF8CFE3}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F71826CF-2A91-4AB8-9A5F-92FE6821E86A}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F844FED5-94BE-42C3-BFA7-1BD106563537}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F8F654BD-5209-498C-A33D-BE7FFCF65553}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F8FBD153-1E0C-4161-BE13-3E1DEDE6127B}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{F91DACAD-FC89-485C-A0A0-807D4AD360C1}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FA2726A2-EDEB-445A-A8CC-89BFE484E383}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FA453491-6274-4781-A0C7-28548FB0190E}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FA716184-80EF-4D72-A3A9-10A17121CE17}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FB0680EB-16A5-4CF1-920B-943E677BDEC2}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FB32D023-C0CC-4C62-A15C-6E51FDAA8DBA}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FBE6E81A-E30E-413B-AC6F-943991492470}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FC678473-972F-42C7-B337-7A817E247A62}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FCADD60C-DEF0-4F0B-A2FF-AE4F6B5B5809}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FD34EECB-50F5-401B-9AFD-0EEB4C1F3811}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FDBD04EA-05FA-4829-B870-C7C4C3CF8C42}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FE885E5E-ABC9-4410-AC86-436BB23E7F9C}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FED301BD-9239-4B68-BF81-CA6B0307C4CE}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FF1B6CAA-C3A6-4ABA-A2FF-86B1561CB716}
Successfully deleted: [Empty Folder] C:\Users\Artur\appdata\local\{FF2B1F5D-8D3B-458C-A268-EF2B3C7F6460}



~~~ FireFox

Emptied folder: C:\Users\Artur\AppData\Roaming\mozilla\firefox\profiles\0jnm6dgn.default\minidumps [260 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.01.2014 at 17:43:56,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Schritt 3
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.17.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Artur :: ARTUR-PC [Administrator]

Schutz: Aktiviert

17.01.2014 17:50:24
mbam-log-2014-01-17 (17-50-24).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 209141
Laufzeit: 5 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\$Recycle.Bin\S-1-5-21-3246686102-3015398580-2044362402-1000\$R82KY2T.exe (PUP.Optional.ChipXonio) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Schritt 4
Bitte lade dir zoek.exe von hier: hxxp://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
Starte Zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
FFdefaults;
CHRdefaults;
iedefaults;
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Code:

ATTFilter

Zoek.exe v5.0.0.0 Updated 17-Januari-2014
Tool run by Artur on 17.01.2014 at 18:11:03,36.
Microsoft Windows 7 Home Premium  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Artur\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

17.01.2014 18:12:15 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully
HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\prefs.js:
user_pref("browser.newtab.url", "about:blank");

Added to C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\prefs.js:

Added to C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default

user.js not found
---- Lines optitoolbar removed from prefs.js ----
user_pref("extensions.optitoolbar.admin", false);
user_pref("extensions.optitoolbar.aflt", "babsst");
user_pref("extensions.optitoolbar.appId", "{E5CD9A7C-0DF4-499B-AEB1-81A970A81D03}");
user_pref("extensions.optitoolbar.autoRvrt", "false");
user_pref("extensions.optitoolbar.dfltLng", "de");
user_pref("extensions.optitoolbar.excTlbr", false);
user_pref("extensions.optitoolbar.ffxUnstlRst", true);
user_pref("extensions.optitoolbar.id", "f23840ae00000000000000262d60ffc0");
user_pref("extensions.optitoolbar.instlDay", "15996");
user_pref("extensions.optitoolbar.instlRef", "sst");
user_pref("extensions.optitoolbar.newTab", false);
user_pref("extensions.optitoolbar.prdct", "optitoolbar");
user_pref("extensions.optitoolbar.prtnrId", "optitoolbar");
user_pref("extensions.optitoolbar.rvrt", "false");
user_pref("extensions.optitoolbar.smplGrp", "none");
user_pref("extensions.optitoolbar.tb_url", "hxxp://www.opti-page.com/?q={searchTerms}&babsrc=TB_ss&mntrId=F23800262D60FFC0&affID=126473&tsp=5039");
user_pref("extensions.optitoolbar.tlbrId", "base");
user_pref("extensions.optitoolbar.tlbrSrchUrl", "hxxp://www.opti-page.com/?q={searchTerms}&babsrc=TB_ss&mntrId=F23800262D60FFC0&affID=126473&tsp=5039"
user_pref("extensions.optitoolbar.vrsn", "1.8.26.9");
user_pref("extensions.optitoolbar.vrsni", "1.8.26.9");
user_pref("extensions.optitoolbar.vrsnTs", "1.8.26.923:07:25");
user_pref("extensions.optitoolbar_i.babExt", "");
user_pref("extensions.optitoolbar_i.babTrack", "affID=126473&tsp=5039");
user_pref("extensions.optitoolbar_i.srcExt", "ss");
---- Lines ask.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- FireFox user.js and prefs.js backups ---- 

prefs__1826_.backup

ProfilePath: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 


==== Deleting Files \ Folders ======================

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~2\VideoPlayer deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\ProgramData\AskPartnerNetwork deleted
C:\Users\Artur\AppData\Local\avgchrome deleted
C:\Users\Artur\AppData\Local\AskPartnerNetwork deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\ProgramData\GGYfuLcyjKAyCL" deleted
"C:\ProgramData\~GGYfuLcyjKAyCL" deleted
"C:\ProgramData\~GGYfuLcyjKAyCLr" deleted
"C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi" deleted
"C:\Users\Artur\AppData\Roaming\Samsung" deleted
"C:\PROGRA~2\AskPartnerNetwork" deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default
F891089A6AB9E12FEDEBCC5EC0F40D66	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll -	Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02.10.2012 12:14]

Skype Click to Call - Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.de/"
"Default_Page_URL"="hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r"
"Start Page"="hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r"
"Start Page"="hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=27360310d236l0368z185t5881v36r"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.google.de/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Bing  Url="hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Artur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Artur\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Artur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Artur\AppData\Local\Mozilla\Firefox\Profiles\0jnm6dgn.default\Cache emptied successfully
C:\Users\Artur\AppData\Local\Mozilla\Firefox\Profiles\88rk1qqq.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=467 folders=119 91797103 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Artur\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Artur\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Artur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\Artur\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NKJ9MQZK\content-ssl.yieldmanager.com"  not found

==== EOF on 17.01.2014 at 18:34:42,14 ======================

M-K-D-B · 18.01.2014, 12:03

Servus,

Wir spüren die letzten Reste auf, damit wir sie später entfernen können:

Schritt 1
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden wieder zwei Logdateien erzeugt. Poste mir diese.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:filefind
*PC Performer*
*DAEMON Tools Toolbar*
*VideoScavenger*
*Feven*
*Opti Toolbar*

:folderfind
*PC Performer*
*DAEMON Tools Toolbar*
*VideoScavenger*
*Feven*
*Opti Toolbar*

:regfind
PC Performer
DAEMON Tools Toolbar
VideoScavenger
Feven
Opti Toolbar

Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Gibt es noch Probleme mit Malware? Wenn ja, welche?
Wie läuft der Rechner derzeit?

Bitte poste mit deiner nächsten Antwort

die beiden Logdateien von FRST,
die Logdatei von SystemLook,
die Beantwortung der gestellten Fragen.

elliio1 · 18.01.2014, 14:44

Schritt 1
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden wieder zwei Logdateien erzeugt. Poste mir diese.

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by Artur (administrator) on ARTUR-PC on 18-01-2014 14:27:02
Running from C:\Users\Artur\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-05] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-07-31] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
MountPoints2: {afd19363-7acd-11df-ac35-001e6422cd62} - E:\autorun.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
AppInit_DLLs:   [ ] ()
Startup: C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFD03B172C4CDCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - 823C7E8B31744814AA572A31E9552DC7 URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE372DE372
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @ei.VideoScavenger_1e.com/Plugin - C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\NP1eEISB.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj [2012-10-18]
CHR Extension: (No Name) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2013-10-10]
CHR Extension: (No Name) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-10-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] ()
R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-06-17] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2010-06-18] (Mobile Connector)
S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-28] (Duplex Secure Ltd.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-08-04] (CyberLink Corp.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-18 14:26 - 2014-01-18 14:26 - 00000000 ____D C:\Users\Artur\Desktop\FRST-OlderVersion
2014-01-17 18:32 - 2014-01-17 18:10 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-17 18:11 - 2014-01-17 18:34 - 00014872 _____ C:\zoek-results.log
2014-01-17 18:10 - 2014-01-17 18:10 - 00003108 _____ C:\Windows\System32\Tasks\{B964A1F2-0A8C-45FE-8330-52FD287C435E}
2014-01-17 18:09 - 2014-01-17 18:09 - 01282048 _____ C:\Users\Artur\Desktop\zoek.exe
2014-01-17 18:08 - 2014-01-17 18:27 - 00000000 ____D C:\zoek_backup
2014-01-17 17:48 - 2014-01-17 17:48 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-17 17:48 - 2014-01-17 17:48 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Malwarebytes
2014-01-17 17:48 - 2014-01-17 17:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-17 17:48 - 2014-01-17 17:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-17 17:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-17 17:47 - 2014-01-17 17:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Artur\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-17 17:43 - 2014-01-17 17:43 - 00061322 _____ C:\Users\Artur\Desktop\JRT.txt
2014-01-17 17:35 - 2014-01-17 17:35 - 00000000 ____D C:\Windows\ERUNT
2014-01-17 17:33 - 2014-01-17 17:33 - 01037068 _____ (Thisisu) C:\Users\Artur\Desktop\JRT.exe
2014-01-17 17:21 - 2014-01-17 17:24 - 00000000 ____D C:\AdwCleaner
2014-01-17 17:20 - 2014-01-17 17:20 - 01236282 _____ C:\Users\Artur\Desktop\adwcleaner.exe
2014-01-17 16:59 - 2014-01-17 17:00 - 00029397 _____ C:\Users\Artur\Desktop\Addition.txt
2014-01-17 16:58 - 2014-01-18 14:28 - 00013469 _____ C:\Users\Artur\Desktop\FRST.txt
2014-01-17 16:57 - 2014-01-18 14:26 - 00000000 ____D C:\FRST
2014-01-14 15:23 - 2014-01-17 16:46 - 00000524 _____ C:\Users\Artur\Desktop\defogger_disable.log
2014-01-14 15:23 - 2014-01-14 15:23 - 00000020 _____ C:\Users\Artur\defogger_reenable
2014-01-14 15:22 - 2014-01-18 14:26 - 02076160 _____ (Farbar) C:\Users\Artur\Desktop\FRST64.exe
2014-01-14 15:21 - 2014-01-14 15:21 - 00377856 _____ C:\Users\Artur\Desktop\gmer_2.1.19163.exe
2014-01-14 15:21 - 2014-01-14 15:21 - 00050477 _____ C:\Users\Artur\Desktop\Defogger.exe
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Avira
2014-01-14 15:05 - 2014-01-14 15:05 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 15:05 - 2014-01-14 15:05 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 15:05 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-14 15:05 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-14 15:05 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-14 15:05 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-14 15:03 - 2014-01-14 15:04 - 129598176 _____ C:\Users\Artur\Desktop\avira_free_antivirus_de.exe
2014-01-14 15:02 - 2014-01-14 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-18 14:28 - 2014-01-17 16:58 - 00013469 _____ C:\Users\Artur\Desktop\FRST.txt
2014-01-18 14:28 - 2009-11-05 16:06 - 01707552 _____ C:\Windows\WindowsUpdate.log
2014-01-18 14:26 - 2014-01-18 14:26 - 00000000 ____D C:\Users\Artur\Desktop\FRST-OlderVersion
2014-01-18 14:26 - 2014-01-17 16:57 - 00000000 ____D C:\FRST
2014-01-18 14:26 - 2014-01-14 15:22 - 02076160 _____ (Farbar) C:\Users\Artur\Desktop\FRST64.exe
2014-01-18 14:26 - 2013-10-11 18:10 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8F7FB2F0-977F-4BA4-A2B8-CDAB1E01CC7B}
2014-01-18 14:24 - 2013-07-05 18:37 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-18 14:22 - 2013-11-12 16:04 - 00002072 _____ C:\Windows\setupact.log
2014-01-18 14:22 - 2010-08-15 23:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-18 14:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 20:06 - 2013-02-10 12:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-17 20:02 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\tracing
2014-01-17 18:41 - 2009-07-14 05:45 - 00022672 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 18:41 - 2009-07-14 05:45 - 00022672 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 18:34 - 2014-01-17 18:11 - 00014872 _____ C:\zoek-results.log
2014-01-17 18:33 - 2013-11-12 16:04 - 00104888 _____ C:\Windows\PFRO.log
2014-01-17 18:27 - 2014-01-17 18:08 - 00000000 ____D C:\zoek_backup
2014-01-17 18:10 - 2014-01-17 18:32 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-17 18:10 - 2014-01-17 18:10 - 00003108 _____ C:\Windows\System32\Tasks\{B964A1F2-0A8C-45FE-8330-52FD287C435E}
2014-01-17 18:09 - 2014-01-17 18:09 - 01282048 _____ C:\Users\Artur\Desktop\zoek.exe
2014-01-17 17:48 - 2014-01-17 17:48 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-17 17:48 - 2014-01-17 17:48 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Malwarebytes
2014-01-17 17:48 - 2014-01-17 17:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-17 17:48 - 2014-01-17 17:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-17 17:47 - 2014-01-17 17:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Artur\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-17 17:43 - 2014-01-17 17:43 - 00061322 _____ C:\Users\Artur\Desktop\JRT.txt
2014-01-17 17:35 - 2014-01-17 17:35 - 00000000 ____D C:\Windows\ERUNT
2014-01-17 17:33 - 2014-01-17 17:33 - 01037068 _____ (Thisisu) C:\Users\Artur\Desktop\JRT.exe
2014-01-17 17:24 - 2014-01-17 17:21 - 00000000 ____D C:\AdwCleaner
2014-01-17 17:20 - 2014-01-17 17:20 - 01236282 _____ C:\Users\Artur\Desktop\adwcleaner.exe
2014-01-17 17:00 - 2014-01-17 16:59 - 00029397 _____ C:\Users\Artur\Desktop\Addition.txt
2014-01-17 16:46 - 2014-01-14 15:23 - 00000524 _____ C:\Users\Artur\Desktop\defogger_disable.log
2014-01-17 00:42 - 2013-02-10 12:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-14 15:23 - 2014-01-14 15:23 - 00000020 _____ C:\Users\Artur\defogger_reenable
2014-01-14 15:23 - 2010-03-27 14:48 - 00000000 ____D C:\Users\Artur
2014-01-14 15:21 - 2014-01-14 15:21 - 00377856 _____ C:\Users\Artur\Desktop\gmer_2.1.19163.exe
2014-01-14 15:21 - 2014-01-14 15:21 - 00050477 _____ C:\Users\Artur\Desktop\Defogger.exe
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Users\Artur\AppData\Roaming\Avira
2014-01-14 15:06 - 2013-02-10 12:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-14 15:06 - 2012-07-14 18:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-14 15:06 - 2012-07-14 18:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-14 15:05 - 2014-01-14 15:05 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 15:05 - 2014-01-14 15:05 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 15:05 - 2013-08-09 17:25 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 15:04 - 2014-01-14 15:03 - 129598176 _____ C:\Users\Artur\Desktop\avira_free_antivirus_de.exe
2014-01-14 15:02 - 2014-01-14 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-14 14:56 - 2013-10-20 21:15 - 00000000 ____D C:\Program Files (x86)\Belarc
2014-01-14 14:51 - 2013-11-12 15:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-14 14:47 - 2009-08-22 09:43 - 00000000 ____D C:\Program Files (x86)\Acer GameZone

Some content of TEMP:
====================
C:\Users\Artur\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-05 16:30

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2014 03
Ran by Artur at 2014-01-18 14:29:19
Running from C:\Users\Artur\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.22 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.74.216 (x32 Version: 1.1.74.216 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (x32 Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.5.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3014 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.2 MUI (x32 Version: 9.2.0 - Adobe Systems Incorporated)
Alice Greenfingers (x32 Version:  - Oberon Media)
ALPS Touch Pad Driver (Version: 7.105.2015.1103 - Alps Electric)
Amazonia (x32 Version:  - Oberon Media)
ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2951 - APN, LLC)
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
Chicken Invaders 2 (x32 Version:  - Oberon Media)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (x32 Version:  - Oberon Media)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Everest Poker (Remove Only) (x32 Version:  - )
Farm Frenzy 2 (x32 Version:  - Oberon Media)
FIFA 10 (x32 Version: 1.0.0.0 - Electronic Arts)
Free Audio CD Burner version 1.4 (x32 Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128 - DVDVideoSoft Ltd.)
Granny In Paradise (x32 Version:  - Oberon Media)
Heroes of Hellas (x32 Version:  - Oberon Media)
Identity Card (x32 Version: 1.00.3001 - Acer Incorporated)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 16 (x32 Version: 6.0.160 - Sun Microsystems, Inc.)
Java(TM) 6 Update 20 (x32 Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 3.0.04 - Acer Inc.)
LSI HDA Modem (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
OpenOffice.org 3.1 (x32 Version: 3.1.9420 - OpenOffice.org)
PartyPoker (x32 Version:  - PartyGaming)
PokerStars (x32 Version:  - PokerStars)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 6.2.10687 - Skype Technologies S.A.)
Skype™ 6.9 (x32 Version: 6.9.106 - Skype Technologies S.A.)
Uninstall 1.0.0.1 (x32 Version:  - )
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (x32 Version:  - Microsoft)
VideoPlayer v2.0.6 (x32 Version: v2.0.6 - TUGUU SL)
VLC media player 1.0.0-rc1 (x32 Version: 1.0.0-rc1 - VideoLAN Team)
Welcome Center (x32 Version: 1.00.3005 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-Bit) (x32 Version: 5.00.0 - win.rar GmbH)
XSManager (x32 Version: 3.0 - XSManager)
Zoosk Messenger (x32 Version: 4.157.2 - Zoosk, Inc.)
Zoosk Messenger (x32 Version: 4.157.2 - Zoosk, Inc.) Hidden

==================== Restore Points  =========================

18-10-2013 21:07:32 Uniblue SpeedUpMyPC installation
20-10-2013 18:13:45 Windows-Sicherung
20-10-2013 19:30:11 Removed SpyHunter
17-11-2013 18:00:16 Windows-Sicherung
14-01-2014 10:41:07 Windows-Sicherung
14-01-2014 13:57:16 eBay Worldwide wird entfernt
17-01-2014 17:11:54 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B02366D-7912-4F82-9190-36DA9856722B} - \Feven 1.5-enabler No Task File
Task: {0F6451BB-C4AC-47DD-AC86-EA0797E62D90} - System32\Tasks\{A8F938EE-BE11-47EE-B4BD-5936895BD75D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsProgressBar
Task: {1A67FCE2-8AB7-49CD-B52C-2F53E59B9ED3} - \PC Performer_DEFAULT No Task File
Task: {2EC928C5-FA14-4917-96CE-79B18EC5F980} - \PC Performer_UPDATES No Task File
Task: {31ACF54F-5C62-476F-BEBB-7709ED7254AB} - \Feven 1.5-chromeinstaller No Task File
Task: {3BF8D7C6-8A73-4155-A68B-9A41406823C4} - System32\Tasks\{41A26154-8371-4B30-AA5D-1E480D131825} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=12007&amp;installinfo=google-toolbar:notoffered;disabled,google-chrome:notoffered;disabled
Task: {579FAA0B-6F55-4C01-85DA-99D7073404D3} - \Feven 1.5-firefoxinstaller No Task File
Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {6A6FCBE1-BB2A-4E42-9430-22EE71EFFB13} - System32\Tasks\Egis technology-Online-Aktualisierungsprogramm => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
Task: {8B272B69-47D0-4326-8C06-15D6FE9E88A8} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {8C91A8AC-FAE7-4AD8-8A7D-068131A9F587} - \DealPly No Task File
Task: {B189A1B2-391B-4268-B4E8-556677D2FEBA} - \Desk 365 RunAsStdUser No Task File
Task: {B786AAC0-09F4-4634-911A-26EA02FAA3CB} - System32\Tasks\{D489B908-421E-402C-A4FA-3A7162BEA636} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.1.0.104&amp;LastError=404
Task: {C9F4C42F-29ED-4C52-AC05-1AD0662CE3EF} - \Feven 1.5-updater No Task File
Task: {D55A0450-9A20-47E9-8251-7C521CE0BA06} - \Feven 1.5-codedownloader No Task File
Task: {DDF6DCC0-691B-4052-8BD5-269B9A047B3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-14] (Adobe Systems Incorporated)
Task: {E0DC8D2E-6663-4BCD-94D1-85F04CFEFCF2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {FD9B3687-B21B-4213-A8B5-24657658F8A9} - \PC Performer No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-01-14 15:05 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-08-18 15:54 - 2009-08-18 15:54 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-01-14 15:02 - 2014-01-14 15:02 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2014 07:36:51 PM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 14.0.2.254 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: cb4

Startzeit: 01cf13b2decdbcb4

Endzeit: 30586

Anwendungspfad: C:\program files (x86)\avira\antivir desktop\avscan.exe

Berichts-ID: 3e81c83c-7fa6-11e3-902b-00262d60ffc0

Error: (01/17/2014 06:08:19 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/17/2014 06:08:19 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/17/2014 06:08:19 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/17/2014 06:08:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (01/17/2014 06:08:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.


System errors:
=============
Error: (01/17/2014 06:26:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (01/17/2014 06:26:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 4090.93 MB
Available physical RAM: 2584.07 MB
Total Pagefile: 8180 MB
Available Pagefile: 6475.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:78.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: CCA6CCA6)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:filefind
*PC Performer*
*DAEMON Tools Toolbar*
*VideoScavenger*
*Feven*
*Opti Toolbar*

:folderfind
*PC Performer*
*DAEMON Tools Toolbar*
*VideoScavenger*
*Feven*
*Opti Toolbar*

:regfind
PC Performer
DAEMON Tools Toolbar
VideoScavenger
Feven
Opti Toolbar

Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 14:34 on 18/01/2014 by Artur
Administrator - Elevation successful

========== filefind ==========

Searching for "*PC Performer*"
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer\PC Performer entfernen.lnk.vir	--a---- 1061 bytes	[14:22 26/08/2013]	[14:22 26/08/2013] 590EB686C360742833ED430EEAB78321
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer\PC Performer.lnk.vir	--a---- 1076 bytes	[14:22 26/08/2013]	[14:22 26/08/2013] C5F618BD34DEE1D7596F5CD7D0FE6F22
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\PC Performer.vir	--a---- 3118 bytes	[14:22 26/08/2013]	[15:44 17/01/2014] 8A4107F6702354B54317EB8AB6901CB9
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\PC Performer_DEFAULT.vir	--a---- 2870 bytes	[14:23 26/08/2013]	[14:23 26/08/2013] A53409971BA84F9D0FD3F0FA880D4CCA
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\PC Performer_UPDATES.vir	--a---- 3026 bytes	[14:23 26/08/2013]	[14:23 26/08/2013] 85DB0519FD5E53CF3ED8F4F8F7906FF8
C:\AdwCleaner\Quarantine\C\Windows\Tasks\PC Performer_DEFAULT.job.vir	--a---- 276 bytes	[14:23 26/08/2013]	[14:02 14/01/2014] 8AC24BB9562718DAF2D37BDDE38D7518
C:\AdwCleaner\Quarantine\C\Windows\Tasks\PC Performer_UPDATES.job.vir	--a---- 284 bytes	[14:23 26/08/2013]	[14:23 16/10/2013] E02612E82B3E842FB90D1F6C817168E7

Searching for "*DAEMON Tools Toolbar*"
No files found.

Searching for "*VideoScavenger*"
No files found.

Searching for "*Feven*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-bho.dll.vir	--a---- 602984 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] DD9D583BCEB723A7898EAA9487C1A70E
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll.vir	--a---- 945000 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] DB1E01819C3EBC5C9EBAF35837EC0545
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil.dll.vir	--a---- 405352 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] C720A1012394D1016992072D41531160
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil.exe.vir	--a---- 343400 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] AF00F05C4DB8576C4E0D330611B2C426
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil64.dll.vir	--a---- 491368 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 1F540C4A424FBF88B4BBFD38CD685D81
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil64.exe.vir	--a---- 447848 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 425B210930EFC6D3C8DF5FF9B095BE60
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-chromeinstaller.exe.vir	--a---- 489320 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 9C1642D80035BF68AE62A44E942E2AC0
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe.vir	--a---- 491880 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 60052B970C6FB23D8FC5EB3EBB2C3D0E
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-enabler.exe.vir	--a---- 351080 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 50E2F1AF9955E48BB27F7375FD05EF3C
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-firefoxinstaller.exe.vir	--a---- 727400 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 9EE0CA9753CD62BF5189B9A757C5205B
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-helper.exe.vir	--a---- 341352 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] D793AAD690A7FE3BB93F7945FD2F3516
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-updater.exe.vir	--a---- 367976 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 9E2B4F023B39DD650725365DCC20F864
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5.ico.vir	--a---- 9662 bytes	[09:39 05/10/2013]	[09:39 05/10/2013] CBA54D9A267EEB7AB6AC5D8B98A28E1D
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Feven 1.5-chromeinstaller.vir	--a---- 4920 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 0B7933DE40665A1D2EE21CB30A1DB97B
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Feven 1.5-codedownloader.vir	--a---- 4216 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 1804C5132D900D981B88BD1DAD7160BE
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Feven 1.5-enabler.vir	--a---- 4116 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 9CD2FD8644D422BF03BF784450605E66
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Feven 1.5-firefoxinstaller.vir	--a---- 4844 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] 234C2EF63A43B2F0B96894C6A6600314
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Feven 1.5-updater.vir	--a---- 4314 bytes	[20:49 10/10/2013]	[20:49 10/10/2013] ECEBD3F3D617E6F462D2DFDB81795A34
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Feven 1.5-chromeinstaller.job.vir	--a---- 1890 bytes	[20:49 10/10/2013]	[15:49 17/01/2014] 4ED88B1130B9CF5AA28A91B3254F2AAC
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Feven 1.5-codedownloader.job.vir	--a---- 1186 bytes	[20:49 10/10/2013]	[15:49 17/01/2014] 98ECA31519CCD2050AE2AC43B3B1202B
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Feven 1.5-enabler.job.vir	--a---- 1086 bytes	[20:49 10/10/2013]	[15:49 17/01/2014] 3AA52ABFDEBD709B26812D419A52606B
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Feven 1.5-firefoxinstaller.job.vir	--a---- 1814 bytes	[20:49 10/10/2013]	[15:54 17/01/2014] 235E7CFD26BA531D398FC2472C4B9F69
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Feven 1.5-updater.job.vir	--a---- 1284 bytes	[20:49 10/10/2013]	[15:49 17/01/2014] C32A2AE81E6C00D8AD5F476AA13D8B45
C:\Windows\System32\NdfEventView.xml	--a---- 565 bytes	[20:35 10/06/2009]	[20:35 10/06/2009] 86166DAA04A6C154826508304CC6D4AC
C:\Windows\SysWOW64\NdfEventView.xml	--a---- 565 bytes	[21:18 10/06/2009]	[21:18 10/06/2009] 86166DAA04A6C154826508304CC6D4AC
C:\Windows\winsxs\amd64_microsoft-windows-n..nosticsframeworkapi_31bf3856ad364e35_6.1.7600.16385_none_86e6a231c4ced139\NdfEventView.xml	--a---- 565 bytes	[20:35 10/06/2009]	[20:35 10/06/2009] 86166DAA04A6C154826508304CC6D4AC
C:\Windows\winsxs\x86_microsoft-windows-n..nosticsframeworkapi_31bf3856ad364e35_6.1.7600.16385_none_2ac806ae0c716003\NdfEventView.xml	--a---- 565 bytes	[21:18 10/06/2009]	[21:18 10/06/2009] 86166DAA04A6C154826508304CC6D4AC

Searching for "*Opti Toolbar*"
No files found.

========== folderfind ==========

Searching for "*PC Performer*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC Performer	d------	[16:23 17/01/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer	d------	[16:23 17/01/2014]
C:\AdwCleaner\Quarantine\C\Users\Artur\AppData\Roaming\PerformerSoft\PC Performer	d------	[16:23 17/01/2014]

Searching for "*DAEMON Tools Toolbar*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DAEMON Tools Toolbar	d------	[16:23 17/01/2014]

Searching for "*VideoScavenger*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoScavenger_1eEI	d------	[16:23 17/01/2014]

Searching for "*Feven*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5	d------	[16:23 17/01/2014]

Searching for "*Opti Toolbar*"
No folders found.

========== regfind ==========

Searching for "PC Performer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A67FCE2-8AB7-49CD-B52C-2F53E59B9ED3}]
"Path"="\PC Performer_DEFAULT"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EC928C5-FA14-4917-96CE-79B18EC5F980}]
"Path"="\PC Performer_UPDATES"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD9B3687-B21B-4213-A8B5-24657658F8A9}]
"Path"="\PC Performer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_DEFAULT]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_UPDATES]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"RestoreStatusDescription"="PC Performer Di, Aug 27, 13  21:20"

Searching for "DAEMON Tools Toolbar"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\DT Soft\DAEMON Tools Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASMANCS]
[HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\DT Soft\DAEMON Tools Toolbar]

Searching for "VideoScavenger"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}\1.0\0\win32]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll\1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}\1.0\HELPDIR]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start\CurVer]
@="VideoScavenger_1eInstaller.Start.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}\InprocServer32]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}\ProgID]
@="VideoScavenger_1eInstaller.Start.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}\VersionIndependentProgID]
@="VideoScavenger_1eInstaller.Start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}\1.0\0\win32]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll\1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}\1.0\HELPDIR]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin]
"Description"="VideoScavenger Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin]
"Path"="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\NP1eEISB.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin\MimeTypes\application/x-videoscavenger_1epluginei]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin\MimeTypes\application/x-videoscavenger_1epluginei]
"Description"="VideoScavenger Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}\InprocServer32]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}\ProgID]
@="VideoScavenger_1eInstaller.Start.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}\VersionIndependentProgID]
@="VideoScavenger_1eInstaller.Start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}\1.0\0\win32]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll\1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}\1.0\HELPDIR]
@="C:\Program Files (x86)\VideoScavenger_1eEI\Installr\1.bin\1eEZSETP.dll\"

Searching for "Feven"
[HKEY_CURRENT_USER\Software\Classes\Interface\{06437ABB-C419-4B11-A474-1A2B02FBD646}]
@="_ISelfEvents"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{06437ABB-C419-4B11-A474-1A2B02FBD646}]
@="_ISelfEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B02366D-7912-4F82-9190-36DA9856722B}]
"Path"="\Feven 1.5-enabler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31ACF54F-5C62-476F-BEBB-7709ED7254AB}]
"Path"="\Feven 1.5-chromeinstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{579FAA0B-6F55-4C01-85DA-99D7073404D3}]
"Path"="\Feven 1.5-firefoxinstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9F4C42F-29ED-4C52-AC05-1AD0662CE3EF}]
"Path"="\Feven 1.5-updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D55A0450-9A20-47E9-8251-7C521CE0BA06}]
"Path"="\Feven 1.5-codedownloader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-chromeinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-codedownloader]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-enabler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-firefoxinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-updater]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
[HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Classes\Interface\{06437ABB-C419-4B11-A474-1A2B02FBD646}]
@="_ISelfEvents"
[HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Classes\Wow6432Node\Interface\{06437ABB-C419-4B11-A474-1A2B02FBD646}]
@="_ISelfEvents"
[HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000_Classes\Interface\{06437ABB-C419-4B11-A474-1A2B02FBD646}]
@="_ISelfEvents"
[HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000_Classes\Wow6432Node\Interface\{06437ABB-C419-4B11-A474-1A2B02FBD646}]
@="_ISelfEvents"

Searching for "Opti Toolbar"
No data found.

Searching for "         "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe"="Free Studio Manager                 "
[HKEY_LOCAL_MACHINE\SOFTWARE\Acer\Live Updater]
"BrandName"="acer           "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{107123CA-8691-4AA9-9D9F-DADFF1718826}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{EC290BBB-D618-4cb9-9963-1CAAE515443E}" ratingID="{5098B1DF-486F-4e79-A6D6-6E0879A63811}"/>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{BB63F1DB-83FB-4790-ABE5-920E0AC864BD}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
            <Rating ratingSystemID="{7F2A4D3A-23A8-4123-90E7-D986BF1D9718}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{9236ED52-B5FE-4227-8EB3-353C0BDABECF}"/>
            <Rating ratingSystemID="{5B39D1B8-ED49-4055
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="             <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="2.0"/>                 </InitializationParameters>                 <Resources>                     <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                         <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                         <Capability Type="Shell"/>                     </Resource>                 </Res
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" Architecture="32" >                         <InitializationParameters>                             <Param Name="PSVersion" Value="2.0"/>                         </InitializationParameters>                         <Resources>                             <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                 <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                                
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Live\Common]
"PCModel"="Aspire 5738                    "
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Live\Common]
"Manufacturer"="Acer           "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000]
"DriverDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\Settings]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0000]
"DriverDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0000]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0000\Settings]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0001]
"DriverDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0001]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0001\Settings]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_1002&DEV_9553&SUBSYS_02051025&REV_00\4&2721f094&0&0008]
"DeviceDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_INTENSO&PROD_RAINBOW&REV_0.00#09090800215314&0#]
"DeviceDesc"="Rainbow         "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_PHILIPS&PROD_SA21XX&REV_1100#AA00000000000001&0#]
"DeviceDesc"="SA21xx          "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USBMODEM&PROD_DISK&REV_2.31#7&2CF065CB&0&1234567890ABCDEF&0#]
"DeviceDesc"="Disk            "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\atikmdag\Device0]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\atikmdag\Device1]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\atikmdag\Device2]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\atikmdag\Device3]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000]
"DriverDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\Settings]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\PCI\VEN_1002&DEV_9553&SUBSYS_02051025&REV_00\4&2721f094&0&0008]
"DeviceDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_INTENSO&PROD_RAINBOW&REV_0.00#09090800215314&0#]
"DeviceDesc"="Rainbow         "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_PHILIPS&PROD_SA21XX&REV_1100#AA00000000000001&0#]
"DeviceDesc"="SA21xx          "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USBMODEM&PROD_DISK&REV_2.31#7&2CF065CB&0&1234567890ABCDEF&0#]
"DeviceDesc"="Disk            "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\atikmdag\Device0]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\atikmdag\Device1]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\atikmdag\Device2]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\atikmdag\Device3]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000]
"DriverDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\Settings]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0000]
"DriverDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0000]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0000\Settings]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0001]
"DriverDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0001]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{F886A1A0-A55F-48D6-8AC0-16816756494E}\0001\Settings]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCI\VEN_1002&DEV_9553&SUBSYS_02051025&REV_00\4&2721f094&0&0008]
"DeviceDesc"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_INTENSO&PROD_RAINBOW&REV_0.00#09090800215314&0#]
"DeviceDesc"="Rainbow         "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_PHILIPS&PROD_SA21XX&REV_1100#AA00000000000001&0#]
"DeviceDesc"="SA21xx          "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USBMODEM&PROD_DISK&REV_2.31#7&2CF065CB&0&1234567890ABCDEF&0#]
"DeviceDesc"="Disk            "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\atikmdag\Device0]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\atikmdag\Device1]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\atikmdag\Device2]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\atikmdag\Device3]
"Device Description"="ATI Mobility Radeon HD 4570                   "
[HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe"="Free Studio Manager                 "
[HKEY_USERS\S-1-5-21-3246686102-3015398580-2044362402-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe"="Free Studio Manager                 "

-= EOF =-

Gibt es noch Probleme mit Malware? Wenn ja, welche?
Momentan habe ich nichts anderes gesehen.

Wie läuft der Rechner derzeit?
Der Rechner läuft schon seid einiger Zeit sehr langsam.

Bitte poste mit deiner nächsten Antwort

die beiden Logdateien von FRST,
die Logdatei von SystemLook,
die Beantwortung der gestellten Fragen.

[/QUOTE]

M-K-D-B · 19.01.2014, 10:45

Servus,

Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss daran räumen wir auf und ich gebe dir noch ein paar Tipps mit auf den Weg.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
AppInit_DLLs:   [ ] ()
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group
Task: {0B02366D-7912-4F82-9190-36DA9856722B} - \Feven 1.5-enabler No Task File
Task: {1A67FCE2-8AB7-49CD-B52C-2F53E59B9ED3} - \PC Performer_DEFAULT No Task File
Task: {2EC928C5-FA14-4917-96CE-79B18EC5F980} - \PC Performer_UPDATES No Task File
Task: {31ACF54F-5C62-476F-BEBB-7709ED7254AB} - \Feven 1.5-chromeinstaller No Task File
Task: {579FAA0B-6F55-4C01-85DA-99D7073404D3} - \Feven 1.5-firefoxinstaller No Task File
Task: {8C91A8AC-FAE7-4AD8-8A7D-068131A9F587} - \DealPly No Task File
Task: {B189A1B2-391B-4268-B4E8-556677D2FEBA} - \Desk 365 RunAsStdUser No Task File
Task: {C9F4C42F-29ED-4C52-AC05-1AD0662CE3EF} - \Feven 1.5-updater No Task File
Task: {D55A0450-9A20-47E9-8251-7C521CE0BA06} - \Feven 1.5-codedownloader No Task File
Task: {FD9B3687-B21B-4213-A8B5-24657658F8A9} - \PC Performer No Task File
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\DT Soft" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASMANCS" /f
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei von FRST,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

elliio1 · 24.01.2014, 17:10

FRST

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2014
Ran by Artur at 2014-01-24 17:08:58 Run:1
Running from C:\Users\Artur\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
AppInit_DLLs:   [ ] ()
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group
Task: {0B02366D-7912-4F82-9190-36DA9856722B} - \Feven 1.5-enabler No Task File
Task: {1A67FCE2-8AB7-49CD-B52C-2F53E59B9ED3} - \PC Performer_DEFAULT No Task File
Task: {2EC928C5-FA14-4917-96CE-79B18EC5F980} - \PC Performer_UPDATES No Task File
Task: {31ACF54F-5C62-476F-BEBB-7709ED7254AB} - \Feven 1.5-chromeinstaller No Task File
Task: {579FAA0B-6F55-4C01-85DA-99D7073404D3} - \Feven 1.5-firefoxinstaller No Task File
Task: {8C91A8AC-FAE7-4AD8-8A7D-068131A9F587} - \DealPly No Task File
Task: {B189A1B2-391B-4268-B4E8-556677D2FEBA} - \Desk 365 RunAsStdUser No Task File
Task: {C9F4C42F-29ED-4C52-AC05-1AD0662CE3EF} - \Feven 1.5-updater No Task File
Task: {D55A0450-9A20-47E9-8251-7C521CE0BA06} - \Feven 1.5-codedownloader No Task File
Task: {FD9B3687-B21B-4213-A8B5-24657658F8A9} - \PC Performer No Task File
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\DT Soft" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start.1" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASMANCS" /f
end
         
*****************

"AppInit_DLLs:   [ ] ()" => Value Data not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
HKCR\CLSID\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B02366D-7912-4F82-9190-36DA9856722B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B02366D-7912-4F82-9190-36DA9856722B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-enabler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A67FCE2-8AB7-49CD-B52C-2F53E59B9ED3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A67FCE2-8AB7-49CD-B52C-2F53E59B9ED3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_DEFAULT => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EC928C5-FA14-4917-96CE-79B18EC5F980} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EC928C5-FA14-4917-96CE-79B18EC5F980} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_UPDATES => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31ACF54F-5C62-476F-BEBB-7709ED7254AB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31ACF54F-5C62-476F-BEBB-7709ED7254AB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-chromeinstaller => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{579FAA0B-6F55-4C01-85DA-99D7073404D3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{579FAA0B-6F55-4C01-85DA-99D7073404D3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-firefoxinstaller => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C91A8AC-FAE7-4AD8-8A7D-068131A9F587} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C91A8AC-FAE7-4AD8-8A7D-068131A9F587} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B189A1B2-391B-4268-B4E8-556677D2FEBA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B189A1B2-391B-4268-B4E8-556677D2FEBA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9F4C42F-29ED-4C52-AC05-1AD0662CE3EF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9F4C42F-29ED-4C52-AC05-1AD0662CE3EF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D55A0450-9A20-47E9-8251-7C521CE0BA06} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D55A0450-9A20-47E9-8251-7C521CE0BA06} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.5-codedownloader => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD9B3687-B21B-4213-A8B5-24657658F8A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD9B3687-B21B-4213-A8B5-24657658F8A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer => Key deleted successfully.
C:\ProgramData\Temp => ":1D32EC29" ADS removed successfully.
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\Temp => ":93DE1838" ADS removed successfully.
C:\ProgramData\Temp => ":AB689DEA" ADS removed successfully.
C:\ProgramData\Temp => ":ABE89FFE" ADS removed successfully.

========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\DT Soft" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASAPI32" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DAEMON Tools Toolbar_RASMANCS" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoScavenger_1eInstaller.Start.1" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoScavenger_1e.com/Plugin" /f =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{d5763432-1edd-4a32-ae09-7ad46833676e}" /f =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{8F29C043-5144-4EF0-940C-4EE9288648F5}" /f =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASAPI32" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASMANCS" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


==== End of Fixlog ====

HitmanPro

Code:

ATTFilter

HitmanPro 3.7.8.208
www.hitmanpro.com

   Computer name . . . . : ARTUR-PC
   Windows . . . . . . . : 6.1.0.7600.X64/2
   User name . . . . . . : Artur-PC\Artur
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2014-01-24 17:14:10
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 58s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 145

   Objects scanned . . . : 1.516.215
   Files scanned . . . . : 35.572
   Remnants scanned  . . : 565.411 files / 915.232 keys

Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player) -> Deleted
   HKU\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro) -> Deleted
   HKU\S-1-5-21-3246686102-3015398580-2044362402-1000\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} (FLV Player) -> Deleted

Cookies _____________________________________________________________________

   C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Cookies\GEEZ3LLP.txt
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ad.360yield.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ad.zanox.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ads.escinteractive.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ads.stickyadstv.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ads.yahoo.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:adserverplus.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:adtech.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:advertising.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:apmebf.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:at.atwola.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:atdmt.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:burstnet.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:casalemedia.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:click.blueseek.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:collective-media.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:content-ssl.yieldmanager.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:content.yieldmanager.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:doubleclick.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:eas.apm.emediate.eu
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:h.atdmt.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:hotlog.ru
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:invitemedia.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:media6degrees.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:mediaplex.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:pool-eu-ie.creative-serving.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:ru4.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:serving-sys.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:smartadserver.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:specificclick.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:statcounter.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:track.adform.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:www.burstnet.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:www.googleadservices.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:xiti.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0jnm6dgn.default\cookies.sqlite:yadro.ru
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:2o7.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.123-template.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.12mnkys.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.360yield.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.adc-serv.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.adnet.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.adserver01.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.dyntracker.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.dyntracker.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.etmcms.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ad.zanox.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:adbrite.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.adk2.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.advrtice.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.aubi-plus.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.betweendigital.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.bremerhaven.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.cannaclicks.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.clicmanager.fr
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.crakmedia.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.immobilienscout24.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.linguee.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.monetizingpartners.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ads.us.e-planning.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:adtech.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:adultfriendfinder.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:advertising.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:adviva.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:apmebf.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:at.atwola.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:atdmt.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:autoscout24.112.2o7.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:burstnet.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:bwincom.122.2o7.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:c.atdmt.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:casalemedia.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:cdate.122.2o7.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:de.partypoker.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:de.sitestat.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:de.youporn.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:doubleclick.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:eas.apm.emediate.eu
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:eas4.emediate.eu
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:exoclick.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:fastclick.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:h.atdmt.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:hotlog.ru
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:in.getclicky.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:invitemedia.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:james.adbutler.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:livejasmin.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:markussexblog.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:media6degrees.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:mediaplex.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:new.livejasmin.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:partypoker.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:paypal.112.2o7.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:questionmarket.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:revsci.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:rts.pgmediaserve.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:rts.phn.doublepimp.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ru4.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:server.cpmstar.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:serving-sys.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:sexkiste.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:skydeutschland.122.2o7.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:smartadserver.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:specificclick.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:spylog.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:stat.adlabs.ru
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:stat.dealtime.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:statcounter.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:stats.htp.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:streamate.doublepimp.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:track.adform.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:track.effiliation.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:track.hubrus.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:track.zalando.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:tradedoubler.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:tribalfusion.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:www.etracker.de
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:www.googleadservices.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:www.sexkiste.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:www.youporn.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:xiti.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:yadro.ru
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:yieldmanager.net
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:youporn.com
   C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\88rk1qqq.default\cookies.sqlite:zedo.com

M-K-D-B · 27.01.2014, 19:00

Servus,

sorry für die späte Antwort. Brauchst du noch Hilfe?

Wenn ja, führe bitte noch ESET und SecurityCheck aus.

27.01.2014, 19:00	#8
M-K-D-B /// TB-Ausbilder	PC Performer entfernen! Servus, sorry für die späte Antwort. Brauchst du noch Hilfe? Wenn ja, führe bitte noch ESET und SecurityCheck aus.

PC Performer entfernen!

Plagegeister aller Art und deren Bekämpfung: PC Performer entfernen!