| |
| |||||||
Log-Analyse und Auswertung: Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit WerbungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.10.2014, 10:32
| #1 |
| |  Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Hi, Wenn ich im Google Chrom in den Seiten klicke, muss nicht unbedingt auf einen Link sein, öffnet sich eine neue Seite mit Werbung. Zusätzlich ist mir aufgefallen, dass übermäßig viel Werbung angezeigt wird. Die Werbung ist über der Seite und verdeckt diese teilweise. Hinzu kommt noch, dass immer wieder einige Wörter unterstrichen sind und mit einem Link zu einer Werbung hinterlegt sind. Ich weiss nicht, ob das zusammen hängt. Danke schonmal im Voraus für die Unterstützung. FRST.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by McFragga (administrator) on FRAGGA-TOP on 14-10-2014 11:24:37
Running from C:\Users\McFragga\Downloads
Loaded Profile: McFragga (Available profiles: McFragga & Präsentation)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(IWON) C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbarsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(MessengerPlus®) C:\Program Files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Program Files (x86)\Search\WebSearch.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\wzoomifyd.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(ICQ) C:\Users\McFragga\AppData\Roaming\ICQM\icq.exe
(Google) C:\Users\McFragga\AppData\Roaming\Google\Google Talk\googletalk.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyd32.exe
() C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyl32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [309248 2009-06-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [PlusService] => C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [811520 2014-02-23] (Yuna Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [MessengerPlusForSkypeService] => C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [132096 2014-08-06] (Yuna Software)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-08-12] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [ICQ] => C:\Users\McFragga\AppData\Roaming\ICQM\icq.exe [27598184 2013-05-11] (ICQ)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-05] ()
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [googletalk] => C:\Users\McFragga\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [ManyCam] => "C:/Program Files (x86)/ManyCam/ManyCam.exe" --silent
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [Google Update] => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-07] (Google Inc.)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [Amazon Music] => C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe [3356480 2014-07-22] ()
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB4688] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD6875] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB8749] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4912] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB182] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9342] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB7454] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD3285] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB1874] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD8937] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB3705] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9179] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB6450] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4325] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB2813] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\MountPoints2: {4303ed34-ff2e-11e0-8273-904ce5ff519e} - E:\setup.exe -a
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL File Not Found
AppInit_DLLs: ,C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-08-12] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => "C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL" File Not Found
AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-08-12] (Sophos Limited)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
URLSearchHook: HKLM-x32 - (No Name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No File
URLSearchHook: HKCU - (No Name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No File
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm217YYde&ptb=46379E51-C98F-49A5-A0A4-0180ECF8CC05&psa=&ind=2011021618&ptnrS=ZVxdm217YYde&si=xDE&st=sb&n=77ddc132&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKCU - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm217YYde&ptb=46379E51-C98F-49A5-A0A4-0180ECF8CC05&psa=&ind=2011021618&ptnrS=ZVxdm217YYde&si=xDE&st=sb&n=77ddc132&searchfor={searchTerms}
SearchScopes: HKCU - {B6D6AC4C-0CEE-4A2C-BAE1-E1E20BB33231} URL =
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Toolbar BHO -> {d6995d07-cd9b-4cc0-a22a-9e14684d6d64} -> C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbar.dll (IWON)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Assistant BHO -> {f0f3f55e-edfc-4ed4-affb-bcaf081ddeba} -> C:\Program Files (x86)\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
Toolbar: HKLM-x32 - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - IWON - {43a3055a-6ff3-4aa5-90e6-18a10297cb53} - C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbar.dll (IWON)
Toolbar: HKLM-x32 - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No File
Toolbar: HKCU - No Name - {43A3055A-6FF3-4AA5-90E6-18A10297CB53} - No File
Toolbar: HKCU - No Name - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://zone.msn.com/bingame/luxr/default/mjolauncher.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Winsock: Catalog5 10 C:\Windows\system32\d3dy61rko.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{458B23B6-5E12-4AD2-8CC2-7027F9D37F5A}: [NameServer] 139.6.1.2,139.6.1.66
Tcpip\..\Interfaces\{6743AA9F-FAEA-4219-8182-FEF7A00B184D}: [NameServer] 139.6.1.2,139.6.1.66
Tcpip\..\Interfaces\{DC957AEE-BF7B-41E4-BE48-72E484240555}: [NameServer] 139.6.1.2,139.6.1.66
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=0.9.8a -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @bittorrent.com/BitTorrentDNA -> C:\Users\McFragga\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\McFragga\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\McFragga\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\McFragga\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\McFragga\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\McFragga\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\McFragga\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Toolbar fuer eBay - C:\Program Files (x86)\Mozilla Firefox\extensions\ebay.xpi [2008-09-09]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{6E19037A-12E3-4295-8915-ED48BC341614}] - C:\Program Files (x86)\PremierOpinion
FF HKCU\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\McFragga\Program Files (x86)\DNA
FF Extension: DNA - C:\Users\McFragga\Program Files (x86)\DNA [2010-08-26]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Plus-HD-1.5) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm [2013-06-18]
CHR Extension: (Google Docs) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-18]
CHR Extension: (Google Drive) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-28]
CHR Extension: (Google-Suche) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-18]
CHR Extension: (Monster Trucks 360) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahlnbcfknpidmnoildgnpkmcocdhap [2014-03-23]
CHR Extension: (Monster Trucks) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjjlpfkbombmfgjkagbdnjjhfpocpjpe [2014-03-20]
CHR Extension: (Google Wallet) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-18]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\McFragga\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-03]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [bgpdpaleocmcbkehebpiihkpddggpoif] - C:\Users\McFragga\AppData\Local\Temp\bgpdpaleocmcbkehebpiihkpddggpoif.crx [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DailytoolsUpdateService; C:\Windows\SysWOW64\update1.dll [352256 2014-07-31] (Dailytools GmbH) [File not signed]
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [50688 2009-11-15] () [File not signed]
S2 gupdate1ca7aae5ec8cafa; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-12-12] (Google Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-01] (SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [948224 2009-11-15] () [File not signed]
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [690688 2009-11-15] () [File not signed]
R2 IWONGIEService; C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbarsvc.exe [28766 2011-02-17] (IWON) [File not signed]
R2 MessengerPlus; C:\Program Files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe [7275376 2014-04-01] (MessengerPlus®)
R2 MsgPlusService_1; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [132096 2014-08-06] (Yuna Software) [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-08-12] (Sophos Limited)
S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-08-12] (Sophos Limited)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Search; C:\Program Files (x86)\Search\WebSearch.exe [435696 2014-08-07] ()
S2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2012-09-24] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-08-12] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2012-09-24] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-08-12] (Sophos Limited)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\STacSV64.exe [240128 2009-07-15] (IDT, Inc.)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-08-12] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-08-12] (Sophos Limited)
R2 wzoomifyd; C:\ProgramData\zoomify2\1.1.0.25\wzoomifyd.exe [161792 2014-10-03] (Zoomify Agent) [File not signed]
R2 zoomify; C:\ProgramData\zoomify2\1.1.0.25\zoomify.exe [458752 2014-10-03] (Zoomify Agent) [File not signed]
S2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
S3 KUSBusByTCP; C:\Windows\SysWOW64\Drivers\KUSBusByTCP.sys [121880 2007-07-20] (Windows (R) Codename Longhorn DDK provider)
S3 KUSBusByTCPMasterBus; C:\Windows\SysWOW64\Drivers\KUSBusByTCPMasterBus.sys [66584 2007-07-20] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [48800 2009-05-07] (O2Micro )
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [267296 2008-05-28] (Creative Technology Ltd.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-08-12] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-08-12] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-08-12] (Sophos Limited)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-14 10:31 - 2014-10-14 10:32 - 00000091 _____ () C:\Users\McFragga\AppData\Roaming\WB.CFG
2014-10-14 10:14 - 2014-10-14 10:14 - 00055636 _____ () C:\Users\McFragga\Desktop\FRST.txt
2014-10-14 09:40 - 2014-10-14 09:46 - 00054856 _____ () C:\Users\McFragga\Downloads\Addition(1).txt
2014-10-14 09:38 - 2014-10-14 11:25 - 00034987 _____ () C:\Users\McFragga\Downloads\FRST.txt
2014-10-14 09:38 - 2014-10-14 11:24 - 00000000 ____D () C:\FRST
2014-10-14 09:33 - 2014-10-14 09:33 - 02110464 _____ (Farbar) C:\Users\McFragga\Downloads\FRST64.exe
2014-10-14 09:32 - 2014-10-14 10:32 - 00000324 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-10-14 09:32 - 2014-10-14 09:32 - 00003318 _____ () C:\Windows\System32\Tasks\ASP
2014-10-14 09:32 - 2014-10-14 09:32 - 00003274 _____ () C:\Windows\System32\Tasks\WSE_Astromenda
2014-10-14 09:31 - 2014-10-14 10:31 - 00000320 _____ () C:\Windows\Tasks\Digital Sites.job
2014-10-14 09:31 - 2014-10-14 10:01 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Systweak
2014-10-14 09:31 - 2014-10-14 09:32 - 00000280 _____ () C:\Users\McFragga\Desktop\Cut the Rope.url
2014-10-14 09:31 - 2014-10-14 09:32 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\WSE_Astromenda
2014-10-14 09:31 - 2014-10-14 09:32 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-10-14 09:31 - 2014-10-14 09:31 - 00003270 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-10-14 09:31 - 2014-10-14 09:31 - 00001205 _____ () C:\Users\Public\Desktop\File Extractor.lnk
2014-10-14 09:31 - 2014-10-14 09:31 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\DigitalSites
2014-10-14 09:31 - 2014-10-14 09:31 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\1H1Q
2014-10-14 09:31 - 2014-10-14 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaks
2014-10-14 09:31 - 2014-10-14 09:31 - 00000000 ____D () C:\Program Files (x86)\Tweaks
2014-10-14 09:31 - 2014-08-29 17:02 - 00020296 _____ () C:\Windows\system32\roboot64.exe
2014-10-14 09:29 - 2014-10-14 09:29 - 00712224 _____ ( ) C:\Users\McFragga\Downloads\FileExtractorSetup.exe
2014-10-14 09:15 - 2014-10-14 09:15 - 00001288 _____ () C:\Users\McFragga\Desktop\Revo Uninstaller.lnk
2014-10-14 09:15 - 2014-10-14 09:15 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-14 09:10 - 2014-10-14 09:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\McFragga\Downloads\revosetup95.exe
2014-10-14 09:00 - 2014-10-14 09:00 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{EC522005-A896-4EDF-93A7-53B962ED6124}
2014-10-14 08:58 - 2014-10-14 08:58 - 00002750 _____ () C:\Windows\System32\Tasks\Tempo Runner zoomifyD32
2014-10-13 23:29 - 2014-10-13 23:29 - 00000196 _____ () C:\Windows\Tasks\Tempo Runner wzoomifyd.job
2014-10-13 23:25 - 2014-10-14 08:59 - 00000414 _____ () C:\Windows\Tasks\Tempo Runner zoomifyD32.job
2014-10-13 23:21 - 2014-10-13 23:21 - 00001315 _____ () C:\Users\Präsentation\Desktop\ELT2 - Verknüpfung.lnk
2014-10-13 23:19 - 2014-10-13 23:19 - 00114224 _____ () C:\Users\Präsentation\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 23:19 - 2014-10-13 23:19 - 00001427 _____ () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 23:19 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation\AppData\Roaming\Adobe
2014-10-13 23:19 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation\AppData\Local\VirtualStore
2014-10-13 23:18 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation\AppData\Local\Google
2014-10-13 23:18 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation
2014-10-13 23:18 - 2014-10-13 23:18 - 00000020 ___SH () C:\Users\Präsentation\ntuser.ini
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Vorlagen
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Startmenü
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Netzwerkumgebung
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Lokale Einstellungen
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Eigene Dateien
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Druckumgebung
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Documents\Eigene Musik
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Documents\Eigene Bilder
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Local\Verlauf
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Local\Anwendungsdaten
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Anwendungsdaten
2014-10-13 23:18 - 2013-06-23 23:54 - 00000000 ____D () C:\Users\Präsentation\AppData\LocalGoogle
2014-10-13 23:18 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 23:18 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 17:32 - 2014-10-13 17:32 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{EAF59199-3540-4714-849E-F4342185AFB7}
2014-10-11 14:06 - 2014-10-11 14:07 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3930A54F-13A0-4518-97E9-7D4B6EAFCE01}
2014-10-10 17:10 - 2014-10-14 08:58 - 00001196 _____ () C:\Windows\PFRO.log
2014-10-10 17:10 - 2014-10-14 08:58 - 00000224 _____ () C:\Windows\setupact.log
2014-10-10 17:10 - 2014-10-10 17:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 09:59 - 2014-10-10 09:59 - 00134930 _____ () C:\Users\McFragga\Documents\cc_20141010_095852.reg
2014-10-10 08:38 - 2014-10-10 08:38 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{F12AA903-CB40-4904-9BE4-879E7093E6A1}
2014-10-09 17:36 - 2014-10-09 17:36 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{B1BD25DA-E02B-44C8-8823-AC575FA580B0}
2014-10-08 17:46 - 2014-10-08 17:47 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-10-08 17:19 - 2014-10-08 17:19 - 56484761 _____ () C:\Users\McFragga\Downloads\texmakerwin32_43install.exe
2014-10-08 15:59 - 2014-10-08 15:59 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{2F3DF262-D160-4BAE-A103-58BE9FC54F6A}
2014-10-07 18:27 - 2014-10-07 18:27 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-07 15:59 - 2014-10-07 15:59 - 00164204 _____ () C:\Users\McFragga\Downloads\tam384.wav
2014-10-07 15:43 - 2014-10-07 15:43 - 00000000 ____D () C:\zoomify
2014-10-07 15:43 - 2014-10-07 15:43 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{88D98007-F8B1-40C0-8910-6E78263CBDF8}
2014-10-07 15:40 - 2014-10-07 15:40 - 00000000 ____D () C:\dgTemp
2014-10-03 10:33 - 2014-10-03 10:33 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3F898691-9ABF-4A21-945F-DB3158D55295}
2014-10-02 09:14 - 2014-10-02 09:15 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{D19B4271-76FF-4012-80B3-641F4FF0EDEC}
2014-10-01 17:58 - 2014-10-01 17:58 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{8ABA6490-DB07-496D-9EAF-4C9E2E24D8C6}
2014-10-01 17:51 - 2014-10-01 17:51 - 00278568 _____ () C:\Windows\system32\.crusader
2014-10-01 07:59 - 2014-10-01 07:59 - 00001911 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-01 07:59 - 2014-10-01 07:59 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-01 07:43 - 2014-10-03 10:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-01 07:43 - 2014-10-01 07:43 - 00004032 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-10-01 07:42 - 2014-10-07 15:40 - 00000000 ____D () C:\ProgramData\zoomify2
2014-10-01 07:03 - 2014-10-01 07:03 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{76141177-F8F9-4478-AE02-28A4C65DA378}
2014-10-01 07:02 - 2014-10-01 07:34 - 00000408 _____ () C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\Program Files (x86)\FRITZ!BoxPrint
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-09-30 12:41 - 2006-05-29 02:00 - 00016384 ____R (AVM Berlin GmbH) C:\Windows\SysWOW64\avmprmon.dll
2014-09-30 12:41 - 2006-01-20 13:43 - 00055808 ____R (AVM GmbH) C:\Windows\SysWOW64\avmadd32.dll
2014-09-30 11:49 - 2014-09-30 12:18 - 00371447 _____ () C:\Users\McFragga\Downloads\Sicherung Fritzbox - Kopie.export
2014-09-30 11:37 - 2014-09-30 11:37 - 00181508 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_30.09.14_1136.export
2014-09-30 11:25 - 2014-09-30 11:25 - 00180979 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_01.01.70_0134.export
2014-09-30 11:16 - 2014-09-30 11:56 - 00180979 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_01.01.70_0125.export
2014-09-29 22:11 - 2014-09-29 22:11 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3BA57547-9E9F-4D8D-AE05-52AF9349F5E2}
2014-09-27 12:03 - 2014-09-27 12:03 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{73E1A97A-4F05-4462-8BC9-F4274322B57F}
2014-09-27 00:47 - 2014-09-27 00:47 - 00002547 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-27 00:47 - 2014-09-27 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-26 16:56 - 2014-09-26 16:56 - 00371434 _____ () C:\Users\McFragga\Downloads\Sicherung Fritzbox.export
2014-09-26 15:25 - 2014-09-26 15:25 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{5F4CF919-CDE6-44CD-80E0-B702CE24ED1A}
2014-09-25 17:32 - 2014-09-25 17:33 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{5D66D4CF-D290-4C6F-A903-6341FA44A775}
2014-09-24 21:43 - 2014-09-24 21:45 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{4CF99315-6629-4845-8DAD-C64FBB209833}
2014-09-24 08:21 - 2014-09-24 08:21 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{4A67E08F-7051-4C3F-9BFB-4A06ABEC52D7}
2014-09-23 06:53 - 2014-09-23 06:53 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{801683DC-75A5-475A-B1F6-637010436F3E}
2014-09-22 09:56 - 2014-09-22 09:56 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{95B75D87-AB9C-4CD8-89A9-0163B97A71A0}
2014-09-21 13:32 - 2014-09-21 13:33 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{CD3EA7D6-5936-4F9F-A5B6-CF9C9FFB557C}
2014-09-19 09:07 - 2014-09-19 09:07 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{62D623A0-3581-41CA-A1DB-5BEA8D8E94C7}
2014-09-17 21:53 - 2014-09-17 21:53 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{0CCECC02-AA89-4D29-A0A0-3CF3AC10AEB4}
2014-09-17 08:41 - 2014-09-17 08:41 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{116CF9DC-23DE-41D6-9711-9BC5FFC5B719}
2014-09-16 01:53 - 2014-09-16 01:53 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{394FAEB2-2918-47AB-A275-61642956B2E9}
2014-09-15 11:37 - 2014-09-15 11:37 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{83D53776-02E4-4D18-AF42-D80921D9ECD2}
2014-09-14 20:56 - 2014-09-14 20:56 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3BAF8D49-5D42-489B-A851-42C5C2F6F157}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-14 11:11 - 2009-12-12 00:07 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Skype
2014-10-14 11:08 - 2012-08-07 14:56 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
2014-10-14 10:56 - 2014-01-11 20:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-14 10:35 - 2009-12-12 00:14 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-14 09:08 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-14 09:08 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-14 09:00 - 2013-05-03 17:49 - 00000000 ___RD () C:\Users\McFragga\Google Drive
2014-10-14 08:58 - 2013-05-14 06:04 - 00001176 _____ () C:\Windows\Tasks\Plus-HD-1.5-updater.job
2014-10-14 08:58 - 2013-05-14 06:03 - 00001770 _____ () C:\Windows\Tasks\Plus-HD-1.5-chromeinstaller.job
2014-10-14 08:58 - 2013-05-14 06:03 - 00001754 _____ () C:\Windows\Tasks\Plus-HD-1.5-firefoxinstaller.job
2014-10-14 08:58 - 2013-05-14 06:03 - 00001188 _____ () C:\Windows\Tasks\Plus-HD-1.5-codedownloader.job
2014-10-14 08:58 - 2009-12-12 00:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-14 08:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-13 23:27 - 2009-07-14 07:10 - 02090248 _____ () C:\Windows\WindowsUpdate.log
2014-10-13 23:23 - 2010-01-08 13:12 - 00000400 _____ () C:\Windows\ODBC.INI
2014-10-13 23:01 - 2012-03-31 13:34 - 00000000 ____D () C:\ProgramData\Messenger Plus! for Skype
2014-10-13 20:42 - 2011-09-21 23:32 - 00001150 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
2014-10-13 17:42 - 2011-09-21 23:32 - 00001128 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
2014-10-11 14:39 - 2009-12-14 20:21 - 00000000 ____D () C:\Users\McFragga\Studium
2014-10-10 09:52 - 2011-02-17 09:38 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Winamp
2014-10-10 09:52 - 2009-12-10 07:40 - 00000000 ____D () C:\Users\McFragga\Tracing
2014-10-10 09:51 - 2014-09-04 11:25 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-10-10 09:26 - 2011-03-21 08:49 - 00000000 ____D () C:\Windows\Minidump
2014-10-08 17:58 - 2011-10-25 21:39 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-10-08 17:50 - 2011-10-25 21:52 - 00000000 ____D () C:\Users\McFragga\AppData\Local\Motorola
2014-10-08 17:48 - 2011-10-25 21:51 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 15:57 - 2012-03-23 23:17 - 00000000 ____D () C:\Temp
2014-10-02 12:08 - 2012-08-07 14:56 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
2014-10-01 09:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-01 07:39 - 2011-10-05 16:05 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-01 06:59 - 2011-10-05 17:12 - 00254080 _____ () C:\aaw7boot.log
2014-09-30 08:28 - 2014-09-08 08:38 - 00003626 _____ () C:\Windows\System32\Tasks\Ad-Aware Update (Weekly)
2014-09-29 22:09 - 2011-10-08 16:07 - 00000064 _____ () C:\Windows\SysWOW64\rp_stats.dat
2014-09-29 22:09 - 2011-10-08 16:07 - 00000044 _____ () C:\Windows\SysWOW64\rp_rules.dat
2014-09-27 00:47 - 2009-12-12 00:07 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-27 00:46 - 2009-12-12 00:07 - 00000000 ____D () C:\ProgramData\Skype
2014-09-25 17:29 - 2010-04-23 09:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-09-25 10:44 - 2009-12-12 00:08 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-24 08:56 - 2014-01-11 20:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 08:56 - 2013-06-18 23:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 08:56 - 2013-06-18 23:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-17 22:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-15 11:47 - 2011-10-25 23:27 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\MyPhoneExplorer
2014-09-15 09:06 - 2009-12-09 16:12 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\McFragga\AppData\Local\Temp\39467-9915-gta.exe
C:\Users\McFragga\AppData\Local\Temp\ApnStub.exe
C:\Users\McFragga\AppData\Local\Temp\BackupSetup.exe
C:\Users\McFragga\AppData\Local\Temp\Del_DHUnistall.exe
C:\Users\McFragga\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\McFragga\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\McFragga\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\McFragga\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\McFragga\AppData\Local\Temp\MotoHelper_2.0.51_Driver_5.1.0.exe
C:\Users\McFragga\AppData\Local\Temp\msvcm80.dll
C:\Users\McFragga\AppData\Local\Temp\msvcp80.dll
C:\Users\McFragga\AppData\Local\Temp\msvcr80.dll
C:\Users\McFragga\AppData\Local\Temp\NEventMessages.dll
C:\Users\McFragga\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\McFragga\AppData\Local\Temp\Offercast2801_MYC_.exe
C:\Users\McFragga\AppData\Local\Temp\Offercast2802_MYC_.exe
C:\Users\McFragga\AppData\Local\Temp\RegSvr32User.exe
C:\Users\McFragga\AppData\Local\Temp\SkypeSetup.exe
C:\Users\McFragga\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\McFragga\AppData\Local\Temp\Update_0583.exe
C:\Users\McFragga\AppData\Local\Temp\Update_13f1.exe
C:\Users\McFragga\AppData\Local\Temp\Update_1548.exe
C:\Users\McFragga\AppData\Local\Temp\Update_1f2e.exe
C:\Users\McFragga\AppData\Local\Temp\Update_2a99.exe
C:\Users\McFragga\AppData\Local\Temp\Update_3425.exe
C:\Users\McFragga\AppData\Local\Temp\Update_3afd.exe
C:\Users\McFragga\AppData\Local\Temp\Update_3b6d.exe
C:\Users\McFragga\AppData\Local\Temp\Update_3c21.exe
C:\Users\McFragga\AppData\Local\Temp\Update_43f1.exe
C:\Users\McFragga\AppData\Local\Temp\Update_4cc5.exe
C:\Users\McFragga\AppData\Local\Temp\Update_5ea2.exe
C:\Users\McFragga\AppData\Local\Temp\Update_72d6.exe
C:\Users\McFragga\AppData\Local\Temp\Update_88e2.exe
C:\Users\McFragga\AppData\Local\Temp\Update_8959.exe
C:\Users\McFragga\AppData\Local\Temp\Update_945a.exe
C:\Users\McFragga\AppData\Local\Temp\Update_adf9.exe
C:\Users\McFragga\AppData\Local\Temp\Update_bbc9.exe
C:\Users\McFragga\AppData\Local\Temp\Update_bf10.exe
C:\Users\McFragga\AppData\Local\Temp\Update_d3a1.exe
C:\Users\McFragga\AppData\Local\Temp\Update_d3aa.exe
C:\Users\McFragga\AppData\Local\Temp\Update_e8f5.exe
C:\Users\McFragga\AppData\Local\Temp\Update_f39e.exe
C:\Users\McFragga\AppData\Local\Temp\Update_f46a.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 20:12
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by McFragga at 2014-10-14 11:26:55
Running from C:\Users\McFragga\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Anti-Virus (Disabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Disabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
50 FREE MP3s +1 Free Audiobook! (HKLM-x32\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Android Sync Manager WiFi (HKLM-x32\...\{33543A08-4293-0200-0000-000000000000}) (Version: 11.10.574 - Mobile Action)
Anki (HKLM-x32\...\Anki) (Version: - )
Application Suite (HKLM-x32\...\{087D3CBF-1ABB-47A8-8C3B-5E76A5D99E88}) (Version: - )
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Sicherungs- und Wiederherstellungs-Manager (HKLM\...\{CA6B1505-2C45-4211-8F9D-4198C409E1D4}) (Version: 1.0.0 - Dell, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.104.102.104 - ALPS ELECTRIC CO., LTD.)
DNA (HKCU\...\BitTorrent DNA) (Version: 2.2.4 (16502) - BitTorrent Inc.)
DVDVideoSoft Toolbar (HKLM-x32\...\DVDVideoSoft Toolbar) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623k) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular 12.2.1.6570k) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
Emergency 4 (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.03.001 - )
eMule (HKLM-x32\...\eMule) (Version: - )
Eudora (HKLM-x32\...\{A2219E87-FC62-4A98-B183-F7E02561DDBE}) (Version: - )
Extended Update (HKCU\...\Digital Sites) (Version: - Extended Update) <==== ATTENTION
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
File Extractor (HKLM-x32\...\Tweaks File Extractor) (Version: 1.1.1 - Tweaks) <==== ATTENTION
File Extractor Packages (HKCU\...\File Extractor Packages) (Version: - ) <==== ATTENTION
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free Studio version 4.4 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.1.40.1031 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.35.514 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.35.514 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
FUS-3100 Control Center (HKLM-x32\...\{D2613716-E7D5-4072-94CD-A014A0A38F0D}) (Version: 2.221 - LevelOne)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Grand Theft Auto (HKLM-x32\...\Grand Theft Auto) (Version: - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
ICQ 8.0 (build 6019) (HKCU\...\ICQ) (Version: 8.0.6019.0 - Mail.Ru)
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
ILK-ISO_5167 (HKLM-x32\...\{967C547C-208A-4020-9AA5-9277772D5C3D}) (Version: 1.0 - ILK Dresden)
IWON (HKLM-x32\...\IWONGIEbar Uninstall) (Version: - IWON)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Laptop Integrated Webcam Driver (1.01.01.0529) (HKLM\...\Creative OEM013) (Version: - )
LiaisonyLUST v1.7 [Motion Experiment] DEMO (HKLM-x32\...\7492D24A-C1D8-4548-A19D-153E9EBEA087) (Version: - Liaisony, Michael Szonn [www.szonn.com])
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.70.1044 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Maniac Mansion Deluxe (HKLM-x32\...\Maniac Mansion Deluxe) (Version: - )
ManyCam 4.0.44 (HKLM-x32\...\ManyCam) (Version: 4.0.44 - Visicom Media Inc.)
Messenger Plus! (HKLM-x32\...\Messenger Plus!) (Version: 6.00.0.780 - Yuna Software)
Messenger Plus! Community Smartbar (HKLM-x32\...\{4C6C9AB1-BC69-4CC1-AE46-4053352586CB}) (Version: 1.35.25.10903 - Messenger Plus!) <==== ATTENTION
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 3.0.0.195 - Yuna Software)
MFP Server Control Center (HKLM-x32\...\{A7A635CC-4F44-49A2-8066-7C3137DA70C4}) (Version: 2.28 - LevelOne)
mh-3rd Generation (HKLM-x32\...\{589D1525-A26D-4A43-B057-32DE00C239CA}) (Version: 1.00.000 - mh-software)
mh-3rd Generation Basis-Installation (HKLM-x32\...\{A44825D4-CE7A-11D3-83FE-0050DA3DB632}) (Version: 1.00.000 - mh-software)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Miniclip Toolbar (HKLM-x32\...\Miniclip Toolbar) (Version: 6.11.2.6 - Miniclip)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.811 - Electronic Arts)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
office Convert Pdf to PowerPoint for ppt Free 4.9 (HKLM-x32\...\office Convert Pdf to PowerPoint for ppt Free_is1) (Version: - Officeconvert Software, Inc.)
OpenOffice.org 3.1 (HKLM-x32\...\{D765F1CE-5AE5-4C47-B134-AE58AC474740}) (Version: 3.1.9420 - OpenOffice.org)
OpenTTD 1.3.1 (HKLM-x32\...\OpenTTD) (Version: 1.3.1 - OpenTTD)
Opera 12.02 (HKLM-x32\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
pdfsam (HKCU\...\pdfsam) (Version: 2.2.1 - )
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE 10.3 (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Roxio Creator DE 10.3 (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Simpsons Display Pictures (HKLM-x32\...\Simpsons Display Pictures) (Version: - Sherv.NET)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
Software Informer 1.0 BETA (HKLM-x32\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
Star Trek: Armada (HKLM-x32\...\Activision_StarTrekArmadaUninstallKey) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
USB2.0 PC Camera (HKLM-x32\...\{417D86A0-89FE-4308-B172-45B74DCE6F8F}) (Version: 2.2.0.0 - aveotek)
VLC media player 0.9.8a (HKLM-x32\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Toolbar (HKLM-x32\...\Winamp Toolbar) (Version: - ) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Word Excel PowerPoint to Pdf Converter 3000 7.3 (HKLM-x32\...\Word Excel PowerPoint to Pdf Converter 3000_is1) (Version: - Head Document Tool Software, Inc.)
World of Tanks v.0.6.7 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4088157530-2470593686-3206213926-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4088157530-2470593686-3206213926-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
01-10-2014 13:31:17 Prüfpunkt von HitmanPro
01-10-2014 15:50:26 Prüfpunkt von HitmanPro
03-10-2014 08:44:02 Prüfpunkt von HitmanPro
07-10-2014 13:55:02 Prüfpunkt von HitmanPro
07-10-2014 13:55:13 Windows Update
07-10-2014 14:30:09 Prüfpunkt von HitmanPro
08-10-2014 14:10:51 Prüfpunkt von HitmanPro
08-10-2014 15:45:24 Removed MOTOROLA MEDIA LINK.
08-10-2014 16:11:24 Prüfpunkt von HitmanPro
09-10-2014 15:55:18 Prüfpunkt von HitmanPro
10-10-2014 15:22:55 Prüfpunkt von HitmanPro
10-10-2014 15:27:59 Windows Update
11-10-2014 12:18:18 Prüfpunkt von HitmanPro
13-10-2014 15:36:58 Prüfpunkt von HitmanPro
14-10-2014 07:11:39 Prüfpunkt von HitmanPro
14-10-2014 07:59:03 Revo Uninstaller's restore point - RegClean-Pro
14-10-2014 08:07:56 Revo Uninstaller's restore point - Plus-HD-1.5
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {159D8A2D-AE65-487C-A942-84ED637254EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-12] (Google Inc.)
Task: {15F8927F-4318-4888-B960-C89F90BA1B28} - System32\Tasks\Digital Sites => C:\Users\McFragga\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2014-10-14] () <==== ATTENTION
Task: {17DB5DA7-E988-44AE-AB2C-98D70A5A8633} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {2422E5EE-B8E2-4B62-900B-084EC6CE2DE8} - System32\Tasks\Plus-HD-1.5-firefoxinstaller => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-firefoxinstaller.exe [2013-05-14] (Plus HD)
Task: {3585A647-2C8F-4432-8EE9-7C501CDC6AD5} - System32\Tasks\Plus-HD-1.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-chromeinstaller.exe [2013-05-14] (Plus HD)
Task: {50EB08C1-2BE4-401A-A39A-EEB71475708F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {51DC325F-DFBF-4A62-A1A3-45976BBAA68E} - System32\Tasks\WSE_Astromenda => C:\Users\McFragga\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-10-14] ()
Task: {562C9D00-CB77-4E30-81DF-0F87923B1745} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {5942EF52-EFC3-4D1E-AECD-4901C15AAADA} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {5955EA35-8C15-41CD-8582-AAFB1DAF429B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {63A57FDB-9D27-48EA-A8D5-4680529A863F} - System32\Tasks\Plus-HD-1.5-codedownloader => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-codedownloader.exe [2013-05-14] (Plus HD)
Task: {733E1F44-A9E0-4061-BA13-42F16D849190} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07] (Google Inc.)
Task: {8839E719-B13E-4010-B7A5-7131B6E2DC36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-12] (Google Inc.)
Task: {883D703D-9725-4389-A507-E0914173EC66} - \Advanced System Protector No Task File <==== ATTENTION
Task: {8A2A2F3E-899F-4A99-ADF8-3D56E710C7A3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07] (Google Inc.)
Task: {A2847807-FAE3-439E-89D8-39496EF97309} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {A29CAD6C-1915-431F-9967-3128CA1DAA02} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {A310D942-86A8-4780-A88D-45B4D331A9A2} - System32\Tasks\Tempo Runner zoomifyD32 => C:\ProgramData\zoomify2\1.1.0.25\zoomify.exe [2014-10-03] (Zoomify Agent)
Task: {AA69AB02-BDBE-4735-8011-5D6E1B2A5FB2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {AAB4BF25-34FF-4FBB-B15D-5F261BC1922D} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {C7FEB900-B033-45B2-8E36-0985BE6797DC} - System32\Tasks\{9680CA09-5094-46F9-BDCC-22EAD944BC40} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
Task: {CC567FF9-96E8-48A3-A156-85EE97018B9D} - System32\Tasks\Plus-HD-1.5-updater => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-updater.exe [2013-05-14] (Plus HD)
Task: {E54E7B24-90CE-44B9-9E35-418C27878ADB} - \RegClean Pro No Task File <==== ATTENTION
Task: {EAA691B8-7C8B-40DE-8535-3E8B6539164F} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\McFragga\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-1.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.5-enabler.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.5-updater.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Tempo Runner wzoomifyd.job => C:\PROGRA~3\zoomify2\1.1.0.25\wzoomifyd.exe
Task: C:\Windows\Tasks\Tempo Runner zoomifyD32.job => C:\PROGRA~3\zoomify2\1.1.0.25\zoomifyD32.exe
Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\McFragga\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe
==================== Loaded Modules (whitelisted) =============
2012-02-08 23:56 - 2005-03-12 03:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-11-15 20:31 - 2009-11-15 20:31 - 00050688 _____ () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00026624 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00119296 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034816 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2009-11-15 20:25 - 2009-11-15 20:25 - 00019456 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2009-11-15 20:28 - 2009-11-15 20:28 - 00948224 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00030720 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034304 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00028160 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2009-11-15 20:26 - 2009-11-15 20:26 - 00690688 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2014-08-07 11:35 - 2014-08-07 11:35 - 00435696 _____ () C:\Program Files (x86)\Search\WebSearch.exe
2011-12-10 00:01 - 2011-12-10 00:01 - 00041472 _____ () C:\Program Files (x86)\MyPhoneExplorer\DLL\mpe_gadget_connector_net.dll
2014-08-28 17:17 - 2014-07-22 22:46 - 03356480 _____ () C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe
2009-10-14 13:36 - 2009-10-14 13:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 13:34 - 2009-10-14 13:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-10-14 09:31 - 2014-10-14 09:31 - 01074688 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
2012-09-24 17:47 - 2012-09-24 17:47 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll
2012-09-24 17:48 - 2012-09-24 17:48 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
2012-09-24 17:48 - 2012-09-24 17:48 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
2013-05-11 17:09 - 2013-05-11 17:09 - 00851456 _____ () C:\Users\McFragga\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2014-10-14 08:59 - 2014-10-14 08:59 - 00098816 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32api.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00110080 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\pywintypes27.dll
2014-10-14 08:59 - 2014-10-14 08:59 - 00364544 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\pythoncom27.dll
2014-10-14 08:59 - 2014-10-14 08:59 - 00045568 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\_socket.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 01160704 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\_ssl.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00320512 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32com.shell.shell.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00713216 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\_hashlib.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 01175040 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._core_.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00805888 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._gdi_.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00811008 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._windows_.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 01062400 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._controls_.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00735232 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._misc_.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00128512 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\_elementtree.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00127488 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\pyexpat.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00557056 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\pysqlite2._sqlite.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00007168 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\hashobjs_ext.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00087552 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\_ctypes.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00119808 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32file.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00108544 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32security.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00018432 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32event.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00038912 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32inet.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00070656 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._html2.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00167936 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32gui.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00011264 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32crypt.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00027136 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\_multiprocessing.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00686080 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\unicodedata.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00122368 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._wizard.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00010240 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\select.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00024064 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32pipe.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00025600 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32pdh.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00525640 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\windows._lib_cacheinvalidation.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00035840 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32process.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00017408 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32profile.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00022528 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\win32ts.pyd
2014-10-14 08:59 - 2014-10-14 08:59 - 00078336 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26962\wx._animate.pyd
2012-03-31 13:34 - 2012-03-18 12:07 - 02347520 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtCore4.dll
2012-03-31 13:34 - 2012-03-18 12:10 - 08499712 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtGui4.dll
2014-01-29 22:47 - 2012-07-24 00:13 - 00357888 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtXml4.dll
2012-03-31 14:07 - 2012-01-15 17:50 - 00370688 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\libsndfile.dll
2012-03-31 14:07 - 2012-01-15 17:50 - 00390656 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\lame_enc.dll
2012-03-31 14:07 - 2012-03-18 12:07 - 00863744 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtNetwork4.dll
2012-03-31 14:07 - 2012-03-18 12:07 - 00026624 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\imageformats\qgif4.dll
2012-03-31 14:07 - 2012-03-18 12:07 - 00200704 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\imageformats\qjpeg4.dll
2014-09-25 10:43 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 10:43 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 10:43 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 10:43 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
2014-09-25 10:43 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 10:43 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Access Manager.lnk => C:\Windows\pss\Access Manager.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Browser companion helper => C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3
MSCONFIG\startupreg: Control Center => C:\Program Files (x86)\LevelOne\MFP Server Control Center\Control Center.exe -mini
MSCONFIG\startupreg: Facebook Update => "C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Quick Search Box => "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IWONGIE Browser Plugin Loader => C:\PROGRA~2\IWONGIE\bar\1.bin\vrbrmon.exe
MSCONFIG\startupreg: Linkury Chrome Smartbar => C:\Program Files (x86)\Linkury\Linkury.exe startup
MSCONFIG\startupreg: Logitech Vid HD => "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: PlusService => C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-4088157530-2470593686-3206213926-500 - Administrator - Disabled)
Bibi (S-1-5-21-4088157530-2470593686-3206213926-1001 - Limited - Enabled)
Gast (S-1-5-21-4088157530-2470593686-3206213926-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4088157530-2470593686-3206213926-1003 - Limited - Enabled)
McFragga (S-1-5-21-4088157530-2470593686-3206213926-1000 - Administrator - Enabled) => C:\Users\McFragga
Präsentation (S-1-5-21-4088157530-2470593686-3206213926-1030 - Limited - Enabled) => C:\Users\Präsentation
SophosSAUFRAGGA-TOP0 (S-1-5-21-4088157530-2470593686-3206213926-1005 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Master Bus of Kernel USB Software Bus by TCP
Description: Master Bus of Kernel USB Software Bus by TCP
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: LevelOne Corporation
Service: KUSBusByTCPMasterBus
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #3
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #2
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #5
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Shrew Soft Virtual Adapter #4
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/14/2014 08:58:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: zoomify.exe, Version: 1.1.0.25, Zeitstempel: 0x542e45df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00700072
ID des fehlerhaften Prozesses: 0xaec
Startzeit der fehlerhaften Anwendung: 0xzoomify.exe0
Pfad der fehlerhaften Anwendung: zoomify.exe1
Pfad des fehlerhaften Moduls: zoomify.exe2
Berichtskennung: zoomify.exe3
Error: (10/14/2014 08:58:37 AM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: DNS Lookup schlug bei Auflösung folgender Adressen fehl: fhk-av-update.%%3
Error: (10/13/2014 05:17:43 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: DNS Lookup schlug bei Auflösung folgender Adressen fehl: fhk-av-update.%%3
Error: (10/11/2014 02:03:54 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: DNS Lookup schlug bei Auflösung folgender Adressen fehl: fhk-av-update.%%3
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (10/10/2014 05:13:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 05:13:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
System errors:
=============
Error: (10/14/2014 10:54:54 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (10/14/2014 10:54:49 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (10/14/2014 10:54:44 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (10/14/2014 08:58:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "zoomify" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/13/2014 11:28:32 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (10/13/2014 05:33:17 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (10/10/2014 05:13:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/10/2014 05:13:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (10/10/2014 05:11:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/10/2014 05:11:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Search erreicht.
Microsoft Office Sessions:
=========================
Error: (10/14/2014 08:58:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: zoomify.exe1.1.0.25542e45dfunknown0.0.0.000000000c000000500700072aec01cfe77c46828a1fC:\PROGRA~3\zoomify2\1.1.0.25\zoomify.exeunknown8b82d158-536f-11e4-bf0b-904ce5ff519e
Error: (10/14/2014 08:58:37 AM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: fhk-av-update
Error: (10/13/2014 05:17:43 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: fhk-av-update
Error: (10/11/2014 02:03:54 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: fhk-av-update
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/10/2014 05:13:22 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (10/10/2014 05:13:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (10/10/2014 05:13:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 3066.96 MB
Available physical RAM: 1134.44 MB
Total Pagefile: 3960.14 MB
Available Pagefile: 1113.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:137.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 7C83D076)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
14.10.2014, 11:29
| #2 |
| /// the machine /// TB-Ausbilder    | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung hi,
__________________Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ |
|
14.10.2014, 12:32
| #3 |
| | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Combofix Log:
__________________Code:
ATTFilter ComboFix 14-10-13.01 - McFragga 14.10.2014 13:07:25.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3067.1711 [GMT 2:00]
ausgeführt von:: c:\users\McFragga\Downloads\ComboFix.exe
AV: Sophos Anti-Virus *Disabled/Updated* {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
SP: Sophos Anti-Virus *Disabled/Updated* {D0CA1913-188C-B293-ABD7-B72CB1814094}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\BCHelper.exe
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\IWONGEI\Installr\1.bin
c:\programdata\Microsoft\Windows\Start Menu\Programs\PremierOpinion
c:\programdata\Microsoft\Windows\Start Menu\Programs\PremierOpinion\About PremierOpinion.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\PremierOpinion\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\PremierOpinion\Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\PremierOpinion\Uninstall Instructions.lnk
c:\users\McFragga\AppData\Local\Temp\_MEI26962\_ctypes.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\_elementtree.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\_hashlib.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\_multiprocessing.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\_socket.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\_ssl.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\hashobjs_ext.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\pyexpat.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\pysqlite2._sqlite.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\python27.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\pythoncom27.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\PyWinTypes27.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\select.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\unicodedata.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32api.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32com.shell.shell.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32crypt.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32event.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32file.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32gui.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32inet.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32pdh.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32pipe.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32process.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32profile.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32security.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\win32ts.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\windows._lib_cacheinvalidation.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._animate.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._controls_.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._core_.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._gdi_.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._html2.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._misc_.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._windows_.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wx._wizard.pyd
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wxbase294u_net_vc90.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wxbase294u_vc90.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wxmsw294u_adv_vc90.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wxmsw294u_core_vc90.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wxmsw294u_html_vc90.dll
c:\users\McFragga\AppData\Local\Temp\_MEI26962\wxmsw294u_webview_vc90.dll
c:\users\McFragga\AppData\Roaming\Desktopicon
c:\users\McFragga\AppData\Roaming\winxrar
c:\users\McFragga\AppData\Roaming\winxrar\dot.gif
c:\users\McFragga\AppData\Roaming\winxrar\htmlayout.dll
c:\users\McFragga\AppData\Roaming\winxrar\key
c:\users\McFragga\AppData\Roaming\winxrar\left.png
c:\users\McFragga\AppData\Roaming\winxrar\rules.css
c:\users\McFragga\AppData\Roaming\winxrar\s.htm
c:\users\McFragga\AppData\Roaming\winxrar\sview
c:\windows\SysWow64\tempdir
c:\windows\SysWow64\tempdir\tinypdf.chm
c:\windows\SysWow64\tempdir\tinypdf.dll
c:\windows\SysWow64\tempdir\tinypdf1.dll
c:\windows\SysWow64\tempdir\tinypdf2.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-09-14 bis 2014-10-14 ))))))))))))))))))))))))))))))
.
.
2014-10-14 11:23 . 2014-10-14 11:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-14 09:54 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{013E6EF7-8D3E-43AB-8480-F3F8D2B85EA6}\mpengine.dll
2014-10-14 07:38 . 2014-10-14 09:27 -------- d-----w- C:\FRST
2014-10-14 07:31 . 2014-10-14 07:32 -------- d-----w- c:\users\McFragga\AppData\Roaming\WSE_Astromenda
2014-10-14 07:31 . 2014-10-14 08:01 -------- d-----w- c:\users\McFragga\AppData\Roaming\Systweak
2014-10-14 07:31 . 2014-08-29 15:02 20296 ----a-w- c:\windows\system32\roboot64.exe
2014-10-14 07:31 . 2014-10-14 10:43 -------- d-----w- c:\users\McFragga\AppData\Roaming\DigitalSites
2014-10-14 07:31 . 2014-10-14 07:31 -------- d-----w- c:\users\McFragga\AppData\Roaming\1H1Q
2014-10-14 07:15 . 2014-10-14 10:36 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-10-13 21:18 . 2014-10-13 21:19 -------- d-----w- c:\users\Präsentation
2014-10-08 15:46 . 2014-10-08 15:47 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2014-10-07 16:27 . 2014-10-07 16:27 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2014-10-07 13:43 . 2014-10-07 13:43 -------- d-----w- C:\zoomify
2014-10-07 13:40 . 2014-10-07 13:40 -------- d-----w- C:\dgTemp
2014-10-01 05:59 . 2014-10-01 05:59 -------- d-----w- c:\program files\HitmanPro
2014-10-01 05:43 . 2014-10-03 08:47 -------- d-----w- c:\programdata\HitmanPro
2014-10-01 05:42 . 2014-10-07 13:40 -------- d-----w- c:\programdata\zoomify2
2014-09-30 10:41 . 2006-05-29 00:00 16384 ----a-r- c:\windows\SysWow64\avmprmon.dll
2014-09-30 10:41 . 2006-01-20 11:43 55808 ----a-r- c:\windows\SysWow64\avmadd32.dll
2014-09-30 10:41 . 2014-09-30 10:41 -------- d-----w- c:\program files (x86)\FRITZ!Box
2014-09-26 22:47 . 2014-09-26 22:47 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-24 06:56 . 2013-06-18 21:08 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 06:56 . 2013-06-18 21:08 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-15 07:06 . 2009-12-09 14:12 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-10 09:30 . 2009-12-11 22:41 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-23 02:07 . 2014-08-27 18:17 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 18:17 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-27 18:17 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-20 20:02 . 2011-03-28 16:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-19 18:05 . 2014-09-12 13:40 374968 ----a-w- c:\windows\system32\iedkcs32.dll
2014-08-18 23:01 . 2014-09-12 13:40 23591424 ----a-w- c:\windows\system32\mshtml.dll
2014-08-18 22:29 . 2014-09-12 13:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-08-18 22:29 . 2014-09-12 13:40 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-08-18 22:20 . 2014-09-12 13:40 2793984 ----a-w- c:\windows\system32\iertutil.dll
2014-08-18 22:19 . 2014-09-12 13:40 5833728 ----a-w- c:\windows\system32\jscript9.dll
2014-08-18 22:15 . 2014-09-12 13:40 547328 ----a-w- c:\windows\system32\vbscript.dll
2014-08-18 22:15 . 2014-09-12 13:40 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-08-18 22:14 . 2014-09-12 13:40 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-08-18 22:14 . 2014-09-12 13:40 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-08-18 22:08 . 2014-09-12 13:40 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-08-18 22:08 . 2014-09-12 13:40 4232704 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-08-18 22:08 . 2014-09-12 13:40 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-08-18 22:05 . 2014-09-12 13:40 596480 ----a-w- c:\windows\system32\ieui.dll
2014-08-18 22:03 . 2014-09-12 13:40 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-08-18 22:03 . 2014-09-12 13:40 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-08-18 22:03 . 2014-09-12 13:40 758272 ----a-w- c:\windows\system32\jscript9diag.dll
2014-08-18 21:57 . 2014-09-12 13:40 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-08-18 21:56 . 2014-09-12 13:40 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-08-18 21:51 . 2014-09-12 13:40 446464 ----a-w- c:\windows\system32\dxtmsft.dll
2014-08-18 21:46 . 2014-09-12 13:40 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-08-18 21:45 . 2014-09-12 13:40 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-08-18 21:45 . 2014-09-12 13:40 72704 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 21:44 . 2014-09-12 13:40 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44 . 2014-09-12 13:40 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-08-18 21:40 . 2014-09-12 13:40 195584 ----a-w- c:\windows\system32\msrating.dll
2014-08-18 21:39 . 2014-09-12 13:40 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-08-18 21:38 . 2014-09-12 13:40 289280 ----a-w- c:\windows\system32\dxtrans.dll
2014-08-18 21:36 . 2014-09-12 13:40 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-08-18 21:35 . 2014-09-12 13:40 597504 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-08-18 21:25 . 2014-09-12 13:40 727040 ----a-w- c:\windows\system32\msfeeds.dll
2014-08-18 21:25 . 2014-09-12 13:40 707072 ----a-w- c:\windows\system32\ie4uinit.exe
2014-08-18 21:23 . 2014-09-12 13:40 2104832 ----a-w- c:\windows\system32\inetcpl.cpl
2014-08-18 21:23 . 2014-09-12 13:40 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-08-18 21:22 . 2014-09-12 13:40 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:16 . 2014-09-12 13:40 13588480 ----a-w- c:\windows\system32\ieframe.dll
2014-08-18 21:15 . 2014-09-12 13:40 2310656 ----a-w- c:\windows\system32\wininet.dll
2014-08-18 21:08 . 2014-09-12 13:40 2014208 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-08-18 21:07 . 2014-09-12 13:40 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:55 . 2014-09-12 13:40 1447424 ----a-w- c:\windows\system32\urlmon.dll
2014-08-18 20:46 . 2014-09-12 13:40 1812992 ----a-w- c:\windows\SysWow64\wininet.dll
2014-08-18 20:38 . 2014-09-12 13:40 775168 ----a-w- c:\windows\system32\ieapfltr.dll
2014-08-12 14:41 . 2014-08-12 14:41 38144 ----a-w- c:\windows\system32\drivers\sdcfilter.sys
2014-08-12 14:41 . 2014-08-12 14:41 27904 ----a-w- c:\windows\system32\drivers\SophosBootDriver.sys
2014-08-12 14:41 . 2014-08-12 14:41 176120 ----a-w- c:\windows\system32\sdccoinstaller.dll
2014-08-12 14:41 . 2014-08-12 14:44 35624 ----a-w- c:\windows\system32\SophosBootTasks.exe
2014-08-12 14:40 . 2014-08-12 14:40 158976 ----a-w- c:\windows\system32\drivers\savonaccess.sys
2014-07-31 13:23 . 2014-07-31 13:23 352256 ----a-w- c:\windows\SysWow64\update1.dll
2014-07-25 10:55 . 2014-09-03 11:27 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-12 18:09 . 2014-10-13 15:31 40251 c:\programdata\Messenger Plus!\winks\bak\BuiltinFeeds.xml
2014-10-03 08:31 . 2014-10-14 06:59 40251 c:\programdata\Messenger Plus!\winks\BuiltinFeeds.xml
.
2012-04-01 15:40 . 2012-12-29 10:49 40251 c:\programdata\Messenger Plus! for Skype\Winks\bak\BuiltinFeeds.xml
2012-06-08 05:29 . 2012-12-29 14:03 40251 c:\programdata\Messenger Plus! for Skype\Winks\BuiltinFeeds.xml
.
2012-12-30 12:26 . 2014-10-13 15:32 53474 c:\programdata\Messenger Plus! for Skype\Winks\bak\BuiltinFeedsEx.xml
2014-10-09 15:37 . 2014-10-14 07:01 53474 c:\programdata\Messenger Plus! for Skype\Winks\BuiltinFeedsEx.xml
.
2012-02-12 18:09 . 2014-10-13 15:31 40251 c:\users\All Users\Messenger Plus!\winks\bak\BuiltinFeeds.xml
2014-10-03 08:31 . 2014-10-14 06:59 40251 c:\users\All Users\Messenger Plus!\winks\BuiltinFeeds.xml
.
2012-04-01 15:40 . 2012-12-29 10:49 40251 c:\users\All Users\Messenger Plus! for Skype\Winks\bak\BuiltinFeeds.xml
2012-06-08 05:29 . 2012-12-29 14:03 40251 c:\users\All Users\Messenger Plus! for Skype\Winks\BuiltinFeeds.xml
.
2012-12-30 12:26 . 2014-10-13 15:32 53474 c:\users\All Users\Messenger Plus! for Skype\Winks\bak\BuiltinFeedsEx.xml
2014-10-09 15:37 . 2014-10-14 07:01 53474 c:\users\All Users\Messenger Plus! for Skype\Winks\BuiltinFeedsEx.xml
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d6995d07-cd9b-4cc0-a22a-9e14684d6d64}]
2011-02-16 23:43 675840 ----a-w- c:\progra~2\IWONGIE\bar\1.bin\vrbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{f0f3f55e-edfc-4ed4-affb-bcaf081ddeba}]
2011-02-16 23:43 53248 ----a-w- c:\program files (x86)\IWONGIE\bar\1.bin\vrSrcAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{43a3055a-6ff3-4aa5-90e6-18a10297cb53}"= "c:\program files (x86)\IWONGIE\bar\1.bin\vrbar.dll" [2011-02-16 675840]
.
[HKEY_CLASSES_ROOT\clsid\{43a3055a-6ff3-4aa5-90e6-18a10297cb53}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ManyCam"="C:/Program Files (x86)/ManyCam/ManyCam.exe --silent" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"fsm"="" [N/A]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"ICQ"="c:\users\McFragga\AppData\Roaming\ICQM\icq.exe" [2013-05-11 27598184]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-04-05 39408]
"googletalk"="c:\users\McFragga\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-08-08 22734160]
"Amazon Music"="c:\users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-07-22 3356480]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-08-27 22041192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2014-02-23 811520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"MessengerPlusForSkypeService"="c:\program files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [2014-08-05 132096]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2014-08-12 1617704]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"DelTr13706591"="rd" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0bootdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DailytoolsUpdateService;DailytoolsUpdateService;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 gupdate1ca7aae5ec8cafa;Google Update Service (gupdate1ca7aae5ec8cafa);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
R2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [x]
R2 SAVAdminService;Sophos Anti-Virus Statusreporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [x]
R2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [x]
R2 Sophos Web Control Service;Sophos Web Control Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [x]
R2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [x]
R2 swi_update_64;Sophos Web Intelligence Update;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe [x]
R3 AVEO;STARTEC UVC Driver;c:\windows\system32\DRIVERS\AVEOdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\AVEOdcnt.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 KUSBusByTCP;%KUSBusByUSB.SvcDesc%;c:\windows\system32\Drivers\KUSBusByTCP.sys;c:\windows\SYSNATIVE\Drivers\KUSBusByTCP.sys [x]
R3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP;c:\windows\system32\Drivers\KUSBusByTCPMasterBus.sys;c:\windows\SYSNATIVE\Drivers\KUSBusByTCPMasterBus.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam S5500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 MsgPlusDriver;Messenger Plus! Virtual Camera;c:\windows\system32\DRIVERS\MsgPlusDriver.sys;c:\windows\SYSNATIVE\DRIVERS\MsgPlusDriver.sys [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 sdcfilter;sdcfilter;c:\windows\system32\DRIVERS\sdcfilter.sys;c:\windows\SYSNATIVE\DRIVERS\sdcfilter.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x]
R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys;c:\windows\SYSNATIVE\DRIVERS\SophosBootDriver.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys;c:\windows\SYSNATIVE\DRIVERS\savonaccess.sys [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x]
S2 dtpd;ShrewSoft DNS Proxy Daemon;c:\program files\ShrewSoft\VPN Client\dtpd.exe;c:\program files\ShrewSoft\VPN Client\dtpd.exe [x]
S2 iked;ShrewSoft IKE Daemon;c:\program files\ShrewSoft\VPN Client\iked.exe;c:\program files\ShrewSoft\VPN Client\iked.exe [x]
S2 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\ShrewSoft\VPN Client\ipsecd.exe;c:\program files\ShrewSoft\VPN Client\ipsecd.exe [x]
S2 IWONGIEService;IWON Service;c:\progra~2\IWONGIE\bar\1.bin\vrbarsvc.exe;c:\progra~2\IWONGIE\bar\1.bin\vrbarsvc.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S2 MessengerPlus;MessengerPlus Ptc;c:\program files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe;c:\program files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe [x]
S2 MsgPlusService_1;Messenger Plus! Service_1;c:\program files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe;c:\program files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 Search;Search;c:\program files (x86)\Search\WebSearch.exe;c:\program files (x86)\Search\WebSearch.exe [x]
S2 wzoomifyd;wzoomifyd;c:\progra~3\zoomify2\1.1.0.25\wzoomifyd.exe;c:\progra~3\zoomify2\1.1.0.25\wzoomifyd.exe [x]
S2 zoomify;zoomify;c:\progra~3\zoomify2\1.1.0.25\zoomify.exe;c:\progra~3\zoomify2\1.1.0.25\zoomify.exe [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5v64.sys [x]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2mdgx64.sys [x]
S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2sdgx64.sys [x]
S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys;c:\windows\SYSNATIVE\DRIVERS\OEM13Vfx.sys [x]
S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys;c:\windows\SYSNATIVE\DRIVERS\OEM13Vid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Update-Service-Installer-Service REG_MULTI_SZ Update-Service-Installer-Service
DailytoolsInstallerService REG_MULTI_SZ DailytoolsInstallerService
DailytoolsUpdateService REG_MULTI_SZ DailytoolsUpdateService
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 08:37 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-18 06:56]
.
2014-10-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
- c:\users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-21 15:37]
.
2014-10-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
- c:\users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-21 15:37]
.
2014-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 22:07]
.
2014-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11 22:07]
.
2014-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
- c:\users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07 12:56]
.
2014-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
- c:\users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07 12:56]
.
2014-10-14 c:\windows\Tasks\Plus-HD-1.5-chromeinstaller.job
- c:\program files (x86)\Plus-HD-1.5\Plus-HD-1.5-chromeinstaller.exe [2013-05-14 04:03]
.
2014-10-14 c:\windows\Tasks\Plus-HD-1.5-codedownloader.job
- c:\program files (x86)\Plus-HD-1.5\Plus-HD-1.5-codedownloader.exe [2013-05-14 04:03]
.
2014-10-14 c:\windows\Tasks\Plus-HD-1.5-firefoxinstaller.job
- c:\program files (x86)\Plus-HD-1.5\Plus-HD-1.5-firefoxinstaller.exe [2013-05-14 04:03]
.
2014-10-14 c:\windows\Tasks\Plus-HD-1.5-updater.job
- c:\program files (x86)\Plus-HD-1.5\Plus-HD-1.5-updater.exe [2013-05-14 04:04]
.
2014-10-13 c:\windows\Tasks\Tempo Runner wzoomifyd.job
- c:\progra~3\zoomify2\1.1.0.25\wzoomifyd.exe [2014-10-07 07:44]
.
2014-10-14 c:\windows\Tasks\Tempo Runner zoomifyD32.job
- c:\progra~3\zoomify2\1.1.0.25\zoomify.exe [2014-10-07 07:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-29 309248]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>;www.joosoft.com
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE: Free YouTube Download - c:\users\McFragga\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to Mp3 Converter - c:\users\McFragga\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{458B23B6-5E12-4AD2-8CC2-7027F9D37F5A}: NameServer = 139.6.1.2,139.6.1.66
TCP: Interfaces\{6743AA9F-FAEA-4219-8182-FEF7A00B184D}: NameServer = 139.6.1.2,139.6.1.66
TCP: Interfaces\{DC957AEE-BF7B-41E4-BE48-72E484240555}: NameServer = 139.6.1.2,139.6.1.66
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - (no file)
Toolbar-Locked - (no file)
Toolbar-{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - (no file)
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Sophos Message Router]
"ImagePath"="\"c:\program files (x86)\Sophos\Remote Management System\RouterNT.exe\" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-10-14 13:28:21
ComboFix-quarantined-files.txt 2014-10-14 11:28
.
Vor Suchlauf: 19 Verzeichnis(se), 146.607.017.984 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 160.579.403.776 Bytes frei
.
- - End Of File - - D604AEDEAED246A21AA410EDE85B1CA5
5C616939100B85E558DA92B899A0FC36
|
|
14.10.2014, 13:33
| #4 |
| | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Problem ist nur soweit behoben, dass das Problem mit den unterstrichenen Wörtern gelöst ist, die Werbung ist immer noch mit den Tabs da, aber nich mehr so stark. Hier ein neuer Scan: FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by McFragga (administrator) on FRAGGA-TOP on 14-10-2014 14:20:24
Running from C:\Users\McFragga\Downloads
Loaded Profile: McFragga (Available profiles: McFragga & Präsentation)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(IWON) C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbarsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(MessengerPlus®) C:\Program Files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Program Files (x86)\Search\WebSearch.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\wzoomifyd.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomify.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(ICQ) C:\Users\McFragga\AppData\Roaming\ICQM\icq.exe
(Google) C:\Users\McFragga\AppData\Roaming\Google\Google Talk\googletalk.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyl64.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyl32.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyd32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyl64.exe
(Zoomify Agent) C:\ProgramData\zoomify2\1.1.0.25\zoomifyd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [309248 2009-06-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [PlusService] => C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [811520 2014-02-23] (Yuna Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [MessengerPlusForSkypeService] => C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [132096 2014-08-06] (Yuna Software)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-08-12] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [ICQ] => C:\Users\McFragga\AppData\Roaming\ICQM\icq.exe [27598184 2013-05-11] (ICQ)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-05] ()
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [googletalk] => C:\Users\McFragga\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [ManyCam] => "C:/Program Files (x86)/ManyCam/ManyCam.exe" --silent
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [Amazon Music] => C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe [3356480 2014-07-22] ()
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB4688] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD6875] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB8749] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4912] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB182] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9342] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB7454] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD3285] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB1874] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD8937] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB3705] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9179] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB6450] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4325] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB2813] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Policies\Explorer: [NoInstrumentation] 1
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-08-12] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-08-12] (Sophos Limited)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
URLSearchHook: HKLM-x32 - (No Name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm217YYde&ptb=46379E51-C98F-49A5-A0A4-0180ECF8CC05&psa=&ind=2011021618&ptnrS=ZVxdm217YYde&si=xDE&st=sb&n=77ddc132&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKCU - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm217YYde&ptb=46379E51-C98F-49A5-A0A4-0180ECF8CC05&psa=&ind=2011021618&ptnrS=ZVxdm217YYde&si=xDE&st=sb&n=77ddc132&searchfor={searchTerms}
SearchScopes: HKCU - {B6D6AC4C-0CEE-4A2C-BAE1-E1E20BB33231} URL =
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Toolbar BHO -> {d6995d07-cd9b-4cc0-a22a-9e14684d6d64} -> C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbar.dll (IWON)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Assistant BHO -> {f0f3f55e-edfc-4ed4-affb-bcaf081ddeba} -> C:\Program Files (x86)\IWONGIE\bar\1.bin\vrSrcAs.dll (IWON)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
Toolbar: HKLM-x32 - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - IWON - {43a3055a-6ff3-4aa5-90e6-18a10297cb53} - C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbar.dll (IWON)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://zone.msn.com/bingame/luxr/default/mjolauncher.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Winsock: Catalog5 10 C:\Windows\system32\d3dy61rko.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{458B23B6-5E12-4AD2-8CC2-7027F9D37F5A}: [NameServer] 139.6.1.2,139.6.1.66
Tcpip\..\Interfaces\{6743AA9F-FAEA-4219-8182-FEF7A00B184D}: [NameServer] 139.6.1.2,139.6.1.66
Tcpip\..\Interfaces\{DC957AEE-BF7B-41E4-BE48-72E484240555}: [NameServer] 139.6.1.2,139.6.1.66
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=0.9.8a -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @bittorrent.com/BitTorrentDNA -> C:\Users\McFragga\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\McFragga\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\McFragga\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\McFragga\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\McFragga\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\McFragga\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\McFragga\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Toolbar fuer eBay - C:\Program Files (x86)\Mozilla Firefox\extensions\ebay.xpi [2008-09-09]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{6E19037A-12E3-4295-8915-ED48BC341614}] - C:\Program Files (x86)\PremierOpinion
FF HKCU\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\McFragga\Program Files (x86)\DNA
FF Extension: DNA - C:\Users\McFragga\Program Files (x86)\DNA [2010-08-26]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Plus-HD-1.5) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm [2013-06-18]
CHR Extension: (Google Docs) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-18]
CHR Extension: (Google Drive) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-28]
CHR Extension: (Google-Suche) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-18]
CHR Extension: (Monster Trucks 360) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahlnbcfknpidmnoildgnpkmcocdhap [2014-03-23]
CHR Extension: (Monster Trucks) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjjlpfkbombmfgjkagbdnjjhfpocpjpe [2014-03-20]
CHR Extension: (Google Wallet) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-18]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\McFragga\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-03]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [bgpdpaleocmcbkehebpiihkpddggpoif] - C:\Users\McFragga\AppData\Local\Temp\bgpdpaleocmcbkehebpiihkpddggpoif.crx [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DailytoolsUpdateService; C:\Windows\SysWOW64\update1.dll [352256 2014-07-31] (Dailytools GmbH) [File not signed]
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [50688 2009-11-15] () [File not signed]
S2 gupdate1ca7aae5ec8cafa; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-12-12] (Google Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-01] (SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [948224 2009-11-15] () [File not signed]
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [690688 2009-11-15] () [File not signed]
R2 IWONGIEService; C:\Program Files (x86)\IWONGIE\bar\1.bin\vrbarsvc.exe [28766 2011-02-17] (IWON) [File not signed]
R2 MessengerPlus; C:\Program Files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe [7275376 2014-04-01] (MessengerPlus®)
R2 MsgPlusService_1; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [132096 2014-08-06] (Yuna Software) [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-08-12] (Sophos Limited)
S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-08-12] (Sophos Limited)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Search; C:\Program Files (x86)\Search\WebSearch.exe [435696 2014-08-07] ()
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2012-09-24] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-08-12] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2012-09-24] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-08-12] (Sophos Limited)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\STacSV64.exe [240128 2009-07-15] (IDT, Inc.)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-08-12] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-08-12] (Sophos Limited)
R2 wzoomifyd; C:\ProgramData\zoomify2\1.1.0.25\wzoomifyd.exe [161792 2014-10-03] (Zoomify Agent) [File not signed]
R2 zoomify; C:\ProgramData\zoomify2\1.1.0.25\zoomify.exe [458752 2014-10-03] (Zoomify Agent) [File not signed]
S2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
S3 KUSBusByTCP; C:\Windows\SysWOW64\Drivers\KUSBusByTCP.sys [121880 2007-07-20] (Windows (R) Codename Longhorn DDK provider)
S3 KUSBusByTCPMasterBus; C:\Windows\SysWOW64\Drivers\KUSBusByTCPMasterBus.sys [66584 2007-07-20] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [48800 2009-05-07] (O2Micro )
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [267296 2008-05-28] (Creative Technology Ltd.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-08-12] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-08-12] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-08-12] (Sophos Limited)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-14 13:43 - 2014-10-14 13:43 - 00000304 _____ () C:\Windows\system32\TemporarFileConfiguration
2014-10-14 13:28 - 2014-10-14 13:28 - 00038301 _____ () C:\ComboFix.txt
2014-10-14 13:04 - 2014-10-14 13:28 - 00000000 ____D () C:\Qoobox
2014-10-14 13:04 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-14 13:04 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-14 13:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-14 13:03 - 2014-10-14 13:24 - 00000000 ____D () C:\Windows\erdnt
2014-10-14 12:55 - 2014-10-14 12:55 - 05582915 ____R (Swearware) C:\Users\McFragga\Downloads\ComboFix.exe
2014-10-14 12:35 - 2014-10-14 12:35 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\McFragga\Downloads\revosetup95 (1).exe
2014-10-14 11:26 - 2014-10-14 11:27 - 00054330 _____ () C:\Users\McFragga\Downloads\Addition(2).txt
2014-10-14 10:31 - 2014-10-14 12:32 - 00000096 _____ () C:\Users\McFragga\AppData\Roaming\WB.CFG
2014-10-14 10:14 - 2014-10-14 10:14 - 00055636 _____ () C:\Users\McFragga\Desktop\FRST.txt
2014-10-14 09:40 - 2014-10-14 09:46 - 00054856 _____ () C:\Users\McFragga\Downloads\Addition(1).txt
2014-10-14 09:38 - 2014-10-14 14:20 - 00033451 _____ () C:\Users\McFragga\Downloads\FRST.txt
2014-10-14 09:38 - 2014-10-14 14:20 - 00000000 ____D () C:\FRST
2014-10-14 09:33 - 2014-10-14 09:33 - 02110464 _____ (Farbar) C:\Users\McFragga\Downloads\FRST64.exe
2014-10-14 09:32 - 2014-10-14 09:32 - 00003318 _____ () C:\Windows\System32\Tasks\ASP
2014-10-14 09:31 - 2014-10-14 12:43 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\DigitalSites
2014-10-14 09:31 - 2014-10-14 10:01 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Systweak
2014-10-14 09:31 - 2014-10-14 09:32 - 00000280 _____ () C:\Users\McFragga\Desktop\Cut the Rope.url
2014-10-14 09:31 - 2014-10-14 09:31 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\1H1Q
2014-10-14 09:31 - 2014-08-29 17:02 - 00020296 _____ () C:\Windows\system32\roboot64.exe
2014-10-14 09:29 - 2014-10-14 09:29 - 00712224 _____ ( ) C:\Users\McFragga\Downloads\FileExtractorSetup.exe
2014-10-14 09:15 - 2014-10-14 12:36 - 00001288 _____ () C:\Users\McFragga\Desktop\Revo Uninstaller.lnk
2014-10-14 09:15 - 2014-10-14 12:36 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-14 09:10 - 2014-10-14 09:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\McFragga\Downloads\revosetup95.exe
2014-10-14 09:00 - 2014-10-14 09:00 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{EC522005-A896-4EDF-93A7-53B962ED6124}
2014-10-13 23:29 - 2014-10-13 23:29 - 00000196 _____ () C:\Windows\Tasks\Tempo Runner wzoomifyd.job
2014-10-13 23:21 - 2014-10-13 23:21 - 00001315 _____ () C:\Users\Präsentation\Desktop\ELT2 - Verknüpfung.lnk
2014-10-13 23:19 - 2014-10-13 23:19 - 00114224 _____ () C:\Users\Präsentation\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 23:19 - 2014-10-13 23:19 - 00001427 _____ () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 23:19 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation\AppData\Roaming\Adobe
2014-10-13 23:19 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation\AppData\Local\VirtualStore
2014-10-13 23:18 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation\AppData\Local\Google
2014-10-13 23:18 - 2014-10-13 23:19 - 00000000 ____D () C:\Users\Präsentation
2014-10-13 23:18 - 2014-10-13 23:18 - 00000020 ___SH () C:\Users\Präsentation\ntuser.ini
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Vorlagen
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Startmenü
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Netzwerkumgebung
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Lokale Einstellungen
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Eigene Dateien
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Druckumgebung
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Documents\Eigene Musik
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Documents\Eigene Bilder
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Local\Verlauf
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Local\Anwendungsdaten
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Anwendungsdaten
2014-10-13 23:18 - 2013-06-23 23:54 - 00000000 ____D () C:\Users\Präsentation\AppData\LocalGoogle
2014-10-13 23:18 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 23:18 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 17:32 - 2014-10-13 17:32 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{EAF59199-3540-4714-849E-F4342185AFB7}
2014-10-11 14:06 - 2014-10-11 14:07 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3930A54F-13A0-4518-97E9-7D4B6EAFCE01}
2014-10-10 17:10 - 2014-10-14 13:41 - 00004186 _____ () C:\Windows\PFRO.log
2014-10-10 17:10 - 2014-10-14 13:41 - 00000336 _____ () C:\Windows\setupact.log
2014-10-10 17:10 - 2014-10-10 17:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 09:59 - 2014-10-10 09:59 - 00134930 _____ () C:\Users\McFragga\Documents\cc_20141010_095852.reg
2014-10-10 08:38 - 2014-10-10 08:38 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{F12AA903-CB40-4904-9BE4-879E7093E6A1}
2014-10-09 17:36 - 2014-10-09 17:36 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{B1BD25DA-E02B-44C8-8823-AC575FA580B0}
2014-10-08 17:46 - 2014-10-08 17:47 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-10-08 17:19 - 2014-10-08 17:19 - 56484761 _____ () C:\Users\McFragga\Downloads\texmakerwin32_43install.exe
2014-10-08 15:59 - 2014-10-08 15:59 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{2F3DF262-D160-4BAE-A103-58BE9FC54F6A}
2014-10-07 18:27 - 2014-10-07 18:27 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-07 15:59 - 2014-10-07 15:59 - 00164204 _____ () C:\Users\McFragga\Downloads\tam384.wav
2014-10-07 15:43 - 2014-10-07 15:43 - 00000000 ____D () C:\zoomify
2014-10-07 15:43 - 2014-10-07 15:43 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{88D98007-F8B1-40C0-8910-6E78263CBDF8}
2014-10-07 15:40 - 2014-10-07 15:40 - 00000000 ____D () C:\dgTemp
2014-10-03 10:33 - 2014-10-03 10:33 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3F898691-9ABF-4A21-945F-DB3158D55295}
2014-10-02 09:14 - 2014-10-02 09:15 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{D19B4271-76FF-4012-80B3-641F4FF0EDEC}
2014-10-01 17:58 - 2014-10-01 17:58 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{8ABA6490-DB07-496D-9EAF-4C9E2E24D8C6}
2014-10-01 17:51 - 2014-10-01 17:51 - 00278568 _____ () C:\Windows\system32\.crusader
2014-10-01 07:59 - 2014-10-01 07:59 - 00001911 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-01 07:59 - 2014-10-01 07:59 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-01 07:43 - 2014-10-03 10:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-01 07:43 - 2014-10-01 07:43 - 00004032 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-10-01 07:42 - 2014-10-07 15:40 - 00000000 ____D () C:\ProgramData\zoomify2
2014-10-01 07:03 - 2014-10-01 07:03 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{76141177-F8F9-4478-AE02-28A4C65DA378}
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\Program Files (x86)\FRITZ!BoxPrint
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-09-30 12:41 - 2006-05-29 02:00 - 00016384 ____R (AVM Berlin GmbH) C:\Windows\SysWOW64\avmprmon.dll
2014-09-30 12:41 - 2006-01-20 13:43 - 00055808 ____R (AVM GmbH) C:\Windows\SysWOW64\avmadd32.dll
2014-09-30 11:49 - 2014-09-30 12:18 - 00371447 _____ () C:\Users\McFragga\Downloads\Sicherung Fritzbox - Kopie.export
2014-09-30 11:37 - 2014-09-30 11:37 - 00181508 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_30.09.14_1136.export
2014-09-30 11:25 - 2014-09-30 11:25 - 00180979 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_01.01.70_0134.export
2014-09-30 11:16 - 2014-09-30 11:56 - 00180979 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_01.01.70_0125.export
2014-09-29 22:11 - 2014-09-29 22:11 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3BA57547-9E9F-4D8D-AE05-52AF9349F5E2}
2014-09-27 12:03 - 2014-09-27 12:03 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{73E1A97A-4F05-4462-8BC9-F4274322B57F}
2014-09-27 00:47 - 2014-09-27 00:47 - 00002547 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-27 00:47 - 2014-09-27 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-26 16:56 - 2014-09-26 16:56 - 00371434 _____ () C:\Users\McFragga\Downloads\Sicherung Fritzbox.export
2014-09-26 15:25 - 2014-09-26 15:25 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{5F4CF919-CDE6-44CD-80E0-B702CE24ED1A}
2014-09-25 17:32 - 2014-09-25 17:33 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{5D66D4CF-D290-4C6F-A903-6341FA44A775}
2014-09-24 21:43 - 2014-09-24 21:45 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{4CF99315-6629-4845-8DAD-C64FBB209833}
2014-09-24 08:21 - 2014-09-24 08:21 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{4A67E08F-7051-4C3F-9BFB-4A06ABEC52D7}
2014-09-23 06:53 - 2014-09-23 06:53 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{801683DC-75A5-475A-B1F6-637010436F3E}
2014-09-22 09:56 - 2014-09-22 09:56 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{95B75D87-AB9C-4CD8-89A9-0163B97A71A0}
2014-09-21 13:32 - 2014-09-21 13:33 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{CD3EA7D6-5936-4F9F-A5B6-CF9C9FFB557C}
2014-09-19 09:07 - 2014-09-19 09:07 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{62D623A0-3581-41CA-A1DB-5BEA8D8E94C7}
2014-09-17 21:53 - 2014-09-17 21:53 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{0CCECC02-AA89-4D29-A0A0-3CF3AC10AEB4}
2014-09-17 08:41 - 2014-09-17 08:41 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{116CF9DC-23DE-41D6-9711-9BC5FFC5B719}
2014-09-16 01:53 - 2014-09-16 01:53 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{394FAEB2-2918-47AB-A275-61642956B2E9}
2014-09-15 11:37 - 2014-09-15 11:37 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{83D53776-02E4-4D18-AF42-D80921D9ECD2}
2014-09-14 20:56 - 2014-09-14 20:56 - 00000000 ____D () C:\Users\McFragga\AppData\Local\{3BAF8D49-5D42-489B-A851-42C5C2F6F157}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-14 14:08 - 2012-08-07 14:56 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
2014-10-14 14:05 - 2009-12-12 00:07 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Skype
2014-10-14 13:56 - 2014-01-11 20:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-14 13:50 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-14 13:50 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-14 13:43 - 2013-05-14 06:04 - 00001176 _____ () C:\Windows\Tasks\Plus-HD-1.5-updater.job
2014-10-14 13:43 - 2013-05-14 06:03 - 00001770 _____ () C:\Windows\Tasks\Plus-HD-1.5-chromeinstaller.job
2014-10-14 13:43 - 2013-05-14 06:03 - 00001754 _____ () C:\Windows\Tasks\Plus-HD-1.5-firefoxinstaller.job
2014-10-14 13:43 - 2013-05-14 06:03 - 00001188 _____ () C:\Windows\Tasks\Plus-HD-1.5-codedownloader.job
2014-10-14 13:43 - 2013-05-03 17:49 - 00000000 ___RD () C:\Users\McFragga\Google Drive
2014-10-14 13:43 - 2009-12-12 00:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-14 13:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-14 13:35 - 2009-12-12 00:14 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-14 13:33 - 2009-07-14 07:10 - 01099048 _____ () C:\Windows\WindowsUpdate.log
2014-10-14 13:24 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-14 13:17 - 2012-08-07 14:11 - 00000000 ____D () C:\ProgramData\Temp
2014-10-14 12:08 - 2012-08-07 14:56 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
2014-10-14 11:42 - 2011-09-21 23:32 - 00001150 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
2014-10-13 23:23 - 2010-01-08 13:12 - 00000400 _____ () C:\Windows\ODBC.INI
2014-10-13 23:01 - 2012-03-31 13:34 - 00000000 ____D () C:\ProgramData\Messenger Plus! for Skype
2014-10-13 17:42 - 2011-09-21 23:32 - 00001128 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
2014-10-11 14:39 - 2009-12-14 20:21 - 00000000 ____D () C:\Users\McFragga\Studium
2014-10-10 09:52 - 2011-02-17 09:38 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Winamp
2014-10-10 09:52 - 2009-12-10 07:40 - 00000000 ____D () C:\Users\McFragga\Tracing
2014-10-10 09:51 - 2014-09-04 11:25 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-10-10 09:26 - 2011-03-21 08:49 - 00000000 ____D () C:\Windows\Minidump
2014-10-08 17:58 - 2011-10-25 21:39 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-10-08 17:50 - 2011-10-25 21:52 - 00000000 ____D () C:\Users\McFragga\AppData\Local\Motorola
2014-10-08 17:48 - 2011-10-25 21:51 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 15:57 - 2012-03-23 23:17 - 00000000 ____D () C:\Temp
2014-10-01 09:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-01 07:39 - 2011-10-05 16:05 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-01 06:59 - 2011-10-05 17:12 - 00254080 _____ () C:\aaw7boot.log
2014-09-30 08:28 - 2014-09-08 08:38 - 00003626 _____ () C:\Windows\System32\Tasks\Ad-Aware Update (Weekly)
2014-09-29 22:09 - 2011-10-08 16:07 - 00000064 _____ () C:\Windows\SysWOW64\rp_stats.dat
2014-09-29 22:09 - 2011-10-08 16:07 - 00000044 _____ () C:\Windows\SysWOW64\rp_rules.dat
2014-09-27 00:47 - 2009-12-12 00:07 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-27 00:46 - 2009-12-12 00:07 - 00000000 ____D () C:\ProgramData\Skype
2014-09-25 17:29 - 2010-04-23 09:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-09-25 10:44 - 2009-12-12 00:08 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-24 08:56 - 2014-01-11 20:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 08:56 - 2013-06-18 23:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 08:56 - 2013-06-18 23:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-17 22:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-15 11:47 - 2011-10-25 23:27 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\MyPhoneExplorer
2014-09-15 09:06 - 2009-12-09 16:12 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 20:12
==================== End Of Log ============================
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by McFragga at 2014-10-14 14:21:17
Running from C:\Users\McFragga\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Anti-Virus (Disabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Disabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
50 FREE MP3s +1 Free Audiobook! (HKLM-x32\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Android Sync Manager WiFi (HKLM-x32\...\{33543A08-4293-0200-0000-000000000000}) (Version: 11.10.574 - Mobile Action)
Anki (HKLM-x32\...\Anki) (Version: - )
Application Suite (HKLM-x32\...\{087D3CBF-1ABB-47A8-8C3B-5E76A5D99E88}) (Version: - )
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Sicherungs- und Wiederherstellungs-Manager (HKLM\...\{CA6B1505-2C45-4211-8F9D-4198C409E1D4}) (Version: 1.0.0 - Dell, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.104.102.104 - ALPS ELECTRIC CO., LTD.)
DNA (HKCU\...\BitTorrent DNA) (Version: 2.2.4 (16502) - BitTorrent Inc.)
DVDVideoSoft Toolbar (HKLM-x32\...\DVDVideoSoft Toolbar) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623k) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular 12.2.1.6570k) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
Emergency 4 (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.03.001 - )
eMule (HKLM-x32\...\eMule) (Version: - )
Eudora (HKLM-x32\...\{A2219E87-FC62-4A98-B183-F7E02561DDBE}) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free Studio version 4.4 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.1.40.1031 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.35.514 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.35.514 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
FUS-3100 Control Center (HKLM-x32\...\{D2613716-E7D5-4072-94CD-A014A0A38F0D}) (Version: 2.221 - LevelOne)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Grand Theft Auto (HKLM-x32\...\Grand Theft Auto) (Version: - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
ICQ 8.0 (build 6019) (HKCU\...\ICQ) (Version: 8.0.6019.0 - Mail.Ru)
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
ILK-ISO_5167 (HKLM-x32\...\{967C547C-208A-4020-9AA5-9277772D5C3D}) (Version: 1.0 - ILK Dresden)
IWON (HKLM-x32\...\IWONGIEbar Uninstall) (Version: - IWON)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Laptop Integrated Webcam Driver (1.01.01.0529) (HKLM\...\Creative OEM013) (Version: - )
LiaisonyLUST v1.7 [Motion Experiment] DEMO (HKLM-x32\...\7492D24A-C1D8-4548-A19D-153E9EBEA087) (Version: - Liaisony, Michael Szonn [www.szonn.com])
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.70.1044 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Maniac Mansion Deluxe (HKLM-x32\...\Maniac Mansion Deluxe) (Version: - )
ManyCam 4.0.44 (HKLM-x32\...\ManyCam) (Version: 4.0.44 - Visicom Media Inc.)
Messenger Plus! (HKLM-x32\...\Messenger Plus!) (Version: 6.00.0.780 - Yuna Software)
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 3.0.0.195 - Yuna Software)
MFP Server Control Center (HKLM-x32\...\{A7A635CC-4F44-49A2-8066-7C3137DA70C4}) (Version: 2.28 - LevelOne)
mh-3rd Generation (HKLM-x32\...\{589D1525-A26D-4A43-B057-32DE00C239CA}) (Version: 1.00.000 - mh-software)
mh-3rd Generation Basis-Installation (HKLM-x32\...\{A44825D4-CE7A-11D3-83FE-0050DA3DB632}) (Version: 1.00.000 - mh-software)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Miniclip Toolbar (HKLM-x32\...\Miniclip Toolbar) (Version: 6.11.2.6 - Miniclip)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.811 - Electronic Arts)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
office Convert Pdf to PowerPoint for ppt Free 4.9 (HKLM-x32\...\office Convert Pdf to PowerPoint for ppt Free_is1) (Version: - Officeconvert Software, Inc.)
OpenOffice.org 3.1 (HKLM-x32\...\{D765F1CE-5AE5-4C47-B134-AE58AC474740}) (Version: 3.1.9420 - OpenOffice.org)
OpenTTD 1.3.1 (HKLM-x32\...\OpenTTD) (Version: 1.3.1 - OpenTTD)
Opera 12.02 (HKLM-x32\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
pdfsam (HKCU\...\pdfsam) (Version: 2.2.1 - )
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE 10.3 (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Roxio Creator DE 10.3 (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Simpsons Display Pictures (HKLM-x32\...\Simpsons Display Pictures) (Version: - Sherv.NET)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
Software Informer 1.0 BETA (HKLM-x32\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
Star Trek: Armada (HKLM-x32\...\Activision_StarTrekArmadaUninstallKey) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
USB2.0 PC Camera (HKLM-x32\...\{417D86A0-89FE-4308-B172-45B74DCE6F8F}) (Version: 2.2.0.0 - aveotek)
VLC media player 0.9.8a (HKLM-x32\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Word Excel PowerPoint to Pdf Converter 3000 7.3 (HKLM-x32\...\Word Excel PowerPoint to Pdf Converter 3000_is1) (Version: - Head Document Tool Software, Inc.)
World of Tanks v.0.6.7 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4088157530-2470593686-3206213926-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4088157530-2470593686-3206213926-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
08-10-2014 14:10:51 Prüfpunkt von HitmanPro
08-10-2014 15:45:24 Removed MOTOROLA MEDIA LINK.
08-10-2014 16:11:24 Prüfpunkt von HitmanPro
09-10-2014 15:55:18 Prüfpunkt von HitmanPro
10-10-2014 15:22:55 Prüfpunkt von HitmanPro
10-10-2014 15:27:59 Windows Update
11-10-2014 12:18:18 Prüfpunkt von HitmanPro
13-10-2014 15:36:58 Prüfpunkt von HitmanPro
14-10-2014 07:11:39 Prüfpunkt von HitmanPro
14-10-2014 07:59:03 Revo Uninstaller's restore point - RegClean-Pro
14-10-2014 08:07:56 Revo Uninstaller's restore point - Plus-HD-1.5
14-10-2014 09:51:32 Windows Update
14-10-2014 10:38:17 Revo Uninstaller's restore point - Extended Update
14-10-2014 10:43:25 Revo Uninstaller's restore point - File Extractor
14-10-2014 10:45:09 Revo Uninstaller's restore point - File Extractor Packages
14-10-2014 10:48:47 Revo Uninstaller's restore point - Messenger Plus! Community Smartbar
14-10-2014 10:50:55 Revo Uninstaller's restore point - Winamp Toolbar
14-10-2014 11:51:40 Prüfpunkt von HitmanPro
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-10-14 13:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {159D8A2D-AE65-487C-A942-84ED637254EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-12] (Google Inc.)
Task: {17DB5DA7-E988-44AE-AB2C-98D70A5A8633} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {2422E5EE-B8E2-4B62-900B-084EC6CE2DE8} - System32\Tasks\Plus-HD-1.5-firefoxinstaller => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-firefoxinstaller.exe [2013-05-14] (Plus HD)
Task: {3585A647-2C8F-4432-8EE9-7C501CDC6AD5} - System32\Tasks\Plus-HD-1.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-chromeinstaller.exe [2013-05-14] (Plus HD)
Task: {50EB08C1-2BE4-401A-A39A-EEB71475708F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {562C9D00-CB77-4E30-81DF-0F87923B1745} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {5942EF52-EFC3-4D1E-AECD-4901C15AAADA} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {5955EA35-8C15-41CD-8582-AAFB1DAF429B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {63A57FDB-9D27-48EA-A8D5-4680529A863F} - System32\Tasks\Plus-HD-1.5-codedownloader => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-codedownloader.exe [2013-05-14] (Plus HD)
Task: {733E1F44-A9E0-4061-BA13-42F16D849190} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07] (Google Inc.)
Task: {8839E719-B13E-4010-B7A5-7131B6E2DC36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-12] (Google Inc.)
Task: {883D703D-9725-4389-A507-E0914173EC66} - \Advanced System Protector No Task File <==== ATTENTION
Task: {8A2A2F3E-899F-4A99-ADF8-3D56E710C7A3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07] (Google Inc.)
Task: {A2847807-FAE3-439E-89D8-39496EF97309} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {A29CAD6C-1915-431F-9967-3128CA1DAA02} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {AA69AB02-BDBE-4735-8011-5D6E1B2A5FB2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {AAB4BF25-34FF-4FBB-B15D-5F261BC1922D} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {C7FEB900-B033-45B2-8E36-0985BE6797DC} - System32\Tasks\{9680CA09-5094-46F9-BDCC-22EAD944BC40} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
Task: {CC567FF9-96E8-48A3-A156-85EE97018B9D} - System32\Tasks\Plus-HD-1.5-updater => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-updater.exe [2013-05-14] (Plus HD)
Task: {E54E7B24-90CE-44B9-9E35-418C27878ADB} - \RegClean Pro No Task File <==== ATTENTION
Task: {EAA691B8-7C8B-40DE-8535-3E8B6539164F} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-1.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.5-updater.job => C:\Program Files (x86)\Plus-HD-1.5\Plus-HD-1.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Tempo Runner wzoomifyd.job => C:\PROGRA~3\zoomify2\1.1.0.25\wzoomifyd.exe
==================== Loaded Modules (whitelisted) =============
2012-02-08 23:56 - 2005-03-12 03:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-11-15 20:31 - 2009-11-15 20:31 - 00050688 _____ () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00026624 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00119296 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034816 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2009-11-15 20:25 - 2009-11-15 20:25 - 00019456 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2009-11-15 20:28 - 2009-11-15 20:28 - 00948224 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00030720 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034304 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00028160 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2009-11-15 20:26 - 2009-11-15 20:26 - 00690688 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2014-08-07 11:35 - 2014-08-07 11:35 - 00435696 _____ () C:\Program Files (x86)\Search\WebSearch.exe
2011-12-10 00:01 - 2011-12-10 00:01 - 00041472 _____ () C:\Program Files (x86)\MyPhoneExplorer\DLL\mpe_gadget_connector_net.dll
2014-08-28 17:17 - 2014-07-22 22:46 - 03356480 _____ () C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe
2009-10-14 13:36 - 2009-10-14 13:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 13:34 - 2009-10-14 13:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2012-09-24 17:47 - 2012-09-24 17:47 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll
2012-09-24 17:48 - 2012-09-24 17:48 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL
2012-09-24 17:48 - 2012-09-24 17:48 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
2013-05-11 17:09 - 2013-05-11 17:09 - 00851456 _____ () C:\Users\McFragga\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2012-03-31 13:34 - 2012-03-18 12:07 - 02347520 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtCore4.dll
2012-03-31 13:34 - 2012-03-18 12:10 - 08499712 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtGui4.dll
2014-01-29 22:47 - 2012-07-24 00:13 - 00357888 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtXml4.dll
2012-03-31 14:07 - 2012-01-15 17:50 - 00370688 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\libsndfile.dll
2012-03-31 14:07 - 2012-01-15 17:50 - 00390656 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\lame_enc.dll
2012-03-31 14:07 - 2012-03-18 12:07 - 00863744 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\QtNetwork4.dll
2012-03-31 14:07 - 2012-03-18 12:07 - 00026624 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\imageformats\qgif4.dll
2012-03-31 14:07 - 2012-03-18 12:07 - 00200704 _____ () C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\imageformats\qjpeg4.dll
2014-10-14 13:43 - 2014-10-14 13:43 - 00098816 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32api.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00110080 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\pywintypes27.dll
2014-10-14 13:43 - 2014-10-14 13:43 - 00364544 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\pythoncom27.dll
2014-10-14 13:43 - 2014-10-14 13:43 - 00045568 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\_socket.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 01160704 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\_ssl.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00320512 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32com.shell.shell.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00713216 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\_hashlib.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 01175040 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._core_.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00805888 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._gdi_.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00811008 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._windows_.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 01062400 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._controls_.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00735232 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._misc_.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00128512 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\_elementtree.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00127488 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\pyexpat.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00557056 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\pysqlite2._sqlite.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00007168 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\hashobjs_ext.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00087552 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\_ctypes.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00119808 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32file.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00108544 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32security.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00018432 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32event.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00038912 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32inet.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00070656 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._html2.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00167936 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32gui.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00011264 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32crypt.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00027136 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\_multiprocessing.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00686080 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\unicodedata.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00122368 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._wizard.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00010240 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\select.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00024064 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32pipe.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00025600 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32pdh.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00525640 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\windows._lib_cacheinvalidation.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00035840 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32process.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00017408 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32profile.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00022528 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\win32ts.pyd
2014-10-14 13:43 - 2014-10-14 13:43 - 00078336 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI42362\wx._animate.pyd
2014-09-25 10:43 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 10:43 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 10:43 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 10:43 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 10:43 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Access Manager.lnk => C:\Windows\pss\Access Manager.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Browser companion helper => C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3
MSCONFIG\startupreg: Control Center => C:\Program Files (x86)\LevelOne\MFP Server Control Center\Control Center.exe -mini
MSCONFIG\startupreg: Facebook Update => "C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Quick Search Box => "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IWONGIE Browser Plugin Loader => C:\PROGRA~2\IWONGIE\bar\1.bin\vrbrmon.exe
MSCONFIG\startupreg: Linkury Chrome Smartbar => C:\Program Files (x86)\Linkury\Linkury.exe startup
MSCONFIG\startupreg: Logitech Vid HD => "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: PlusService => C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-4088157530-2470593686-3206213926-500 - Administrator - Disabled)
Bibi (S-1-5-21-4088157530-2470593686-3206213926-1001 - Limited - Enabled)
Gast (S-1-5-21-4088157530-2470593686-3206213926-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4088157530-2470593686-3206213926-1003 - Limited - Enabled)
McFragga (S-1-5-21-4088157530-2470593686-3206213926-1000 - Administrator - Enabled) => C:\Users\McFragga
Präsentation (S-1-5-21-4088157530-2470593686-3206213926-1030 - Limited - Enabled) => C:\Users\Präsentation
SophosSAUFRAGGA-TOP0 (S-1-5-21-4088157530-2470593686-3206213926-1005 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Master Bus of Kernel USB Software Bus by TCP
Description: Master Bus of Kernel USB Software Bus by TCP
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: LevelOne Corporation
Service: KUSBusByTCPMasterBus
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Shrew Soft Virtual Adapter #3
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #2
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #5
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #4
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/14/2014 01:42:11 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: DNS Lookup schlug bei Auflösung folgender Adressen fehl: fhk-av-update.%%3
Error: (10/14/2014 01:39:03 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Service failed to shut down.
Error: (10/14/2014 01:39:03 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Receiving shutdown message.
Error: (10/14/2014 01:35:05 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: DNS Lookup schlug bei Auflösung folgender Adressen fehl: fhk-av-update.%%3
Error: (10/14/2014 01:33:24 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Service failed to shut down.
Error: (10/14/2014 01:33:24 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Receiving shutdown message.
Error: (10/14/2014 01:25:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007af2
ID des fehlerhaften Prozesses: 0x448
Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0
Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1
Pfad des fehlerhaften Moduls: LVPrcSrv.exe2
Berichtskennung: LVPrcSrv.exe3
Error: (10/14/2014 01:06:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: googledrivesync.exe, Version: 1.17.7290.4094, Zeitstempel: 0x509418e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002dfe4
ID des fehlerhaften Prozesses: 0x15c8
Startzeit der fehlerhaften Anwendung: 0xgoogledrivesync.exe0
Pfad der fehlerhaften Anwendung: googledrivesync.exe1
Pfad des fehlerhaften Moduls: googledrivesync.exe2
Berichtskennung: googledrivesync.exe3
Error: (10/14/2014 01:03:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm icq.exe, Version 8.0.6019.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1250
Startzeit: 01cfe77c4eb3a671
Endzeit: 489
Anwendungspfad: C:\Users\McFragga\AppData\Roaming\ICQM\icq.exe
Berichts-ID: b868a58f-5391-11e4-bf0b-904ce5ff519e
Error: (10/14/2014 08:58:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: zoomify.exe, Version: 1.1.0.25, Zeitstempel: 0x542e45df
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00700072
ID des fehlerhaften Prozesses: 0xaec
Startzeit der fehlerhaften Anwendung: 0xzoomify.exe0
Pfad der fehlerhaften Anwendung: zoomify.exe1
Pfad des fehlerhaften Moduls: zoomify.exe2
Berichtskennung: zoomify.exe3
System errors:
=============
Error: (10/14/2014 01:39:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (10/14/2014 01:25:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/14/2014 01:23:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (10/14/2014 01:22:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/14/2014 01:16:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (10/14/2014 01:04:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DailytoolsUpdateService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/14/2014 10:54:54 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (10/14/2014 10:54:49 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (10/14/2014 10:54:44 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (10/14/2014 08:58:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "zoomify" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (10/14/2014 01:42:11 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: fhk-av-update
Error: (10/14/2014 01:39:03 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Service failed to shut down.
Error: (10/14/2014 01:39:03 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Receiving shutdown message.
Error: (10/14/2014 01:35:05 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT-AUTORITÄT)
Description: fhk-av-update
Error: (10/14/2014 01:33:24 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Service failed to shut down.
Error: (10/14/2014 01:33:24 PM) (Source: MsgPlusService_1) (EventID: 0) (User: )
Description: MsgPlusService_1Receiving shutdown message.
Error: (10/14/2014 01:25:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af244801cfe77c436c4144C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.execf249d8b-5394-11e4-bf0b-904ce5ff519e
Error: (10/14/2014 01:06:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: googledrivesync.exe1.17.7290.4094509418e4ntdll.dll6.1.7601.18247521ea8e7c00000050002dfe415c801cfe77c75b2621cC:\Program Files (x86)\Google\Drive\googledrivesync.exeC:\Windows\SysWOW64\ntdll.dll2a23df3d-5392-11e4-bf0b-904ce5ff519e
Error: (10/14/2014 01:03:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: icq.exe8.0.6019.0125001cfe77c4eb3a671489C:\Users\McFragga\AppData\Roaming\ICQM\icq.exeb868a58f-5391-11e4-bf0b-904ce5ff519e
Error: (10/14/2014 08:58:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: zoomify.exe1.1.0.25542e45dfunknown0.0.0.000000000c000000500700072aec01cfe77c46828a1fC:\PROGRA~3\zoomify2\1.1.0.25\zoomify.exeunknown8b82d158-536f-11e4-bf0b-904ce5ff519e
CodeIntegrity Errors:
===================================
Date: 2014-10-14 13:22:16.837
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-14 13:22:16.587
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 3066.96 MB
Available physical RAM: 1104.98 MB
Total Pagefile: 3420.14 MB
Available Pagefile: 1033.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:150.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 7C83D076)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
15.10.2014, 09:45
| #5 |
| /// the machine /// TB-Ausbilder | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.10.2014, 17:57
| #6 |
| | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Danke mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Code:
ATTFilter # AdwCleaner v4.000 - Bericht erstellt am 17/10/2014 um 17:54:36
# Aktualisiert 12/10/2014 von Xplode
# Datenbank : 2014-10-17.9
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : McFragga - FRAGGA-TOP
# Gestartet von : C:\Users\McFragga\Downloads\AdwCleaner_4.000.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : DailytoolsUpdateService
Dienst Gefunden : ICQ Service
Dienst Gefunden : Search
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\END
Datei Gefunden : C:\Users\McFragga\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
Datei Gefunden : C:\Users\McFragga\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
Datei Gefunden : C:\Users\Präsentation\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gefunden : C:\Users\Präsentation\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\SysWOW64\update1.dll
Ordner Gefunden : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\Program Files (x86)\Linkury
Ordner Gefunden : C:\Program Files (x86)\Miniclip
Ordner Gefunden : C:\Program Files (x86)\Search
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\ProgramData\Linkury
Ordner Gefunden : C:\ProgramData\Uniblue
Ordner Gefunden : C:\ProgramData\Uniblue\DriverScanner
Ordner Gefunden : C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm
Ordner Gefunden : C:\Users\McFragga\AppData\Local\PackageAware
Ordner Gefunden : C:\Users\McFragga\AppData\LocalLow\IWONGIE
Ordner Gefunden : C:\Users\McFragga\AppData\LocalLow\Miniclip
Ordner Gefunden : C:\Users\McFragga\AppData\LocalLow\Toolbar4
Ordner Gefunden : C:\Users\McFragga\AppData\LocalLow\zoomify
Ordner Gefunden : C:\Users\McFragga\AppData\Roaming\1H1Q
Ordner Gefunden : C:\Users\McFragga\AppData\Roaming\DigitalSites
Ordner Gefunden : C:\Users\McFragga\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\McFragga\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\McFragga\AppData\Roaming\registry mechanic
Ordner Gefunden : C:\Users\Präsentation\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Ordner Gefunden : C:\zoomify
***** [ Tasks ] *****
Task Gefunden : ASP
Task Gefunden : LaunchSignup
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:8897;hxxps=127.0.0.1:8897
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\IWONGIE
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Miniclip
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\MyWebSearch
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\zoomify
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\BlabbersToolbar
Schlüssel Gefunden : HKCU\Software\BrowserCompanion
Schlüssel Gefunden : HKCU\Software\dsiteproducts
Schlüssel Gefunden : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4FE81B9-8F10-419F-99C7-5F396834B5E2}
Schlüssel Gefunden : HKCU\Software\PIP
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKCU\Software\yuna software
Schlüssel Gefunden : [x64] HKCU\Software\BlabbersToolbar
Schlüssel Gefunden : [x64] HKCU\Software\BrowserCompanion
Schlüssel Gefunden : [x64] HKCU\Software\dsiteproducts
Schlüssel Gefunden : [x64] HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : [x64] HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
Schlüssel Gefunden : [x64] HKCU\Software\PIP
Schlüssel Gefunden : [x64] HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : [x64] HKCU\Software\yuna software
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\linkurysmartbar.bandobjectattribute
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3067892
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Schlüssel Gefunden : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\IWONGIE
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6355AE-6469-4E0A-B917-A331EC6449FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94D56EE8-D039-45A8-9B3D-ABA7FF32F8CA}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2E572C1-8869-413D-BD13-201590970AA9}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA60D3D3-AF7E-4693-B3E7-43B11021FADD}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBDB4A46-A9A6-4C10-9C48-0194AEF05330}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6DAF705-D375-478D-B516-DF8976A97107}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_eudora_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_eudora_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader43050[1]_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader43050[1]_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4FE81B9-8F10-419F-99C7-5F396834B5E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Miniclip Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Miniclip
Schlüssel Gefunden : HKLM\SOFTWARE\PIP
Schlüssel Gefunden : HKLM\SOFTWARE\Tencent
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
Schlüssel Gefunden : HKLM\SOFTWARE\Vittalia
Schlüssel Gefunden : HKLM\SOFTWARE\yuna software
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Joosoft.com
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\yuna software
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsInstallerService]
Wert Gefunden : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsUpdateService]
Wert Gefunden : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [Update-Service-Installer-Service]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
-\\ Google Chrome v37.0.2062.124
*************************
AdwCleaner[R0].txt - [16369 octets] - [17/10/2014 17:54:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16430 octets] ##########
Code:
ATTFilter # AdwCleaner v4.000 - Bericht erstellt am 17/10/2014 um 17:58:13
# DB v2014-10-17.9
# Aktualisiert 12/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : McFragga - FRAGGA-TOP
# Gestartet von : C:\Users\McFragga\Downloads\AdwCleaner_4.000.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : DailytoolsUpdateService
[#] Dienst Gelöscht : ICQ Service
Dienst Gelöscht : Search
***** [ Dateien / Ordner ] *****
[!] Ordner Gelöscht : C:\Users\McFragga\AppData\Roaming\1H1Q
Ordner Gelöscht : C:\Users\McFragga\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\McFragga\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Users\McFragga\AppData\LocalLow\IWONGIE
Ordner Gelöscht : C:\ProgramData\Linkury
Ordner Gelöscht : C:\Program Files (x86)\Linkury
Ordner Gelöscht : C:\Users\McFragga\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\McFragga\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\McFragga\AppData\Roaming\registry mechanic
Ordner Gelöscht : C:\Program Files (x86)\Search
Ordner Gelöscht : C:\Users\McFragga\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\zoomify
Ordner Gelöscht : C:\Users\McFragga\AppData\LocalLow\zoomify
Ordner Gelöscht : C:\Program Files (x86)\Miniclip
Ordner Gelöscht : C:\Users\McFragga\AppData\LocalLow\Miniclip
Ordner Gelöscht : C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm
Ordner Gelöscht : C:\Users\Präsentation\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Datei Gelöscht : C:\Users\McFragga\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
Datei Gelöscht : C:\Users\McFragga\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\SysWOW64\update1.dll
Datei Gelöscht : C:\Users\Präsentation\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Präsentation\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : ASP
Task Gelöscht : LaunchSignup
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\linkurysmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsInstallerService]
Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsUpdateService]
Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [Update-Service-Installer-Service]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3067892
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader43050[1]_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader43050[1]_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_eudora_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_eudora_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4FE81B9-8F10-419F-99C7-5F396834B5E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4FE81B9-8F10-419F-99C7-5F396834B5E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6355AE-6469-4E0A-B917-A331EC6449FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2E572C1-8869-413D-BD13-201590970AA9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA60D3D3-AF7E-4693-B3E7-43B11021FADD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6DAF705-D375-478D-B516-DF8976A97107}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBDB4A46-A9A6-4C10-9C48-0194AEF05330}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94D56EE8-D039-45A8-9B3D-ABA7FF32F8CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKCU\Software\BlabbersToolbar
Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\yuna software
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\IWONGIE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyWebSearch
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\zoomify
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Miniclip
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\IWONGIE
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Tencent
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\yuna software
Schlüssel Gelöscht : HKLM\SOFTWARE\Miniclip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Miniclip Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Joosoft.com
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\yuna software
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:8897;hxxps=127.0.0.1:8897
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 0
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Google Chrome v37.0.2062.124
*************************
AdwCleaner[R0].txt - [16643 octets] - [17/10/2014 17:54:36]
AdwCleaner[S0].txt - [15350 octets] - [17/10/2014 17:58:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15411 octets] ##########
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by McFragga at 2014-10-17 18:29:26
Running from C:\Users\McFragga\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Anti-Virus (Disabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Disabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
50 FREE MP3s +1 Free Audiobook! (HKLM-x32\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Android Sync Manager WiFi (HKLM-x32\...\{33543A08-4293-0200-0000-000000000000}) (Version: 11.10.574 - Mobile Action)
Anki (HKLM-x32\...\Anki) (Version: - )
Application Suite (HKLM-x32\...\{087D3CBF-1ABB-47A8-8C3B-5E76A5D99E88}) (Version: - )
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Sicherungs- und Wiederherstellungs-Manager (HKLM\...\{CA6B1505-2C45-4211-8F9D-4198C409E1D4}) (Version: 1.0.0 - Dell, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.104.102.104 - ALPS ELECTRIC CO., LTD.)
DNA (HKCU\...\BitTorrent DNA) (Version: 2.2.4 (16502) - BitTorrent Inc.)
DVDVideoSoft Toolbar (HKLM-x32\...\DVDVideoSoft Toolbar) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623k) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular 12.2.1.6570k) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
Emergency 4 (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.03.001 - )
eMule (HKLM-x32\...\eMule) (Version: - )
Eudora (HKLM-x32\...\{A2219E87-FC62-4A98-B183-F7E02561DDBE}) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free Studio version 4.4 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.1.40.1031 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.35.514 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.35.514 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
FUS-3100 Control Center (HKLM-x32\...\{D2613716-E7D5-4072-94CD-A014A0A38F0D}) (Version: 2.221 - LevelOne)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Grand Theft Auto (HKLM-x32\...\Grand Theft Auto) (Version: - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
ICQ 8.0 (build 6019) (HKCU\...\ICQ) (Version: 8.0.6019.0 - Mail.Ru)
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
ILK-ISO_5167 (HKLM-x32\...\{967C547C-208A-4020-9AA5-9277772D5C3D}) (Version: 1.0 - ILK Dresden)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Laptop Integrated Webcam Driver (1.01.01.0529) (HKLM\...\Creative OEM013) (Version: - )
LiaisonyLUST v1.7 [Motion Experiment] DEMO (HKLM-x32\...\7492D24A-C1D8-4548-A19D-153E9EBEA087) (Version: - Liaisony, Michael Szonn [www.szonn.com])
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.70.1044 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Maniac Mansion Deluxe (HKLM-x32\...\Maniac Mansion Deluxe) (Version: - )
ManyCam 4.0.44 (HKLM-x32\...\ManyCam) (Version: 4.0.44 - Visicom Media Inc.)
Messenger Plus! (HKLM-x32\...\Messenger Plus!) (Version: 6.00.0.780 - Yuna Software)
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 3.0.0.195 - Yuna Software)
MFP Server Control Center (HKLM-x32\...\{A7A635CC-4F44-49A2-8066-7C3137DA70C4}) (Version: 2.28 - LevelOne)
mh-3rd Generation (HKLM-x32\...\{589D1525-A26D-4A43-B057-32DE00C239CA}) (Version: 1.00.000 - mh-software)
mh-3rd Generation Basis-Installation (HKLM-x32\...\{A44825D4-CE7A-11D3-83FE-0050DA3DB632}) (Version: 1.00.000 - mh-software)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.811 - Electronic Arts)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
office Convert Pdf to PowerPoint for ppt Free 4.9 (HKLM-x32\...\office Convert Pdf to PowerPoint for ppt Free_is1) (Version: - Officeconvert Software, Inc.)
OpenOffice.org 3.1 (HKLM-x32\...\{D765F1CE-5AE5-4C47-B134-AE58AC474740}) (Version: 3.1.9420 - OpenOffice.org)
OpenTTD 1.3.1 (HKLM-x32\...\OpenTTD) (Version: 1.3.1 - OpenTTD)
Opera 12.02 (HKLM-x32\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
pdfsam (HKCU\...\pdfsam) (Version: 2.2.1 - )
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE 10.3 (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Roxio Creator DE 10.3 (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Simpsons Display Pictures (HKLM-x32\...\Simpsons Display Pictures) (Version: - Sherv.NET)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
Software Informer 1.0 BETA (HKLM-x32\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
Star Trek: Armada (HKLM-x32\...\Activision_StarTrekArmadaUninstallKey) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
USB2.0 PC Camera (HKLM-x32\...\{417D86A0-89FE-4308-B172-45B74DCE6F8F}) (Version: 2.2.0.0 - aveotek)
VLC media player 0.9.8a (HKLM-x32\...\VLC media player) (Version: 0.9.8a - VideoLAN Team)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Word Excel PowerPoint to Pdf Converter 3000 7.3 (HKLM-x32\...\Word Excel PowerPoint to Pdf Converter 3000_is1) (Version: - Head Document Tool Software, Inc.)
World of Tanks v.0.6.7 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4088157530-2470593686-3206213926-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4088157530-2470593686-3206213926-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
08-10-2014 15:45:24 Removed MOTOROLA MEDIA LINK.
08-10-2014 16:11:24 Prüfpunkt von HitmanPro
09-10-2014 15:55:18 Prüfpunkt von HitmanPro
10-10-2014 15:22:55 Prüfpunkt von HitmanPro
10-10-2014 15:27:59 Windows Update
11-10-2014 12:18:18 Prüfpunkt von HitmanPro
13-10-2014 15:36:58 Prüfpunkt von HitmanPro
14-10-2014 07:11:39 Prüfpunkt von HitmanPro
14-10-2014 07:59:03 Revo Uninstaller's restore point - RegClean-Pro
14-10-2014 08:07:56 Revo Uninstaller's restore point - Plus-HD-1.5
14-10-2014 09:51:32 Windows Update
14-10-2014 10:38:17 Revo Uninstaller's restore point - Extended Update
14-10-2014 10:43:25 Revo Uninstaller's restore point - File Extractor
14-10-2014 10:45:09 Revo Uninstaller's restore point - File Extractor Packages
14-10-2014 10:48:47 Revo Uninstaller's restore point - Messenger Plus! Community Smartbar
14-10-2014 10:50:55 Revo Uninstaller's restore point - Winamp Toolbar
14-10-2014 11:51:40 Prüfpunkt von HitmanPro
15-10-2014 05:00:52 Prüfpunkt von HitmanPro
15-10-2014 05:22:06 Prüfpunkt von HitmanPro
17-10-2014 06:10:19 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-10-14 13:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {159D8A2D-AE65-487C-A942-84ED637254EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-12] (Google Inc.)
Task: {17DB5DA7-E988-44AE-AB2C-98D70A5A8633} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {50EB08C1-2BE4-401A-A39A-EEB71475708F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {562C9D00-CB77-4E30-81DF-0F87923B1745} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {5955EA35-8C15-41CD-8582-AAFB1DAF429B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {733E1F44-A9E0-4061-BA13-42F16D849190} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07] (Google Inc.)
Task: {8839E719-B13E-4010-B7A5-7131B6E2DC36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-12] (Google Inc.)
Task: {883D703D-9725-4389-A507-E0914173EC66} - \Advanced System Protector No Task File <==== ATTENTION
Task: {8A2A2F3E-899F-4A99-ADF8-3D56E710C7A3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-07] (Google Inc.)
Task: {A2847807-FAE3-439E-89D8-39496EF97309} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {AA69AB02-BDBE-4735-8011-5D6E1B2A5FB2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {AAB4BF25-34FF-4FBB-B15D-5F261BC1922D} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {C06234DD-7D5D-4DE2-8B90-1C874BBB8821} - System32\Tasks\Tempo Runner zoomifyD32 => C:\PROGRA~3\zoomify2\1.1.0.25\zoomify.exe
Task: {C7FEB900-B033-45B2-8E36-0985BE6797DC} - System32\Tasks\{9680CA09-5094-46F9-BDCC-22EAD944BC40} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
Task: {E54E7B24-90CE-44B9-9E35-418C27878ADB} - \RegClean Pro No Task File <==== ATTENTION
Task: {EAA691B8-7C8B-40DE-8535-3E8B6539164F} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job => C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job => C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Tempo Runner wzoomifyd.job => C:\PROGRA~3\zoomify2\1.1.0.25\wzoomifyd.exe
Task: C:\Windows\Tasks\Tempo Runner zoomifyD32.job => C:\PROGRA~3\zoomify2\1.1.0.25\zoomifyD32.exe
Task: C:\Windows\Tasks\Tempo Runner zoomifyL32.job => C:\PROGRA~3\zoomify2\1.1.0.25\zoomifyL32.exe
Task: C:\Windows\Tasks\Tempo Runner zoomifyL64.job => C:\PROGRA~3\zoomify2\1.1.0.25\zoomifyL64.exe
==================== Loaded Modules (whitelisted) =============
2012-02-08 23:56 - 2005-03-12 03:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-11-15 20:31 - 2009-11-15 20:31 - 00050688 _____ () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00026624 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00119296 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034816 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2009-11-15 20:25 - 2009-11-15 20:25 - 00019456 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2009-11-15 20:28 - 2009-11-15 20:28 - 00948224 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00030720 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034304 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00028160 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2009-11-15 20:26 - 2009-11-15 20:26 - 00690688 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2011-12-10 00:01 - 2011-12-10 00:01 - 00041472 _____ () C:\Program Files (x86)\MyPhoneExplorer\DLL\mpe_gadget_connector_net.dll
2014-08-28 17:17 - 2014-07-22 22:46 - 03356480 _____ () C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe
2009-10-14 13:36 - 2009-10-14 13:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 13:34 - 2009-10-14 13:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2012-09-24 17:47 - 2012-09-24 17:47 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll
2012-09-24 17:48 - 2012-09-24 17:48 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL
2012-09-24 17:48 - 2012-09-24 17:48 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
2012-09-24 17:47 - 2012-09-24 17:47 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
2014-10-17 18:01 - 2014-10-17 18:01 - 00098816 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32api.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00110080 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\pywintypes27.dll
2014-10-17 18:01 - 2014-10-17 18:01 - 00364544 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\pythoncom27.dll
2014-10-17 18:01 - 2014-10-17 18:01 - 00045568 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\_socket.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 01160704 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\_ssl.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00320512 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32com.shell.shell.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00713216 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\_hashlib.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 01175040 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._core_.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00805888 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._gdi_.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00811008 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._windows_.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 01062400 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._controls_.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00735232 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._misc_.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00128512 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\_elementtree.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00127488 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\pyexpat.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00557056 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\pysqlite2._sqlite.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00007168 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\hashobjs_ext.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00087552 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\_ctypes.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00119808 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32file.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00108544 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32security.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00018432 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32event.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00038912 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32inet.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00070656 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._html2.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00167936 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32gui.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00011264 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32crypt.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00027136 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\_multiprocessing.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00686080 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\unicodedata.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00122368 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._wizard.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00010240 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\select.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00024064 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32pipe.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00025600 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32pdh.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00525640 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\windows._lib_cacheinvalidation.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00035840 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32process.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00017408 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32profile.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00022528 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\win32ts.pyd
2014-10-17 18:01 - 2014-10-17 18:01 - 00078336 _____ () C:\Users\McFragga\AppData\Local\Temp\_MEI26602\wx._animate.pyd
2014-09-25 10:43 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 10:43 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 10:43 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 10:43 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 10:43 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Access Manager.lnk => C:\Windows\pss\Access Manager.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Browser companion helper => C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3
MSCONFIG\startupreg: Control Center => C:\Program Files (x86)\LevelOne\MFP Server Control Center\Control Center.exe -mini
MSCONFIG\startupreg: Facebook Update => "C:\Users\McFragga\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Quick Search Box => "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\McFragga\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IWONGIE Browser Plugin Loader => C:\PROGRA~2\IWONGIE\bar\1.bin\vrbrmon.exe
MSCONFIG\startupreg: Linkury Chrome Smartbar => C:\Program Files (x86)\Linkury\Linkury.exe startup
MSCONFIG\startupreg: Logitech Vid HD => "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: PlusService => C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-4088157530-2470593686-3206213926-500 - Administrator - Disabled)
Bibi (S-1-5-21-4088157530-2470593686-3206213926-1001 - Limited - Enabled)
Gast (S-1-5-21-4088157530-2470593686-3206213926-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4088157530-2470593686-3206213926-1003 - Limited - Enabled)
McFragga (S-1-5-21-4088157530-2470593686-3206213926-1000 - Administrator - Enabled) => C:\Users\McFragga
Präsentation (S-1-5-21-4088157530-2470593686-3206213926-1030 - Limited - Enabled) => C:\Users\Präsentation
SophosSAUFRAGGA-TOP0 (S-1-5-21-4088157530-2470593686-3206213926-1005 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Shrew Soft Virtual Adapter #2
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Shrew Soft Virtual Adapter #5
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Shrew Soft Virtual Adapter #4
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Master Bus of Kernel USB Software Bus by TCP
Description: Master Bus of Kernel USB Software Bus by TCP
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: LevelOne Corporation
Service: KUSBusByTCPMasterBus
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #3
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-10-14 13:22:16.837
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-14 13:22:16.587
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Percentage of memory in use: 52%
Total physical RAM: 3066.96 MB
Available physical RAM: 1452.14 MB
Total Pagefile: 3477.14 MB
Available Pagefile: 1444.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:146.98 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 7C83D076)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
17.10.2014, 18:00
| #7 |
| | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung JRT.txt Teil 1 Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Professional x64
Ran by McFragga on 17.10.2014 at 18:10:54,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\messengerplusforskypeservice
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\plusservice
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201100}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup1_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{aa91a22e-2e6d-4c79-a578-d50109b651aa}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{aa91a22e-2e6d-4c79-a578-d50109b651aa}
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\messenger plus! for skype"
Successfully deleted: [Folder] "C:\Users\McFragga\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Program Files (x86)\software informer"
Successfully deleted: [Folder] "C:\Program Files (x86)\yuna software"
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{000DB77C-FE5C-43D5-B6EB-267FA143ED56}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{014FC599-21D5-4B0A-9A5A-F0C5FC5FBF27}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{01587079-798D-4080-BE99-5892378F58D9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{017A8E84-F0BF-4F98-87F0-4F057AA9301E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{01BEC6F7-25C6-43C0-9FC1-2B07BE49F92B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{01D92005-3508-4A4F-8D72-36714FD4778E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{01F91845-DAE8-409A-B841-FD85D4A5D3CB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{020358D4-F993-4BD1-A327-5A5D18C85BF4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{027196F6-F518-442B-AC40-47CF1F0AF849}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{027B03BB-EFC2-4989-85D9-A29B0145748B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{02D8FCF6-0981-4FA8-B061-9443410AF626}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{033DC43B-6643-478D-8B37-435891613C44}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0367A3B1-4F63-4DAB-8279-19F2E8AD669C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{03B2D0F5-E6FA-4447-A399-2F53572F0B22}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0449EDCA-8801-4569-9AB2-3D664B65BB1C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{046C3D50-5851-43DB-BD6E-512ED7BBD9E3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{046D5A38-A5F3-4C8A-86D9-9709899C04DF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{048792B0-E577-45A4-8418-B50B08D4DD15}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{04E62574-684A-4154-AF3F-0A7D93533BB0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{051A6C77-A510-447D-8920-75A91A0E15ED}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{058F1209-9DC9-43D7-AFA8-8A4B6D8FF2C9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{060C3DE3-AF60-4B4D-9A1A-53C8A7577336}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{061BB9E7-CAFC-452C-AF59-AF032703F9FC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{06344DA2-C32E-4FAB-A7E5-4008D5845EF5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{06972020-1EFA-4C58-A5BE-849175A446E0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0718EA4A-6071-45C8-89E9-2B4702BED7DD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{073543EE-BBD2-4D67-9C83-8C2B11F77AA1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{073AFAF7-46C7-45AB-A99A-9F6D8CADB905}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{07430604-80C3-4737-9D2A-74892F5F467A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{074456D6-DECA-4425-9214-456D8719748D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{075A7716-A9A9-4BB3-8368-1767EFB7DC04}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{07604229-D36B-481D-9B03-3BA1CEBA875A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{07E0636A-146D-46F6-8529-1F53F336FC20}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{07E9510A-E64A-47C0-8BB0-454FE8EBC719}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{082819EE-BB94-45A3-8DFF-A6446B56D2C5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{085637EC-2661-4C79-8A26-B194464FEB5B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{08578944-A614-4E9D-9DE4-08D1B45B5A7C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{085AADBC-D61A-4374-833A-2AD3EA2F6289}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{095372B5-2C42-4280-961C-399D889FA3CD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{098D36D9-B683-43DF-B7A5-1817FB8EE205}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{09A10297-0F9E-436A-AAFF-1AB55C62E0EB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{09E10EA2-2394-4E10-864F-E14376A07AE3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0A125AF3-66CA-4FAD-9CB7-00C4DB42CFA2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0A15D355-E4F7-476A-9463-EE124B985992}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0A442B4C-ADE0-4FEA-BD9D-B26577C0CCB0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0A92CA65-56FE-4446-BBBC-5B396D170657}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0A982F72-7C53-43BC-85C3-2F093D94CFDC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0B23676A-BB60-45E0-8815-43FD220BAD41}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0C08A53D-C182-4FC8-8660-1E2614635217}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0C84717D-5A7E-46FE-B880-DBF18774E549}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0C913F10-890E-4993-BF91-15DCA1CF32D5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0C9A5546-34B2-4F8E-84DA-FA83BD6E1D76}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0CB6F98D-DB50-48ED-A4BD-1108CA828DED}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0CC01BB9-C16F-4CC3-8AF6-07FB106B3B24}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0CCECC02-AA89-4D29-A0A0-3CF3AC10AEB4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0D228B7E-5368-4DDA-AB07-D506F38A51EE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0D356D37-11FD-407A-9493-F9D072385BB7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0D3E78C5-3453-4842-9CAD-D119CB85A7B8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0D4A0440-BFD1-4406-969D-377B03430206}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0E3C9979-75C1-4DB7-9E88-E790C632695C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0EE4EABB-CE79-4728-BAF2-E1AFAA4E60EE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0F7F6F94-9989-43B2-B998-45D3D0BB9F91}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{0FF7CBF9-7457-49BD-9495-F12C64BF8D76}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{102E7233-A233-4659-8165-DCDAD2E6DDA7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{103CD218-337E-4486-B568-4D11DF84FBFA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{107BF6DF-32EF-4B80-B61B-0E187593BAAD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{10AA44CB-DE18-4DC7-B3FF-D8F0D2106FAC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{10F00D66-A2DB-4E45-86C7-F4F92F5F5F2A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{116CF9DC-23DE-41D6-9711-9BC5FFC5B719}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1199C284-87FD-419A-9219-A810B2A4A912}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{12A21D98-8B2E-40BE-8430-B8149308C353}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{12BC7EA2-C6F3-4469-BB70-A8BF98A4B786}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{12E3CF40-F14B-47EE-96F4-E1D61515E81C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{130DCD4E-11CC-4956-A801-2C30A0A9C2A8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1327F27C-8F5A-4FBC-9BCF-B5B5DFBED175}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{135A7E6F-52E3-4A27-BD01-B543810A5D6E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{135AFA5C-210B-42C6-B32D-3F80576EC78C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{13654CDB-7B13-4BF8-918C-FED8D7123894}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{13D6C5E7-5789-4EC6-8E4C-11CA4E048FE8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{13E70C1D-94C6-4029-BF37-D266B76223D0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{14081DDA-1DA5-45ED-B90D-E09B0C98A85C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{14343B2B-F3FD-4ACE-9C7E-08E8197AEFB3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{145C1414-64D7-4C7A-9A2C-CD21A2A3C4FD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{14711BF2-BC7C-44E1-AFC9-D9666AD68641}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1491F4B2-5559-45B3-9E80-C76688AAD217}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{149F44F4-FD41-4723-B673-C7C8416B26AC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{14A5659D-0136-49A1-8159-72AB21F32E89}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1563B05B-4B57-4121-994C-769DE065E88B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1565A87D-E8F9-430A-9FE6-A83FF6CDE1C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{156ACA98-8B73-46F2-BE74-DD0AEA726FA6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{15963095-C50A-46A9-ADE7-FDBC77DCACD7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{159EB7A0-0204-473F-A2A2-49C6AB347C2D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{15B86355-ED2E-4D78-9FFD-98A2132B4045}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{15B8BB9C-5E86-4DAE-9116-8F086131F91A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{162D8F0E-BAE1-4B1A-BFD6-0F643854BDD5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1691294F-71D0-40F6-AD88-909F42B4F49B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{17546DA5-06DE-4C67-B6C8-ADEB8E818D1A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1797BED2-6981-45D7-804D-E630B079304B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{179F3DFB-5098-41F0-84BD-5286309650D7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{17B5ABB7-411F-44B0-B0B5-BC5A05019821}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{180D2EDA-2A62-4FD2-AED9-D4B824B58EFB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{18550C30-D346-474E-94CA-4D62EBFF73C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1860AE24-7EA8-4C42-B674-481A3F9FB1D3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{186675B9-744E-49C2-BECD-D9D80DBCF5BF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{187E844F-E9D8-40F6-85F7-5A6F48230F4E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{18919379-428C-4903-B2FB-F3F9AF84F2DD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{18B0F7A1-E4F9-4363-AA62-13E21849FC85}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{18B7A8C0-4FA0-42E3-9A0A-BE365679CDAC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{18CBADF5-312D-449C-9B7C-39ED3AA1352C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{18E688C1-5B17-4561-993A-B87D7BA85D4C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{192A2A9B-1D71-4D87-B0AC-23DE65AEF266}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1970CD2A-790E-485B-9191-661D875C709F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{19771E0A-86D1-44BC-AEF0-28CB84EDD96E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{198F6FD4-E5E1-45D0-83B3-899DDDD1E4EA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1A79F50A-9F9B-42F7-AD78-D9C6812EA5E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1A8F2B50-DA5F-4108-8CCE-3AF6BE7E643D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1A97B771-0FB3-4100-9F22-5F136152D0FA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1A97F459-EEF0-40B4-90F5-2D8E73561878}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1AA3686C-0180-401C-B1BB-410B8380DAEC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1AB010C1-E512-4630-AC1B-4A9323835BEF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1AEC29BC-752B-43BA-8F11-FBE64635A1DF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1B2D0156-5A44-4098-8EE4-1B8EA6665731}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1B5F70DC-4215-4430-BA3C-81550DBE481B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1B9427C9-67F6-4809-8115-7E9E78D7B240}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1BE2E412-7C40-4D56-88F7-A8C9CDB027BD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1C0866F3-8C66-488D-A395-B6EA862DBF8E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1C1A9D00-D573-4D26-A36F-BFA6434FDCFB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1C5F1C1D-21F2-432B-AED8-3BC58A217BFD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1C9608CE-7254-49B0-9386-062C32E5C8C4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1CB8C2E5-9EBD-4653-8731-B7E88F737E8E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1CC373E2-ACAD-4DD6-8798-853D92EC71B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1D0DC5AD-D0ED-40FD-9A61-00F4F19EC95F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1D3809AC-5E54-4608-9E3B-58F55F840884}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1D4C7032-7BD4-486E-9305-9A17E290142B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1DAEFD75-F1BD-4AE8-AC55-8956C80726DF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1DB499BA-5C16-4B2E-828B-7C566EB1D405}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1DCC7279-928E-4E42-8C44-6C8D652E9360}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1DD6E030-D38B-4F6E-AB14-89433C9BF464}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1E083E6C-5C58-4A66-8E26-B8AA5E12B13D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1E1A9428-19EB-417B-A75C-DB324B673FDF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1E55667F-F287-49B6-B5DC-D9CF05DB3C75}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1E8606A1-B6B1-4C7C-9C04-A92997B537A4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1E95DD5A-C564-4D1F-BA2C-E9227C3A8AA9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1E9DA86E-6DC0-4DBD-9857-8F21DA8E297C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1F1EEF27-08FB-467D-A271-A79771EBEE14}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1F1FA6B7-0801-4372-A845-48132B381D3F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1F3BA266-CBDF-464C-9C5A-CADE96EBEB2F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1F3DBA60-DA01-4911-B797-9DF6FC6A21E1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1F8A2C59-120C-4C83-818B-8FE53188FF0F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1FBCFF6A-1DFC-408D-A296-108294B3F440}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1FCC74FB-B6ED-459E-96B3-CCB94E82AE40}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1FCF91FE-3037-4D2A-8542-3688A990C453}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1FE6474A-2A11-46D7-979C-B82E824883C5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{1FEDF799-FEE7-44D5-8448-C979635017E0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{200102A1-D40B-4865-A2D2-C7A7696623F8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{207A4335-197E-4944-95CC-2169799A4529}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{21948259-FC75-4912-B946-9534B5D4402A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{21BC4ED6-A4F5-4732-B38B-997F31D41DB8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{21D151E9-CF8F-4F76-B677-27E3CE1A537F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{222E7037-4B52-42D0-9915-CC951235DD3A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{22B4E2E2-A917-4E13-8BC0-7A4E700F48DA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{22B5E87B-0FD2-42EC-9A90-078A6B4BA8CC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{22B61AD3-E448-44D5-AC2B-D2706489667B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{22C7657A-3E45-4433-B9F8-CE261EA0A413}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{22D69B44-D245-4415-A52B-7D03D06AD95A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{22D90A45-2F06-41AC-A9B0-0F2404CAB9CA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{230D38E5-B353-47BD-B704-EC8134DA3978}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{234A89DE-1440-460B-A172-7DE266AC67DD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{234F7373-DD5F-4E29-8F68-40C2DF8F01FB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{23B5A3D8-E9C6-4A1F-ADF1-EAD6ED60F728}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{23E65A28-FDB8-4A92-B6CC-254B47889F94}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{23F6A075-A2F6-44FF-BF0C-C40B78F031BF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{244766B5-CB51-43AB-83F3-1F5FA3A2DDE3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{244CEC5C-3334-467F-AB10-705516D11E33}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{24AEAB2E-5C6A-4EC6-B127-7F97455A7DA7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{24BB4240-84F0-411C-B565-AF92CD6E0F13}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{24C3A829-6D87-4C18-920C-2A6ACAD620B1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{24C9CDB3-03B5-45E4-AD25-5468036CA8DA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2543A838-2179-4EF1-88F0-95D617BEB0C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{255F59DE-4223-4B62-B267-2C494725B84F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{26110E04-9674-4F30-8F9C-69D3EF2230A3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{264E2B0E-3AA2-472C-BB45-208DCA3DA81C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{26783811-E9FD-4DCC-ACA4-011CD15570F7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2688EFF7-B77C-4472-ADE0-31E1D6D2A84D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{26CF5E6E-1265-4198-8D67-19B99B15F82E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{276974AB-EEA1-4C2B-A522-0C72E0DEFBD8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{27A734EE-0CA1-418E-95D9-5C9A9C5D2675}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{27BFD900-D986-4933-9B16-B1902A629578}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{27D38C2F-4D27-4F32-A942-4A090BEE5AB0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{27E357CA-0DF9-456C-9D9D-9BD7E59A925A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2816346D-D5A0-435F-9649-50702C16308A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{284C9150-3F3C-4932-878B-A8EBB7C7093D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{286A71B3-745D-4C1E-9E74-C7C46BCA2C1D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{28F93B8F-68B4-4DFD-ABC9-11B9623C32DF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{28F98881-767E-4EC7-9F52-5E2B416728C9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{28FFE074-B9DD-4C44-90F0-D2324C6E298F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{297761A6-B80F-4BAD-853B-04EF88ED80EB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{29C1F824-04E5-4063-828C-906C52F0F6BF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{29CB335B-7F8E-4FD8-B20C-0673F4396FF9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{29D785E1-7F47-4DBF-8D85-433014F69EFF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2A19F11D-2858-470F-9331-0FFA49BF1A4A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2A3D6265-8D8D-44B5-8D7B-A10F1463808F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2A51D995-E235-4660-95A7-B10253FE161D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2A75282D-0AE0-42DE-A589-6BD3D10B5AF5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2B419DB9-5EDD-463D-9691-F29E0AD4F212}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2B570E33-4591-469D-A587-187AF8E575A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2B5B5713-6894-4905-93EE-3A0473C81961}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2BB63A3C-CEA4-48F8-B2CE-B58356D52383}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2C12174E-A37E-4D8F-BB63-DCE7A2088B79}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2C76B113-3663-47E5-AAA7-67C2924ACC5D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2CBBBC7D-F8C5-4187-8F4A-DCA111DA83F0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2D1DCF5E-DD1F-4EF0-A160-F1EF188F4367}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2D4558C4-79C3-4EDA-979F-9B5FA66E8905}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2DC00958-98F1-47EF-AB9E-06595A6FA54F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2DC90C3A-CAD4-408A-B280-03E0FB1BA423}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2DCC2C9D-41E6-4921-B638-DA874DA9369C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2DDB908E-3CD6-46E7-AB76-104B40897381}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2DE84B5B-64D4-48BF-BED0-FC1EFC656198}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2E932286-CC39-49F2-9776-591AAADC98B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2EA8E256-151F-49F6-B6C4-F9186DD6FD99}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2EBAFFAA-DF01-454F-A717-123B5546D84C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2EDD508F-5B23-4B75-ACCC-4A92228BCE6C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2EE85CF8-3341-452A-A6B6-3A35ECB9FB6B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2EF5F5A4-FDFC-4101-B2C7-4531B71FD34B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2EFF9B3E-96E1-4064-939F-916BDEF024F8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2F01E838-FD87-4921-B3B5-EDF6AD297E00}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2F26B3A1-8378-4C90-9B71-F5929AC4819B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{2F3DF262-D160-4BAE-A103-58BE9FC54F6A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{306C98EA-E2DE-447B-BFD5-7765181401E9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{308959B7-C414-405B-A03F-70258658AA7F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{308AD5F1-77BD-47E6-BA1C-B65AAE508C4C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{309840C4-8CE5-40E6-A879-6A07C154AB34}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{30D140F3-ECE3-46C1-ADE2-5A2DCEB91065}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{30E4B69D-FF20-4BD1-93EA-C39F197A4AEF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{30FBD91B-0D21-4307-A296-CDF63DE4184D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{31090668-6D0F-4E0F-AF85-337DC61D5306}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{310EA883-5086-4C85-B3CB-06DB89A65AEA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{31880E6E-55B9-4B4C-9B33-44F757834FA6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{31964985-B062-489F-BA89-3456CC8B4208}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{319D4947-160A-44D2-9F97-7A731F36610E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{31F19715-D802-4106-8F8F-722F09709BED}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{320204D8-0398-4796-9FFC-70961AD03FA4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3253B3EE-355F-42BA-A254-2E5B061F2489}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3275CE9C-DCFF-4FDC-BFA6-0CA16AAF2FD8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{32966F39-CCB9-4CB8-B35E-B86D3AFDCD60}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{32A8FD77-8192-4B3A-A076-7DD6FCF27C7C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{32AAEF45-DBB9-4D74-80F5-344ED81816B4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{32BA3F45-6FFE-4F3B-94DC-374D63DDD3D2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{32D16F45-0D77-4C34-AC89-C20CAA2DB81A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{333B09BD-EB9D-4E02-8FC1-317CD57EF845}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{335DCF0A-A78A-40CC-90B9-A433BBC84491}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{33A08035-2A2A-41B8-97B6-C13FFF437DCE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{33A2089B-007B-4C8A-9308-DA2DA5FFE191}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{33DCF543-300B-4DDF-BCF9-58B1EC7A3234}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{33FFEF5E-7110-4F91-9F6A-CCFF6AC9C54D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{340BD7AF-49CA-4035-A16F-A11F016BF60B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3427E884-DE92-4D1A-A36D-F82DD7BE81EA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3432B794-9C9F-4FE4-B66F-EB12BF21A604}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{347A416A-53DA-4633-84BC-6AA2B2E82C0E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{34823899-4773-4EA5-B43C-1240F7676664}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{34B73938-7F2B-48B6-8BC5-0B4435510640}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{34DF713A-B231-49EF-A489-A8D15152668E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{34F01C25-6F2D-4BE4-8B52-987D15993322}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35306433-12F6-4D34-BFD4-B0EF7FF6C149}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{353BAE8E-80D0-4F6B-A6CC-BBA052B0F9DA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{354BA886-0C57-42AE-B955-229507E8A192}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35710F1D-2121-4AAE-9905-EE4E70AC8BE2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{357CB38F-3441-4300-B025-E3B3B9C36F8F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35825EDE-363B-42C7-8649-68E4BF424395}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35977DEA-3EF7-4C63-AB78-B0ED4EF8D5C9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35D9F109-5D81-475D-AF30-61DA6A3109AB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35DFF3FD-D344-45A2-9A42-55E710B6ADC9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35E81336-CB16-481D-8AD2-07DB67E3D2E8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{35F38EFF-BDD9-4D77-9C11-6C16EBBE6028}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{36402D4B-88E6-4ABE-A79C-542ABBABB549}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{36545F8E-565C-4D29-B820-CF371AA9166F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{36C6FFF9-EDA6-4AEB-9256-8A3EF2E18EBF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{36F03349-3FF1-4840-8A81-CA6B79ADA786}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3739E850-3445-498E-B0F3-8B826A55D5AA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{376D5591-F40E-4DCE-95E3-ACE1D9F83F77}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{379DE3E5-1491-4DCD-9BCD-C072A335C4B2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{37DBDDA2-8423-48AF-B43D-BE0194C4EBC4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{38142C51-4DA1-4F93-9E01-360EC6686A6F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{381AABFF-F689-4221-9A5B-07CC6DBA38E0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3875CD46-BDB4-4B97-B892-59E72782670E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{38B30895-D2EC-42EF-A7D5-9630B26AABE6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3930A54F-13A0-4518-97E9-7D4B6EAFCE01}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{39339054-2420-4A43-A54E-8D0A546CC9D7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{393DAB60-7C7C-49BE-B4A7-FA1D21D003EE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3943CE84-F70F-4C07-B074-2E4C1DC45366}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{394FAEB2-2918-47AB-A275-61642956B2E9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3957A48C-F32F-46DD-B5A8-4003D2D1C8C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3A12C4B2-23BB-4C06-87DF-13987A954819}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3A15AEBB-38E2-4AC4-99D6-07751334AC20}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3A2345C5-ED43-4832-8E3F-D1901303D94E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3AF51C8B-4901-49CB-B33E-9EB1E7E48A08}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3B212B4B-48C4-4BEB-BEE4-367970AE70AD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3BA50A53-A6E0-460D-BB8B-A34CA6872543}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3BA57547-9E9F-4D8D-AE05-52AF9349F5E2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3BAAD83E-6CA9-421B-8DBE-FAA2CF1042FF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3BAF8D49-5D42-489B-A851-42C5C2F6F157}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3BB75ACA-AFCF-44DD-BF4D-0E0460117B96}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3BBC5515-7F0B-4776-BD32-50FEDCF5C5CE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3C1716D4-7AE2-4107-950A-56614A01606A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3C3E292F-B129-438F-B29C-CD04B5EF738A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3C3FE967-8066-4210-B604-284035F4FC6B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3C4D9E59-9967-4051-A8C9-7ECCB92C635B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3C6CCB8B-3C0D-4A9A-892B-EF1891AFAF09}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3CB77810-05FE-461F-88C7-516D57A0DFE1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3D215B35-0C43-47B8-8290-339C93AAD253}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3D32F3CA-8615-447A-AFCB-B0592446A598}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3DBD521C-DBAE-4E0E-86A3-58CE7BC1A4E7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3DFB65BE-042B-47A0-B241-8ECA2D622539}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3DFBF97E-E030-4437-B751-457009D6E225}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3EA74609-D450-4F97-8203-6AFB0F082F8E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3EFC9065-6F23-4D29-A528-78FAD9848439}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3F17C02C-7495-4FED-BF99-D878D8CE1BD3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3F898691-9ABF-4A21-945F-DB3158D55295}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3FB59145-D9C7-4528-8170-D314274E2586}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{3FC875D4-2463-45D0-8AF6-0ED344E017B2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{40498C02-D012-42EE-8DE0-8B6D17431023}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{40659634-64B6-4C30-99DD-696785970B63}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4091DB81-8F97-4094-BDFF-34196BEDCF36}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{40C21233-31EA-4780-B275-02F1600F13DD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{412D32C5-627A-49D5-86BF-C313B19E19C6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4188879C-9217-449F-B38D-CEBF7573F552}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{419947AF-AEE6-4E49-888B-68E4779D5979}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{41DA0C99-BAAE-4376-94A5-4D5AFEAA4124}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4227819B-BECC-42D3-9CFD-0426F8229172}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4228BF91-CE68-48A4-9A9D-E80F256F7656}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{426EAC57-6385-4E5D-AD0B-07CCE42EB180}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4272B806-D807-4085-A035-80ACAB4EED47}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{427F165B-FF2B-4367-869A-50C8FE02DF9C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{431D8B85-7998-4417-9740-78A3E2159003}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{43B9E263-A9F6-481E-BB68-5295B23F261F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{43F79837-8FB9-4847-AA77-B69AC33935CE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{44071910-86F0-4F06-91ED-ADB6132F0F3F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{443B7BF0-3CBD-4CD9-9C9E-6746A4D5F17A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{445E7A3A-C529-4848-958A-ABB332B1BB99}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{44CAB1C5-90FD-4C7F-8F40-69DB70A1D015}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{44F6B2D7-060E-4DC9-B5B8-906C411E6FD5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{45260E7C-6DFE-4804-95DC-ED6D863A5CE3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4528C608-E81A-403A-A138-8A232D7C64A8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4532F352-A612-40A6-8BCC-1F99863A1A0E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{453656B5-32B9-49D1-AF19-AABEABFE4586}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4537D814-FD27-4914-894C-25567F760ED0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4547F259-061E-4062-8B2E-E5610B507BD6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{458FB8CA-077C-456C-9766-FEF95E8C14E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{45922D0A-DB57-490F-83D0-C2BD71A1E012}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{45AAF3A1-01F1-41DB-A848-8C4D6D8C82EA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{45D19A22-6DAA-4125-AFF1-BCE131B972C5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4609C78D-FB68-426C-8012-AA1B518069B6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{465CC2C8-29C7-4DBF-B996-DB6504837A61}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{467D8411-5211-4352-B591-E462EEC97BE0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{46C22981-B2EC-4E7D-B337-6D25B774CB86}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{46C35561-8D98-4CDE-B00C-623CE01E4E45}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{46C57371-CA13-4B25-B91D-45C7EF9D4CB8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{46C69711-0F7D-4878-9619-C3482E53A08A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{46D685DC-635A-4030-8261-2ADEF6F990D3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4701248A-F60A-44BB-99F4-0197E57C9964}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{476642DA-2735-4FC8-877C-D53ADC57635F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{478294B4-4B41-454C-AA50-C2B8C660FA6B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{479FC503-B8CA-4EDC-9C3A-BA75E5479605}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{47E28E04-9D9D-4F54-9EEF-1B54AD2F40EF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{47E855C5-18F3-4A7E-950F-B81DF923BBED}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{481A9ADF-548A-4F19-AEF7-E8C888CBFC13}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{48261FFB-959C-4CA4-8035-4ECCC1E4EA4B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{48F24481-5C93-4ECC-93F5-D407CADBE046}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{497AB385-8C1E-4635-9044-DD05D063C438}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{49A6F906-7837-4E67-B28A-0B5D5B64BA54}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{49A788DB-5E52-4D6A-BF44-19B88B34C2E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{49D96E43-B743-4EDB-9577-EC2751F5200F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4A67E08F-7051-4C3F-9BFB-4A06ABEC52D7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4A687C8B-8623-481F-A52B-45A533E23A86}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4A77E5C0-5C38-4B6F-A44F-B24A8F63C7E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4BE5BACB-06E3-40A3-BA78-DFDAA32C1609}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4C89B16F-94B4-4484-B6E7-20A859624FA5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4C92DA3D-E9A0-4B46-B08B-C8ACF14BE2DE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4C9F9A50-093D-4F5F-9C70-607A9A813FC4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4CF99315-6629-4845-8DAD-C64FBB209833}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4CFDFEC8-CE05-41EA-9509-549247662E19}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4DEBAAEB-279E-4F66-90CB-99976F9267F4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4DECD8B6-2389-46EB-A636-BEFE3F19766E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4EC4806D-27F0-4072-BC51-CB62FC7F70F5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4EE4D66B-825F-4CBC-A092-06C3F692E76D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4EF322CA-82E9-48A5-B556-3D31886491A4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4F0DFFFF-81DF-4D23-A9FB-9D959B4B6648}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4F1A3AC9-7751-4A16-8F8C-B7D0E1AC20ED}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4F24608B-CC18-4975-95F0-4CDCCC448257}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4F43F17A-4E56-41E6-8576-EDDA61D6E85A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4F719709-FD36-4D8A-98C8-D8F58DA26B68}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{4FA5FED4-200E-4C6E-A7C3-277192288553}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{50739B46-3A02-4DBF-9F0F-B043279AF582}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{50855CE4-BB7C-4AF1-BC43-7A37FACB7A77}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{50B50B41-6CAD-470B-92CA-62468856C205}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{511FD864-38FF-4F4D-A2C4-0597620595AA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5125471E-5871-4D12-A05F-E84A142CB520}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{515154D8-7790-4B23-968E-4176D2E0F3B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{517467FF-601B-4257-8E26-A94AB4E85F78}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{51A26C81-F02A-472D-A291-C6C136CEEF68}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{51A87948-F1B5-49B7-BFA0-58D0AAA44C42}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{522CD94D-C5EB-45D3-B9AA-D0D08CF68618}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5232F196-616E-4F97-8BFB-7A99600543AD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{531C260C-252D-401A-A595-50F5DF1585CB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{531CC806-2956-4AAC-B60F-26F9C46CFA7C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{532DD14E-3C6E-4BF4-A879-C7F6A979DA5B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5392010C-23B1-4541-A16B-1E145062F774}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{544C9E6A-CCB1-4989-BC8D-6D4B965ACDFB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{545EF5B5-8248-4FA5-83CB-3F387A94D402}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{548D4B33-1CDA-4294-AD1F-A8B5943E40F3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{54A07F63-88ED-40CB-867E-3748F651B289}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{54D4056F-0ED9-4CC4-B422-9BEFBCE40620}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{54DB9DDE-BDDD-4833-91D4-05594E641814}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{54E93DAE-E970-434B-835A-72983AAF9410}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{54FD9334-E061-47A1-B16E-50B2175CBEA9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{552CD364-3E0E-4DBB-A0B5-ED32B8E5AD2B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{557CF0B3-B7F2-41C9-8078-2C2322BEEA55}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{55D0D05E-53E2-41DC-9B78-4AAFCBE8B1BF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{569CB8B7-6B7A-4AD8-BB4A-C0007CC68F47}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{56BC281A-7FA8-4CF7-BB91-175972120F7D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{56C5796D-367B-48E2-829A-A916A534C19F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{56D231E3-F384-4B2B-B712-0CEACDB5C3FC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{57266868-C966-4343-9CB6-A267D2D066CB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5774B997-C46B-4ABD-A927-3312E67A7235}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5797E913-B8D7-40F4-BC67-759D1765F31D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{57AF1C13-1C68-49F8-9F5A-0235E7DF9D56}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{57B0382A-D40E-4827-9675-6F70EA9308CA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{57D8ACCE-8E34-43D8-B767-4A446A46C58B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{582C352E-C6FF-49AC-BBA0-26FB81E1CBF0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5835D79B-F670-403E-BB3A-03D9E3118E2C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{586E7DD1-D2EE-4B1D-99F0-B2F6A63EE728}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{587B7B08-644D-4F7B-9095-884707E6861F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{58B86B9C-BF15-4E34-8EEC-7F2693D9C89B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{58D2201C-9ADC-4019-BB7E-63A3A9D30C63}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{58E914E1-3757-4DDA-BA0E-09CCC620D9CF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{58F1D860-CDA0-47BC-9354-2FBD6605F89F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5915D58D-5D24-4DF4-A233-9D3459F749B9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{592EC350-BBC4-4D4B-8093-7D6588CAC2A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{593462CF-51A5-4AD2-8CAD-5A176F666912}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{594DA3F4-4861-4543-8077-FBAB9A8A232A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{59765796-E98C-4E8C-BCD1-5E4A25616162}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{598E8D0D-0905-475F-8E25-3C747612357E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{59CFF6CB-100B-4105-B579-B5BFFBFC40C0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{59D93851-9F40-4EFD-892F-5F93775A7A65}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{59FC44E8-396A-4F64-859D-F9EB93F35755}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5A4F4554-4DC8-4D75-8D53-2F015E1011F0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5A555D1D-3F8E-4AA8-8526-7554CD3F1298}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5A579E23-F2FB-4C92-8D74-5CCC0C6B2458}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5B0B7E59-48FF-4BE7-923B-1FD1D0278137}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5B79F2AF-E195-4E81-83DE-37487C5D7841}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5B9E9E05-058C-4587-80B7-92AD61821B11}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5BB7E25F-8D08-4449-8C1F-0D83040368AE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5BE6733A-A083-4933-B226-89C7F1C8C660}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5C342376-CD0D-4259-B667-54A717D84DFB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5D176CCC-B74A-446A-B805-BB1DCF647ED0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5D529FED-D5B6-42A4-B244-9005CC9B6693}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5D66D4CF-D290-4C6F-A903-6341FA44A775}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5DED57FC-1C58-47CF-8E92-CD05502C0BF2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E1128B3-13A8-4F12-9E02-D4B85418BF7E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E12FE7A-A7BC-4C3D-ACED-72D76A40C39F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E1E0133-FDA1-47CE-854D-69C040BE8837}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E391932-DF58-4157-BEDD-15F093273295}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E4E0776-A91C-4BEA-84A7-1481AE39BDAE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E5EC118-3611-49E9-B017-50D68FA14B0A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E7C7F0E-618F-4479-B250-01CCDE97C63C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5E9538BC-72D9-406E-940C-F9DCF0E123A5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5EC6DFE0-3C0E-4887-9489-D1EBA6FE7FE9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5F317380-F59C-486A-A98E-E8EF6A3402D4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5F4AE57C-249B-40D7-8274-E3B862DB883E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5F4CF919-CDE6-44CD-80E0-B702CE24ED1A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5F4E5B0A-00F8-443A-A79A-41341773B1B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{5FAEE245-75CF-467E-856D-B765C0B6F477}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{603656B1-5F06-4C65-B774-28336880F777}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{60C5C23B-CD94-4C9C-A87A-12482E5E706F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{60D6CF73-4D8C-4D0F-BDF0-0C40DF2DEA02}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{60F7B7B2-C692-4F3C-AA19-300D8073547B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{61234520-11E6-48FA-AB36-0A19E5C9EB32}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{61489CD2-C203-4569-81BE-0B2E68580A6C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{617EE91E-4F7D-4E94-939C-2BB22F2E91D6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{61BD9E74-8155-4017-B0F8-F0B4B2597626}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{61F1EBB2-B477-4D93-BB79-E02A29EFC156}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6204E289-3976-432D-9A32-F2D34C9474DC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{62143A95-AB46-42BF-BAFE-9A1B1FFBC2FB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{623A33D9-17BD-47BA-A5C0-5AE209BBA6FE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{626A2131-B9EB-46C0-A11D-FB386D9597DE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{62750290-4EB3-4C7F-B4E9-5DC6B6E79A31}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{62A8735A-1C4E-479E-8A54-5A181A423872}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{62C06A44-BC89-4BC2-9677-0DCC408AAB1D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{62D623A0-3581-41CA-A1DB-5BEA8D8E94C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{62D92972-7F9A-4786-8E30-4DFF9F7FD205}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{62ECF55F-9DDF-46C5-98EA-BD0CA5CE586E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{630BD66A-81FD-4223-88E0-2FBAF31CF991}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{63D9B221-3E41-44FE-A7DA-297714883589}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{63F6B5F4-444C-46F8-B831-17D5CA0AB46C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6468BF0B-FBF2-4745-B370-731D1D20ACAC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{648B333B-536D-45BB-B497-41E95A5A47E1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{64A25732-DC93-4662-B79E-5E373963ECE0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{64FC84EB-008B-4173-A942-65C82886EE7E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{65F0E956-B9AA-48D8-BBCC-9B1EA343B77A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{661A143C-A902-40D0-9B3D-6AAC09BC6C0B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6631E249-704F-41A1-A5C3-2406740DFCD6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{66391F0C-01D8-49C8-9BA0-D27303AF1FC1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{66542409-6BD0-401A-967E-BA91BF3ABD2A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{667622BA-A33B-43EB-AB2B-22C76B82C6E8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6695F2A9-56CD-4E93-B36C-369415C8E468}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{66AD8B83-629D-4FC2-9F81-D0F6304FF8DD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{66B8546A-C490-4C68-958D-34C6B87AD100}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{66F89E6C-85A4-4120-BAB3-4269D6F4647A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6740680E-0A86-4631-BDBD-71A40C8E471A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{67826C31-2A83-4CFD-93CB-2A46C8432C63}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{67867427-A523-4DEE-8BA7-2AF0C842DDA5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{67B0CA0A-8DE8-430D-865E-81A9F616D5CA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{67B71BDD-60CC-4624-B659-F87B39B1D9A6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{67C31C46-F457-41B7-A483-75D0A3FAE1D7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{67EE0523-16F6-4EC8-8035-6C8E33B9337B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{67EF561F-DE41-4E24-A9DA-800544ADBCA6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6814A6D3-F432-4F3B-82FC-C1D40F73CA8E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6835E38A-941D-465E-9B59-287A1D24E0C8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6901364B-436A-443B-9286-A6B3AD2520BC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{696754B4-503A-469A-A2EE-795FE014F0AF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{697DC713-388F-44D1-9443-1E4E89798CEB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{698AEB1B-80D1-4F69-8A16-E7D71E476BCC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{69BDB79E-86FE-414A-80D4-DCFF5C8384DA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{69F2E38A-2A75-4782-8E59-0BBCC1C0F164}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6A3F076E-1530-4D08-8E58-7853C5B0F559}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6A9AF504-15F1-4C63-B965-D4CB427C31B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6B1CD13F-1724-4283-A71C-DCC6AB2F3AE7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6B1F1460-C795-4690-AA8B-6B73CADAFCEF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6B31966E-91A7-4317-AB00-A8983A721140}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6B893A92-25AC-4F07-823B-EE6FBC3A3B2D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6C299070-96D9-485E-9B4B-41587FA07D20}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6C6BF55D-6846-4E16-B5BF-31B679B03C12}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6CB7BBBD-7DBB-4049-AFFF-B5B17B4BCA3C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6CCCA9AD-F305-4EFB-ADED-136DB7110A91}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6D03FEAB-189B-475B-B101-6E372C2A00CF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6D27B0BB-EF63-4B29-964C-9238D9F26604}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6DD6050D-3173-411D-96B9-6D8C7CE35313}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6DDFD9C0-1F3A-4CA0-A7B1-3E9E1F82506B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6E1255C9-7CBD-4D78-83FC-FCE8674708E9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6E1FF423-9D48-4D9F-87D0-88E2D4248DAB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6E57CB60-BAD2-4429-AA51-D4469CB9301D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6E86B022-039F-4F87-8D4E-3DD0EA62826B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6E8FF275-7C97-450A-8EFF-22CC07079662}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6E94AA3C-2E79-424E-8733-AADF848AB83F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6EDD962D-A2A1-43FC-81F8-7B2B900A67FD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6FCEF557-F657-4357-8A7B-DF11993793DC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6FDDE77C-B9EA-4E66-89D7-1E49458A2B60}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{6FE679D8-47B3-4245-9F93-B9DC89C031EB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{70921FB6-2448-4723-976A-D882FEE3DE3D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{70B64374-3743-4229-B577-845B5708104C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7115B5BB-ED6A-4378-9281-4C79115510E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{71220737-CC18-4B7F-A672-2D93F2734164}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{715E66B3-3E6C-49F6-B554-1452DC9950D2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{71B5DB78-8F50-4D46-B3F2-11873AAAD2CB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{72686AFC-0368-4B9B-BD8A-4B328B670755}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{727F5184-18ED-459F-B16E-2175F44AED4A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{72B2901E-8FA3-4086-AF13-1157F4F91E12}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{72B908C7-FE83-4FA7-924B-5770DA2EA722}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{72BE0978-5D4C-44B4-B33F-24F4E786560A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{72C1651E-6258-4457-8F38-F98020AB1CCD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{72DCBCCF-A49B-41F4-8C05-0CD967CA19DC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{72FA302E-F58B-409E-A543-F0C62DD556DF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7301FA27-4442-42CB-AC69-53AABD6A9CB2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{730B16E6-26CD-48AA-9661-861BB7CD0B7C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{73E1A97A-4F05-4462-8BC9-F4274322B57F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{73F617C7-AD7C-43FA-AE32-5868CFB3DDBD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{73F6E28E-C5E9-457E-AB35-3038699C9ADC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{74B0BACB-5D62-4348-903C-837F503C3FE3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7534E397-39BB-48D4-9B35-0247590135AA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7545C34F-89A4-4B44-9F5B-72DCB85426A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7568B592-81FE-41EC-B5E8-6F4915EC5713}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{75A54FCB-ED3D-4F57-90EC-6B99D51E737F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{75FE7BE8-3698-4129-AE95-08EFBDC6E9AD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{760CA8CE-99B0-4065-933F-48482B7EB283}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{76141177-F8F9-4478-AE02-28A4C65DA378}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{761D5D14-82BC-474D-8F09-921B15EC5BE9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{762DD53F-3282-49A1-AE27-EDAD2B102FD3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{765F87BA-2498-4E80-9828-FE79A304233C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{768412C2-0C61-45A1-905F-277F3F520DC0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{76B8DBC0-5D17-4788-AEC3-D0A6AC002F40}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{76C87B0B-9400-4F70-BD76-969A31E1A7A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{76F48546-8808-4D94-BAF2-74F1C6A18D7E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{772791EF-CA96-485F-B94E-BEF29340E8BA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{77366D58-3980-43CA-B2CF-0F7EA3A8B6DA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{77375D1E-5604-4C33-BB3C-EC58E8F26148}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{77703F8B-F655-4AE7-A114-D3916581C4A2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{77C22FDB-1517-4A76-A97A-9D1A6AB7DB0E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{77D7757C-A262-43C1-A83D-83EB6FCE3DEE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{782407D7-C619-48F3-A811-F3B6C7FDEBB5}
|
|
17.10.2014, 18:01
| #8 |
| | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung JRT.txt Teil 2 Code:
ATTFilter Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{78276578-BDDF-48EC-94F3-07B98CDE8F3B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{782F1D87-F8AE-4C81-AE3B-11DFBD898CD8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{78505B5E-30DF-4DA6-8E14-388335535D14}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{78A6F156-2FD2-49A1-AF6B-9CB38A45DEA4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{78B4E9DF-E937-4BC0-9D83-0CBF28636005}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{798C612E-994E-4DEC-95AB-EE36C5E9FD94}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7991B14E-728E-41C8-8EEF-EF7D8C6A479D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{79CF3CF4-4939-44D3-9DA4-20E594FBB361}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{79E437EB-1ABB-4B8A-B377-AE64B0BF5B21}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{79F3952E-30C4-428E-B080-18E454212910}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7A11D68D-FEE8-4833-BCB2-1C6EB33D7E7C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7A2D342B-981B-4EA9-8FAB-6ADF97DE8F9D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7A3687B1-5DD3-4213-8B51-98281F585735}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7A622868-3174-44AB-A1C2-A4C2ECF22742}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7BEEF1E9-A0F3-425A-A317-5C4E1867D293}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7C0F7B50-7A38-4352-A206-565A7EC17494}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7C45464A-73BA-411E-8B7B-010CE1A05245}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7C525C15-E03F-440A-BD07-6D327340F593}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7C7A2365-E519-4B7D-9998-709CFAB5E1D1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7C984A33-947E-45DF-AF8C-254980A3BC48}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7D213028-7C79-4DF1-A40D-275285E6A5BA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7D401049-4F37-49C9-A173-8DB3BCBAAA0A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7D4278AF-5834-4B32-9133-217F788E0845}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7D69690C-C14B-4112-B02B-57A88F6B89EF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7E0F3610-FD82-456E-B058-43E3F07EB520}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7E1664A0-362B-48A4-81F1-F2DE6E6824E4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7E1A1459-82EE-4438-81D1-190CE5EF7143}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7E2F4E38-BBE4-4065-A8E2-3AEA0D894A26}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7E44F14F-BB20-428A-9A77-C8FC9DD73F21}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7E9D1660-EBDB-4CC5-B16A-325CCE421490}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7EAF5D44-78E5-4BEA-B64E-CDE949326EE8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7ED84182-0A73-4078-B70D-99CCA45AF21D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7EF2F185-91CE-4D16-9C4A-B5AA02B255B1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7F0A9D9B-7586-45B4-9DDA-9BF01B8DD7C8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7F3DEF13-88C5-44B4-9C7C-51D8DD35AA77}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{7FA9C4CC-4E55-40F1-A649-759AE27480F2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{801683DC-75A5-475A-B1F6-637010436F3E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8019F3BE-6A6E-4898-84DB-DBAC2F7137AF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{802535AD-ED72-4BBD-9648-AD548FB4E1FE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{802D169D-FB9A-44CC-A4F1-E0D28174CF14}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8044F83D-99C6-47E9-8A46-EDAD64DC82A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{80DB9DA5-0588-4B4D-9CB4-441F0684021E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{80EC2AE2-4B16-4E7A-8807-6FE58203BE34}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8149C8CF-891D-478E-B36B-267D21AE73D2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{81694719-3572-41C1-B18E-E1FA84F27B9B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{82D9CED5-4C11-468E-BE11-5D02DE7ED6F0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{832B66AC-C0A0-4B2F-941D-18EBAA0B6805}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{834C8027-BD13-48CE-A8F6-ADEF30CFBD5B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{834DF821-3841-406B-91D6-3ABA2D983EEB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{83D53776-02E4-4D18-AF42-D80921D9ECD2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{83D6CDCF-B9F2-4389-9A66-30138394ECA2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{83F3F1F0-87DA-450D-871C-08C1406A1D40}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{83FFC372-65BB-406D-8E77-5C56DF7F5940}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{842FE593-99E7-4CDF-B215-A2AF1CF07D68}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{84603BB0-D3BF-4AB7-9663-F2A230E8A1EF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{847E0A38-F9B3-4BA0-925A-716815777316}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{84A4B404-0EED-42A3-A668-5230F5DD2B28}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{84CAC106-C0C0-4568-A890-653BC3F679DC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{85F96A42-6FAB-4708-B67A-38E0B65D2CF9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{860B52C0-8043-4409-BC00-9E1E62E8C0C9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{86259561-D379-41AC-8E44-F229D72DE675}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{866AF424-14E2-472F-A053-AD1ACF62218A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{86BCA5C5-DA3F-4F91-ACF7-5A4ED5FF0F98}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{86E1DE86-025B-49C8-983B-A7AD4A41001F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{874D1ED9-BA4F-40FB-8CEA-41C94B24F7A2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{87EA6DD6-7059-4FC9-AC0D-55F22E4389A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8829691B-4F68-4B57-AD75-B36F09CCB47A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{88296A27-AAE8-4443-A10E-7B5094FBA3D3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{88D98007-F8B1-40C0-8910-6E78263CBDF8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8903172F-2D85-416E-B4FF-177AB3CF0F52}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{892B3D6B-95AC-4C85-9CD8-446BEE528E5C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{89483467-DDA0-4F20-A223-0246884CB88E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{896E1BC6-E9AC-416F-B293-A44FF5439B55}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8974DDBE-AEDB-418A-8C4C-6616BA728E37}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{89810767-26E3-4674-97EB-CFB9911A1463}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8998841A-8DDC-4C14-B010-89F8EEDD4047}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{89BCA240-2266-42F2-9C03-B78090A6230B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{89DA5C8C-350A-44CA-8485-5CC856A9A043}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{89EE5996-043A-43BD-8837-D2F59A58DD9E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8A194848-B285-4378-B472-05D0055B15FA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8A274DA1-55BC-4A86-9798-C3EF9B6791A2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8A334283-BB03-4AE0-9BA3-E7DF128A7734}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8A8A61B5-2381-42C0-9A1D-E8595CC82153}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8A8AA05A-0D76-49FD-8231-3A7916676CE4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8AADD285-92A1-4B47-B9A2-E0F1FBA0C2FF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8ABA6490-DB07-496D-9EAF-4C9E2E24D8C6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8ABDA036-E3AD-4AE5-9EC7-FCAA33FD069C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8AD7A7AB-8720-44A0-B68B-29EE3F872372}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8B1909B2-D551-45ED-921E-E045C3C25407}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8B646227-957C-4DB5-B688-DA52D3467245}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8B7B8AD5-B43F-414B-901B-0DF6C20FEC60}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8B8C3B5E-F953-4802-9711-BFAC53373107}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8BC77232-3F18-4F12-8575-7C142566DF8B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8BE07E78-C90C-4864-8F43-4FB93D6F2E13}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8C128966-E67D-415A-ABEF-50D852C3A9A5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8C981B06-C3B6-489C-85C2-C9747813ED38}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8D06BC33-117A-46F5-8019-D042C17C8506}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8D285652-F814-40E0-9077-083EBAACDCA7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8D69E1FA-3ADC-4C20-9A74-FE7EA5E9E179}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8DD78B06-787E-436C-97F8-10678E92E7F6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8E3435FB-B0A7-4690-BD76-3520A0DDD0B0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8F556546-C6CD-4546-BFC1-2B524E9D48D8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8F5A82A9-381E-460A-ADD5-2FCCBFD8BEFB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{8F6E9F3B-13BD-4D81-88D3-6F108D88670C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{90048530-C4E1-432D-BDE7-45B1BE22B57E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9038BD08-9E88-4D13-BD18-415D621B9369}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{907CDDE5-5674-43E2-AE5A-1AB6A1A47EB5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{90A89517-4DFE-4AD3-AABA-7AA2B5DBE335}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{90EC123F-764C-4A0C-A175-D9E57A99449C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{912CCF20-92FE-44DA-A2CD-8CB87F8208B3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{913EDDDD-CC85-4DA2-8FD7-340B89C9641E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9146AA6E-47F4-454F-B82B-CE6063B6055F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{91565A6B-99C6-45EF-8957-8B75540C8574}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9171EFFE-6577-46E2-8454-65D911C11559}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{91725BF9-2F64-40B0-A53A-C3D2A41878C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{91D97E14-6872-4FAD-AC28-9543E2DBE514}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9215A8FD-C7F6-4F5E-BB4F-908CE830069D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9223F4BF-36A3-43E1-B5F5-887ABC9391DD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{922AFF8C-9F8C-4998-B481-5B1C301801B1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{923996CF-23EB-4288-87D5-C0460C1A4814}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9281FE97-73BB-48A9-AF2B-B7737C3CD0B2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{92AA5AB7-B455-4583-99ED-0D82B00ABE4E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{930F1D17-605D-4274-8A46-0F5D0FE344E5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{93535CA1-37B8-4752-B101-004E48EF01E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9366265A-74A2-46BA-AD90-E89B521FD1F9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{936AF31A-9C06-44FA-95F3-DE73BDCDF103}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{938D4835-28B2-431F-8486-3EBCE755D257}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{93A5D6B3-C76A-4152-9E26-4DA850626750}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{93EC886F-C109-4C63-88C0-0B1216AF3303}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{93FF3C75-4C60-4C1F-A56A-E651B233277B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{94BD78B3-1BDA-498B-8B3F-181D7F9D7FB9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{94C67A01-6459-4764-AE96-811689624F27}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{950615AD-5FCB-49DB-B5DA-5F79DB2F2C9B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9549767D-1D54-4B2F-A815-B142BDA8098E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{95910073-A3EB-471E-AF04-CB4D1223EA11}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{95966EA5-DF37-4540-A164-20356A606780}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{959A4CCB-2370-4C90-9360-57770C976F41}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{95B75D87-AB9C-4CD8-89A9-0163B97A71A0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{95E2697A-CF65-4ACD-98B3-5577CDBD581D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{968D2E6D-6D60-4653-BE07-D1BE0D20F95F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{96B47EE5-0667-4BB6-A01E-51B334AC2735}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{96D108A7-AC31-44D3-A5F1-E14DB7C25967}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{96E1DE53-C231-4324-92B2-228BCD70E590}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{96F04578-51A2-4A6C-8CD3-A54FD0C91BC7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{96F302F6-90F3-485F-9EB1-37645C82A68E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{97024EE0-066B-43CE-8738-6C5FBD86BB49}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{971C0078-5A24-43FC-AA4C-D3E842D1E9AD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{975DB750-F46E-4862-92B2-382BD98EF21F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{979F5F64-A60C-402D-9C49-16375948E115}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{980A9E84-DD27-426E-B34E-6BE095E50BFC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{982C0649-1ADE-40F4-891E-1FD0C104EDE4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{988DAB14-93FA-485B-BEF8-8F19C83378A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{98A888B5-CDD0-40A2-A0C6-20030FFB93CA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{98C74F68-218B-4B99-8D4D-3FDD90DBF138}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{98FD317A-CD21-4EFE-A322-DC3432FB6F3D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{990B329D-065C-4782-93AE-03002EA391BE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{99543FCC-D935-4B1A-B4BF-6AACDB989C89}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{99E34107-D8B8-4886-9834-D9B1E4FA847E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9A2A6D0C-12C6-4502-AAC2-529AA58B61DE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9A54B591-DE5E-4825-9F69-9DDAAA2F8038}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9A5D1DCA-B336-49D8-B888-5B34D956702D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9AC0C870-D8BA-4D0F-AE5C-553B35BDDA66}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9AC49857-9BE3-47E9-A5EC-774729980B0A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9AEC87DB-3177-4602-9180-050F57A0EED3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9AF7C3C1-ADD4-4EFF-A81E-C2A1B58D244C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9AFDB891-2579-44B2-9C56-3253EE485FFE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9BE7940E-4407-4289-8FC8-4F6E3627E1BE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9C04256D-6DC8-4605-B2F5-51E20ACC355D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9C3618CE-1D1B-4D45-B7C0-1CF5E624ED08}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9CF26AF5-29EB-468C-8F38-AAAE73C4F070}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9D266CAD-7170-486C-BDF3-02A3FFFFB0F0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9DBB21A7-E19B-4114-9187-A59F0250E847}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9DF9FE75-03A8-4134-87DD-15D259D8418B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9E71282B-328E-42F6-A6BA-9C1E4DEC75DE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9EDD4D1C-6EA2-4D1F-BD16-17953A8D53A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9F1EAE67-6E62-4B23-89EE-30C1CB192DB4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9F44B868-F892-4AD9-8F32-1F0FE4B2D924}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9F534C0A-0134-4F56-B619-697F5049020E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9F98B3C6-67B3-44DB-9BF4-3AAB015A09A8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9FC10D94-3611-42A2-B155-E2CC68DD4142}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{9FEA4FE8-1C1E-49A9-A1BA-2DAB2B3EB6C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A018F75E-A6DB-41EE-8C9F-71FFDE9D2FC5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A0194819-8C45-4300-8F17-7EB1BD7ED964}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A037D0D3-0ADB-4CC4-BDEF-48537B866F16}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A04CB594-DD3B-4C5A-AD5F-D9491F2B2FEC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A0507686-4C4B-475D-A8B2-703F7C97A77D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A06BA516-36B3-4F2E-B93A-70DF7E6C1724}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A09BF792-9820-45C7-AE33-576851AE174C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A0A5C737-3953-4E52-9113-4DF9EAD4923F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A0D07F41-4DCD-423D-AFD6-22853356EAD2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A0E6D210-0DD5-48F9-8286-5ED099C93545}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A1047C0D-1F8C-474B-84FE-119A12E1C452}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A119EF8F-2DF0-41AE-B6F4-FC87506BCE7E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A131F413-B8A6-41E2-9DC3-2D55CF56F365}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A163F3D6-50E7-49E8-8CCB-184FBA1DA4E5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A1E9E801-F068-487F-87B1-A644B763102A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A1F73A7F-0FFF-4A22-B149-CD18F06C91A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A2D65238-C859-4A9F-94B1-C931DBACEFD6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A2E88577-D4CE-45D9-8400-938237986A51}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A3954458-C3F0-4012-9547-21CA7E74B86B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A3BADC7F-D830-4869-B97B-2BE5AF423192}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A3CBB240-F7DF-4102-BE9D-6A69EF280A4F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A3F4E4D8-D301-45BF-A819-E3C673287BB4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A4188F87-7DB8-4896-9579-0FA4098A1375}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A4A873B6-96F8-4FB2-8D81-C87DA0B17A83}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A5AEBF8D-4BC2-45BB-822C-7A18B9885166}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A671DFC5-22F6-48D0-8B77-57448C818142}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A6C242DF-5007-4334-B633-42327B04205B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A6F31C73-E120-49FA-9D2F-9C22198309E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A70BBBC0-361A-43F9-BBD6-8B482802C6B4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A70C6C00-4C76-4B97-B623-CA19EA0A47D5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A71E0CE5-1B1A-4B1D-9A91-F04D4CEBDCAA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A72B1A15-4F3C-40D6-BD2C-41D5D202E373}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A731F61F-B055-49FB-A14C-0BE1EDA8212A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A75B6E04-7972-43B7-93B9-8444A2A25A33}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A761B81B-5FBC-4754-B20D-E6F55073428C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A7E403B7-E8EC-44EB-9C2E-3F32C22F93E8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A7EE5BD0-DAB4-47DD-91E9-D03ABCBC679A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A8A2A00B-16D0-46F6-AF1A-0BBD66E014E5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A91305CA-8DAB-485E-8204-1FB1E7CAFB51}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{A92160B3-0400-4BD8-ACE9-91A88663EFD3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AA070B71-A0C5-438C-A336-DBE9E782FDCF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AA92EA13-89D4-4D29-AA65-C800A73AD1CD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AB0A8D01-1A98-45E6-B0C6-3DFC78B8E396}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AB1E79C1-2257-45FC-82DE-60D20F8A679E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AB602A7A-2F6E-40FB-AE82-921507122643}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ABCE99AD-F0E2-4DF6-B1D7-C7562CE49840}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ABD852A9-ACA2-46B2-9495-ACCE46139FBB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ABE721AF-B82E-4CE5-860D-4B4D591E3C5E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AC4BA06B-9A1A-4474-B5D0-EC7EC6BE210D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AC713052-095C-42C6-8D95-2D49127CE525}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AC792671-64FB-47F4-A7ED-F14AA7F80A30}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AC91B490-E1F1-4426-97A8-3DD9768F599E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ACAF49EF-94E3-4C9B-B62E-0C8F04595B17}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ACF16407-EE2C-44F6-9265-0F7ECFCD0625}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AD284FD3-4C17-445C-964D-70BA2F5375A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AD37D4BD-1D99-4B1C-B4B4-1653E393DFE0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ADA1E9E8-AC83-4D5A-AC9C-B50ACFACCCA7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ADE75A3B-9666-4527-8C98-02B599E0A2E5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ADE9FA5F-151C-431D-9C84-E877345121DF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AE016568-1E0F-4696-9BFE-EC3DC1CA1C38}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AE1B4CEF-244A-4BEA-8D4B-D6BA33BB8A3A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AE6BD81D-7072-46DD-ACA6-AEBDC04767AB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AE705460-FC54-4963-9F8B-B72101FB69C3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AE7C9A1D-AE5E-441D-9EB7-AF601BB5C27E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AE9E2266-ED9C-400F-9DE9-6EA4BEFEB287}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AF893401-5149-47C3-B0F0-86D84DEFEC50}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AF9909FF-29D2-4136-820A-E2CB7211BA3F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{AFBEBEFF-B03F-4AE5-9A0E-290DFCB084C2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B00CE0FE-80A7-4544-A599-B907EF04DB5B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B06D517D-EE71-4B37-844C-C72306BF956F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B077BADB-C520-4F9D-90C0-7AC3915F50A2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B0FF1F45-DAF3-46B8-A370-5C24D5004DD0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B186A4F3-05D5-4364-8C4F-82138FE01176}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B19DC500-52B1-4EAA-BF7C-DCD96DCD7E9C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B1B1CB29-7682-4DCC-BA14-0D15D661F3C7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B1BD25DA-E02B-44C8-8823-AC575FA580B0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B1E29575-DF45-4327-A8EE-8795EC7AB13E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B1E5018D-7C48-4C20-9E4F-544AF0C342A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B31EE088-26E0-4242-844E-D683C2321A67}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B32BADA4-6B4C-4F6D-AD07-A1560F63A809}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B34521B0-6A45-4C0D-9D3F-770CCC26FC34}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B3787E9D-3599-4251-A00E-227541D4916E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B3826962-2695-45C5-A133-ABE92276AAE0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B3FF9971-F6DF-442B-A0D3-2EC1F79087A8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B41E6FFC-465D-495D-AAEA-2C830261BA14}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B432D006-40A5-4A5B-8D1F-3B4A141904AF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B45C7A63-0B24-4336-B2EA-60E43F720D6E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B4CF6F6F-E053-41CC-8F24-D5596E373E80}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B50C211D-CBA2-49FB-B0FA-8F61A9314AE7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B5B112BE-75E2-48B4-BB81-08589E71A1A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B5C8CB40-9F50-4022-9594-076730343569}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B60B3E27-C350-4A1C-A512-FC190024938C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B6451844-BF31-4227-B2FF-C27A32E3196C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B69CFF9C-54A2-4037-BE8A-21E9EC1968AF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B705C1F4-D76A-423F-A083-4FC299CB31DF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B7354210-A5D5-4ED7-A944-92ACEA6A4025}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B7697DC8-436C-47F6-9E83-6F7EAF57446C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B79DE390-06A0-487A-BE20-B594CBCC6669}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B7B583B3-38BA-412D-85C1-B5A4AF6D3B3E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B7FA2F76-7F41-4B4A-980D-152E067F1C64}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B827E484-40DD-4530-AE18-1297046CEA53}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B8B87844-236F-456D-B1ED-374F7569FACC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B90BA977-3A93-4233-8E51-BC6855AC0821}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B9C5CB34-9C23-41C8-A0FD-58ABAE7625F7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{B9E6BCBA-93F3-4DA3-AF96-98C7ADFBB9D0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BA26C59B-2F44-456A-8548-25D45DCB97A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BAA24C0D-E9A4-4A26-8C45-FEC8186E4703}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BAB6F55A-8F99-4B22-8FBD-FBF004D55D16}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BAB969B0-406F-482D-B1A2-482AF7CB8F0A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BABA3ABD-BB9E-44E8-9E18-869089ACDB74}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BBF7239F-AC0B-404F-AFAA-5962FB3C2F61}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BC08CF91-E08B-4AEA-BBCD-FEE109284C65}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BC0E46CA-E1DA-4FF7-B285-0F12CDC91D41}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BC7F6EA0-97A7-47F8-8818-0F018B8D71B8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BCDE2BD8-9FD9-4764-B33B-E267ECD72515}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BD4B018B-C858-4E04-A505-4E023015F02E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BD86285F-3D5E-45AC-8195-D56B93DC279F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BDA32A04-867F-4A23-A586-548D299C9A53}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BDC4B565-DA69-4E1F-8C21-16E856655B4A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BE263A68-5C6D-45F3-8590-B6334A772B8C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BE766EE3-2C42-4386-AE3E-C5BAB6796C54}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BF6CF944-BA5F-4550-A1AB-9002EDE13CC8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BF6EA515-9BCD-4A0E-AE35-B4DEE33F1C9B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BF7DAFBB-4C2A-439A-BF2A-DD60C2B5FA78}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BF9EFF0B-77FC-4298-9034-4E3882ED5B96}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BFB8181B-4891-4A86-AF4F-051449B7FFAE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BFD7AC16-C23E-4C9B-A44D-3113C83E28F7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BFDB84C9-11D1-4F00-A155-7880083F7C49}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{BFF94BC5-660D-4E12-B074-4FCDEA0D1BD6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C04E7A8F-FF3E-4764-8F8E-F1C1DCCF40C5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C0733D4C-6115-4419-B46F-1BD1D06603FD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C0A05965-4114-4D11-999D-EFFB80F366E2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C0A7D0EE-C0A9-481D-9B7B-187A70BDCE62}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C15930BE-5004-4991-9BE6-7311FAF73371}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C183D97D-8FFC-4C90-B0CF-09FE10568E7D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C300DF5A-79F0-4114-BBF7-F07533382D92}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C32FAA0E-21D5-4B07-B7F9-B00ABF61602E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C336B7E9-B3D4-41C0-A1DB-E777B2FA00AF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C37C1BC8-AC88-4DAC-8A95-55566BE84039}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C3E9EF64-A708-42DC-9D3A-C5A933DFEBD0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C4C7769D-3B93-4F76-98C3-93DD9C9935A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C4D89764-0CE0-4D2A-9506-21BE1FA5A02D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C4FCD421-A72E-4A12-A333-F81CF1981812}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C51EB2D4-6C5B-4B40-A98D-408B9ADCCD00}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C52C7A40-4510-4710-BA98-C957CC2144EE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C53921B3-2A46-497A-A34E-D43B864DB759}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C555BAE8-6CF4-491F-BC3B-6C241BEE686D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C58E21A2-82ED-4C81-99E5-3E748DA46C00}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C5A7196E-1E4A-4B96-8777-A3AC67AD118A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C60FAD48-67B9-4F86-BB79-D18A383E1F72}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C6CCBC34-BE07-4F07-BDF7-D26D4D938B12}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C702D0A3-FC2A-4BF8-A730-D5D874F1C2B4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C722D352-1478-439A-8620-B17497E477ED}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C75D3879-098D-43E9-B7F8-95848BAFE619}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C7FD5C46-39BF-4A36-B35A-8DE445081CC9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C840088C-9235-4AC2-BB04-16D00882E838}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C8E18A74-E040-4861-8C56-9D5C35D28A76}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C8F2ED31-4A5E-4C21-A2C4-0A460777B765}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C9160569-53AD-474A-9BB9-CB87FB00FC1A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C9A748B3-ADDB-4890-8E65-7640091F7717}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C9DA973D-CE23-4E2A-9678-CF740EAF43D7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C9EFC75D-6DDE-4D4C-ACA2-BFAC164359B4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{C9FA413B-6746-4338-9C30-921DA67A79F1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CA8A7826-5934-42C2-84ED-4EAAE61A02E4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CAF3164B-4898-4BCA-BE24-CD91839DA8C4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CB28E05E-1303-4647-AB38-47424A2FB648}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CB48893C-85BD-4923-8E9E-528DEDC78571}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CBBEEAB1-D0DF-433E-BC90-DEAE8A29D8AD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CC0311AB-51C3-44EC-87BE-5BE618461F80}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CC27F119-D6D8-4D9A-B0D2-44A96C5CFD6A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CC8028E4-4DED-4142-860C-AACB7062A421}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CCED417E-B5E6-41D0-B94B-6F883F23E672}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CD3EA7D6-5936-4F9F-A5B6-CF9C9FFB557C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CD6CDBAB-3C67-4244-960C-09F3A4BACA63}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CD6E5B01-50E1-4BA2-8493-30494A1A9C88}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CD6F2E34-1C53-4D0E-BEA3-ED5857452B47}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CDD3BA04-9405-4B1A-A8E4-E21408F0BCED}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CE0C4DC7-09AC-47A8-8AF3-124A665587C3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CEFDFB0C-366D-4CE2-A463-60C4499F3AE6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CF03B00E-6976-4392-AC54-14C95C542288}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CF3992BA-EFC2-40DE-B39C-98EF2F94C5B8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CF8E88E6-8BC3-484F-B2D4-06E1EEFB02B8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{CFCBC767-855E-4957-A960-7E9442299846}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D0822600-DF42-4705-85C7-EC9F5A5B9240}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D09CAC66-A194-489C-A80C-234C7E2B9CA5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D12CE4F5-71FB-4A94-83DF-B7955B4049CD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D13244B3-310E-4378-822D-1D46908AC5F2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D19B4271-76FF-4012-80B3-641F4FF0EDEC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D1B6E812-4BFC-4E58-9FDD-CF1767C1F298}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D1C66DEC-7232-42AA-9DE7-9DA47D0E21B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D29CCE58-E380-4DCD-9BEB-EF04D22659CF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D2A12B4E-F79D-43BC-8C07-BAD51F6358B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D3263BB8-E0F4-4461-8220-4E45A0A9751C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D39C9733-A08B-4912-AF9F-4B963E39F567}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D3D5B994-64EC-4CC7-AE5E-064651940A8E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D434504A-6855-4235-AAEE-287BD3561FDA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D439D994-78A1-487A-B690-CDCEA4D3C5BA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D44FE663-60FA-4442-8E87-0D9CA035D641}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D497C363-EFEF-492E-94AC-1C06BF650B83}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D4B7256C-B48C-4A97-915F-6F0840046F4F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D53F8E7D-3D3B-48F9-88ED-437FE73F3C6A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D5648BF9-512E-47F3-BA36-C0296D06556B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D56F2367-B8B0-4263-A0D5-EABC525D8CD7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D58CA3B7-C988-4320-BC55-60582D57E917}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D5AC9036-88F2-4116-B37E-FF6609DB7580}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D60598BA-76B5-4A4A-8D52-4195EDC2AF7E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D62D8890-B08C-4DA4-9076-397C2AF1EAEB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D652F426-EBB7-43BD-B867-78558C6AAEFB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D6C6B930-9A27-4560-93A9-C22FC6E07500}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D6DDFE5F-DB1C-4B4C-8E8C-A3591AAFBAB5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D76393F2-80CE-47B4-8C80-169C2AE4334F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D7BAD4E2-5057-4A69-A67F-4B8F2942C478}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D7C34DA5-C9EA-447C-9E82-563F02BFF57E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D7EBFE1A-D985-4EE0-B56A-7F623850C2A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D805EC3C-12B2-459C-A83A-5CA8F03B1391}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D81BF731-4AAF-4862-8FED-DAF0681579A9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D82AE74E-9CED-4E60-8600-8F13C43ABB6E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D8ADEBC2-496C-4AB7-B411-A6F2814FDC4A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D90F2EDD-32CF-4DC2-9268-7F3F30CBB255}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D918FFA4-930A-4652-9C3F-848DCEF776AB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D921C8E0-031B-480E-97EE-0AD979FB03C3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D9320A81-C372-477A-8E6F-E210447BF9DD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{D9C00C3A-91E3-4D9D-882B-1B8089AC5AE4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DA0B7C8F-65A1-4BEB-AD20-677398FE65F5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DA1520B5-D29E-431A-91CA-4C1C2AD51DA2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DA745DAA-0D37-4BD8-A0A6-F0B4FAD389C8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DA959620-CA97-4602-BA88-843F5EC502C6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DAA51473-30AA-4E91-A3A0-288924DC90B5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DAB2916A-6070-4ED3-B806-0B0D317A2790}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DAD948A0-ADBB-46A5-9BA3-BE8429CD5175}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DB1033BD-2C36-41B6-B16A-63571948D90E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DB2BD6F2-1D08-430C-9863-E7542CE11011}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DB71B2EF-D4B4-4ED1-9C07-C9201B5CF204}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DBA799AE-E3DA-4ED4-93DC-512D1CF8929B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DC5AF235-F4E0-4A82-AE38-E2F98B66AD4A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DC6D8C47-CE14-400D-B85A-634767A3DB64}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DCB74F7C-82EE-41EE-B723-79FD5A331C9F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DCD1BC21-4809-4C3A-A04A-67D9518F7985}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DD668881-17E1-4C2B-9767-7CBF1AA7A892}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DDF9CEED-57D6-4876-870C-848FE51831EB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DE17D0E6-2509-48D6-8103-AAB40B0403BC}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DE444F89-57D3-493D-B9FE-1751268D1F16}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DE5C296C-A183-4E08-962E-6E8670C9BB15}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DE903EC1-054F-4E5E-8C37-5F9013F6838F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DEA081D2-798C-4E61-A705-BC4F46A590DA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DED7D124-7B6B-43AB-B3D7-3A51000DA769}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DEE98296-FC4A-450F-8588-5AC3916D3A9B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DF4AC26E-3872-4E79-90F8-35AD232BD974}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DF5C7F99-C4DC-4E96-BA20-EC73473AFD49}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DF7DD915-A08C-48B7-BE3F-D57060793A6B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DFD89D87-248C-42FE-95C8-C6995ECA2E7F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{DFE05BBE-C191-49A1-BE8E-D98AEDDF54B3}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E057EDFF-8D6F-4013-9DFC-8F43027A2DDB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E06A487F-E8B8-4671-B3BD-FF2263665787}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E0831B60-F239-44B3-8827-D41C2E0A5A33}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E0902503-5286-4F50-8D58-6E378A2DF97D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E0F52F2E-4F60-42D7-9F6B-5BD83510E016}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E1A61927-3841-4654-B4C2-DEEFCE64C4AD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E1A6A28C-0B63-4495-BBB0-C408D64EAE66}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E1ABA0E2-AC0B-4ED7-9E71-84329261B70F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E1B357AA-307E-40F3-8716-5066E60DF025}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E1D36B26-A97F-4377-86CE-B8D97922A739}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E1E30B37-FABF-48DC-880B-1D9E0B17DCDE}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E1F6059D-E195-4960-8053-E100189F90D4}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E29FD903-3638-45CE-B353-822A590F1DDF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E345FF7C-A61B-40B3-8ADB-1D88EA427679}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E35269DF-99F1-4719-9ACB-998492691201}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E36ADFC3-DC15-4454-AF75-E21D62763E1F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E3773D1B-C705-44E8-9C5C-C0613AC24B57}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E38BD9DB-60D3-4966-8DBE-C7336CFBE2AD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E396F0DA-6627-43DE-B6A2-8960911CA5F9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E415674A-A5FC-4A98-8B5F-EECED0C5C703}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E43247EE-5E88-4539-B08F-9C3E79F98DE9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E43FE159-EF08-4E5F-A3B2-14A4CD33461F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E49A7E4F-1FAB-4BC8-977D-78D7D027510B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E4D82292-DDC4-43C9-9AF6-8437A591983A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E56C588D-0596-4F09-8806-6A22CD623123}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E5903553-2D35-4FE7-8620-6D665377C606}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E5D94F08-1EB9-4D14-9684-A9AD77F36F05}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E5E7CD62-47D7-4583-A04A-E292AF5CFFC9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E612C9AB-00C2-4B0E-AD4B-32AECB4CC446}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E65E9382-A6C2-4B65-BC77-F487E91DF73D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E6ACE57C-A395-459D-BD57-944851FA3F37}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E6C2343F-7015-4396-AD7D-6FF833BCB865}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E6D34D34-F89B-4066-A854-736365695545}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E6E1C3AC-5CA5-411C-B39E-C1AB3D8C457A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E6FD8C67-F6F0-43C4-BCE6-EBEF7F55781D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E6FF3341-6700-463D-A729-02E4ED0B90B2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E70978A9-5760-4E31-892A-9A7383901DE2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E78DF510-B331-4D57-AC7F-908061055420}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E79CA001-2DE1-443A-A602-53BEF59ECB62}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E7A9AD64-1B99-40DE-8745-0870F2968AF6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E816E393-F90E-4D64-9F1E-890AE69C9E5E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E8834C63-8968-4456-BC3F-55EAF25E41E1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E8865CF7-4476-428B-910D-A60DEB8658AB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E891270D-D9A2-4A74-B7D0-5E67D4F8D25B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E8B3973A-F769-41C6-BE19-079EFD207FB0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E900C76F-9582-47B7-B220-F679F4FD9FA7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E9059C25-E7FE-4A49-9153-66AE02FD6F2D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{E9B4C960-9770-4F9A-BC25-C3CB21729674}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EA0DF2B7-98E2-444E-B387-916DA502C00A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EA397CAA-3CB4-4741-8CA6-906F7562B459}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EA741D96-6C61-4C6C-AF44-BFE5BA1B5AAB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EA7792F8-5FCB-4AC9-A798-0B94C5B75E61}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EA793E14-424D-4C23-BC5D-87EB06521AA2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EA798E33-6569-42A0-B126-405E4DEDE942}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EA8BCF2D-5777-46B4-B835-9CE48C64E4D2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EAEB2951-AD4A-4356-B6CC-6C0C2A0809F5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EAEDD887-32B6-4329-9984-948843FB75D2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EAF28E62-A1ED-4FBE-A0F9-97D303A22657}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EAF59199-3540-4714-849E-F4342185AFB7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EB00411E-E690-4A60-8B56-4161341DF055}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EB02D2BB-C60C-438D-A928-935D6BDB76D5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EBCADE14-A890-4D5B-B6A2-2FD212595FA9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC05492A-0028-486C-B6BE-D66D1D742ADF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC2DC874-6163-478F-8CCF-FECA7FE8D0AB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC4CD4A9-2032-453B-AB0C-B845CE9459F0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC522005-A896-4EDF-93A7-53B962ED6124}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC6E21FF-C2DC-4E32-A964-8E15D7D0914A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC76D671-3571-409B-9FEC-23249270D550}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC8D60FE-4852-4FE8-9D40-402B8FB8FC28}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EC8FE7C1-4BA3-44A2-9E85-53C6468DD0DB}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ED111C95-0F8B-4A18-AA0C-1C1F7E55979C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{ED5B7F1B-AC04-48D5-8144-E4A1A39BC335}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EDA8D32D-9111-4041-B307-613B4A5C0005}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EDB5CAD3-3D43-4221-ABDC-A2B1DE51891D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EE37E49C-9178-4C4F-89C5-ED1343035401}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EE4F9C67-F784-4CD4-B04A-E16353BAE270}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EE585809-FFB7-40AA-A549-E3E22A469E0F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EE6A09A0-0189-42EA-9836-7A028FA76C85}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EF1820D7-D135-474F-8454-244313074D4D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EF427E55-27E1-4DE9-8E20-2E289400A513}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EF81E692-288B-418F-B317-3B87C4E15813}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EF86BF78-F438-4A45-A538-8058203DA0E6}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EF98B971-BDEA-49CC-BD34-E9299FA86889}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{EFFBA686-85B7-4D09-8B1F-007AB496F084}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F03896CF-E303-4A58-A33E-3171D004B17D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F093897A-EF7C-4A7D-BA91-A20453CE1E95}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F0A15084-057E-44B4-8986-BAD768EF7A32}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F0B58A8A-C9F5-4EDE-8761-776FA7844C09}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F12AA903-CB40-4904-9BE4-879E7093E6A1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F14DA942-3214-4727-A90A-61EC273ED05B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F1A4ED02-ADBE-4D4A-8B29-2DF29D4C11C2}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F1DF18CF-1945-4597-802E-D3771C670219}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F1F47F20-077A-43E3-B0E3-D03BF9CE83F8}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F22705F2-3009-448D-9A01-CABBC79F9F48}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F2717DC6-DE20-49C3-AEA2-BD13B78D9798}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F2A1864F-82B7-4860-B97C-6A62E9232AFA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F306F5FE-00F6-40A1-B22E-48FA89AC8FE9}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F3443245-835D-4803-90E8-1C26DD2DD547}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F36B59AE-8F7E-4AA7-8B65-87AE5967DE82}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F3A8E758-8AE9-4C78-8C5D-B3098FD85995}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F3AFD1AA-75CD-4BF8-B757-6D2382E42E5F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F3D07BA2-6810-44B9-915D-67B654DD2EE7}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F417CD9F-6C09-4C91-B483-E33B64AA2DAA}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F454165E-B62C-4A7C-9A53-BE15052A465E}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F4A0A284-B1B8-4BB9-BEFA-906A33E84565}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F4B70969-D424-48D0-8FCB-CCE5FF4BEF9F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F4CF26EA-8ECA-478A-AF38-F26D600F68F0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F54741BF-ACE7-4251-982D-3EB582B37046}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F5C68876-52F0-4423-AD60-0A3DBA71ED2B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F616951F-4C1B-45B1-91F4-F1F1E4EFC8A5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F6626726-30F1-453C-942A-84A9D23C2CFF}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F6AF7B80-D762-4ACF-B08D-A8344D907A20}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F72507DD-BF86-424A-96F4-702A8E92CF0A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F747FC76-79BD-4565-8BDC-CC3C4BC93E58}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F77021EE-AA59-4771-B709-1FF9B2DF5E86}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F7BE90DF-83C9-4B8A-B68C-C9323D16A407}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F82EC645-0840-49FE-91B6-0BEF1D6B336B}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F83AB44A-E005-4616-A532-E23558369E7A}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F84FBEEF-B771-4CF3-98D9-F3D05028C0CD}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F856E39D-613C-4BE1-B079-8C3D6265D159}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F86C3551-2A00-41C4-A99C-4B0765B3A607}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F8B1B3A8-BE29-4F67-8361-5D19003F72C1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F8D71902-D8AC-47AA-8EBE-7CB2AE863BA0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F90F8FBE-17FE-4F17-988E-36820C02D1D1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F938546A-3568-4054-831B-93B8B06783C0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{F9A88A6B-E443-458A-8484-E9A999F9977F}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FA077F37-3425-4EF3-83B3-27EABAC6E082}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FAC70A01-6260-41F6-8ED6-08062326E827}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FB728B35-2952-4006-B89A-BFA4B02CB1D0}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FB77D8E6-0F50-4C04-AEF6-27164A1C4337}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FB88BE1F-CD3B-4675-8E69-821687F42352}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FC2724F9-6EF4-4A79-8EBA-4B4F8262D7C5}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FC2E8864-AD0A-469F-98CA-45C49C97C898}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FC2EBC55-3BE0-4BCE-AFB4-138D77EA2A02}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FCA0B213-8AF1-4546-B461-7F09D63F6482}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FCC8F815-49B5-4B6A-BE7D-911283A72166}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FD2DE758-39B9-46EC-BA36-50FBB6D1119C}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FD5B922A-F70B-4022-ACFA-5F734741DA49}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FDC41291-B06B-4818-9A5E-8C380EEA1628}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FE24F8DC-7459-41DA-B4CA-CFD7CAFF9936}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FE4C7266-2271-46A2-9996-A7E27A16AB6D}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FF0D9531-20AC-4EB5-909D-27C9A2C68DD1}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FF31CAAB-B5CE-4954-A169-1ED622537366}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FF7385FE-739E-4367-9377-7A59B2CFCA28}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FF8ECACC-D292-4416-AAC7-004E28B52979}
Successfully deleted: [Empty Folder] C:\Users\McFragga\appdata\local\{FFB1D995-97FA-4402-8CB4-64DF4C8E0E3E}
~~~ Chrome
Successfully deleted: [Folder] C:\Users\McFragga\appdata\local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.10.2014 at 18:16:15,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
18.10.2014, 11:41
| #9 |
| /// the machine /// TB-Ausbilder | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit WerbungESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.10.2014, 18:19
| #10 |
| | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Eset log.txt: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=795e6e9b9f49e141a56dea57e09a978b
# engine=20747
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-23 05:07:56
# local_time=2014-10-23 07:07:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 192256 165713926 0 0
# compatibility_mode_1='Sophos Anti-Virus'
# compatibility_mode=8450 16777214 100 99 870722 133149928 0 0
# scanned=229596
# found=29
# cleaned=0
# scan_time=4590
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=4FF97B281BC64D991DD01DAD2A67C5F0831535DB ft=1 fh=048fe3b80b0ef2b0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoft.exe.vir"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Miniclip\hk64tbMini.dll.vir"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Miniclip\hktbMini.dll.vir"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Miniclip\ldrtbMini.dll.vir"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Miniclip\tbMini.dll.vir"
sh=1C400444B67DFDD8549D0D5ABA79CC72D5565B30 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm\1.26.210_4\extensionData\plugins\194.js.vir"
sh=0B7B74DF30313F23BC2DAAD1D4039348C62D3CAF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcnaamhfnpmekghmhckingkdiingmjm\1.26.210_4\extensionData\plugins\91.js.vir"
sh=E2E7555ACD0F7F6827A0958817774C8E4253DC21 ft=1 fh=117f72a1057668b7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=1EFF205D7D0D82BAF841A98C176D700114E13FE6 ft=1 fh=b22528247c19a550 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll"
sh=FDC2005CED8ACF86C68FE1B86B0698D0539E8CE0 ft=1 fh=1aa6a68885750335 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnStub.exe"
sh=59F5B699E9D10AECFABE75111E41BBB68C05191D ft=1 fh=415d63096e11c9e7 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe"
sh=B32E0ED4F3F85ED8D63BABF1372250E6CC83AD09 ft=1 fh=8f5521f8b9da6187 vn="Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Windows Live\Messenger\riched20.dll"
sh=8D99417B6CAE9ED499A08481A73C4D46E8F8732C ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts61.zip"
sh=385EEECACA5D347694D3BDE09EBFA5123EAAB398 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch184.zip"
sh=8E7541D3C1A0BC7C93D6242D0A20A95360A162D8 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch190.zip"
sh=AFFF8A223E5BD686D7BC97B5233B65E111155A8A ft=1 fh=cb81218674d19a4e vn="Variante von Win32/BrowserCompanion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\BrowserCompanion\BCHelper.exe.vir"
sh=B07B326629BB7CB5EB74B5B0CCB022E13A0B4D55 ft=0 fh=0000000000000000 vn="Win32/Hoax.ArchSMS.IX.Gen Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\McFragga\AppData\Roaming\winxrar\rules.css.vir"
sh=8EF25BDCC76F1AF3383DC4C4312D820C1B1FA603 ft=0 fh=0000000000000000 vn="Win32/Hoax.ArchSMS.ES.Gen Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\McFragga\AppData\Roaming\winxrar\s.htm.vir"
sh=8D99417B6CAE9ED499A08481A73C4D46E8F8732C ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\FunWebProducts61.zip"
sh=385EEECACA5D347694D3BDE09EBFA5123EAAB398 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch184.zip"
sh=8E7541D3C1A0BC7C93D6242D0A20A95360A162D8 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch190.zip"
sh=427EBFD216B66AE77FF460F0BA36267C1D46DE71 ft=1 fh=b84e9e26347b9408 vn="Variante von Win32/Bundled.Toolbar.Ask.E potenziell unsichere Anwendung" ac=I fn="C:\Users\McFragga\Documents\APNSetup1.exe"
sh=DBA4D7540C69C6492D48E688A00B51387685F8A6 ft=1 fh=fb092140bceb8039 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\McFragga\Documents\ApnStub.exe"
sh=CE9063DD514B6CB0D7BB1A55680805BC925F5565 ft=1 fh=7bbb4e31cd05f266 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\McFragga\Documents\Downloads\ManyCamSetup.exe"
sh=A9D9A1EA56810A35A352A96EAD8E461A93643DE0 ft=1 fh=398a74cd8659c3dc vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\McFragga\Downloads\FreeYouTubeToMp3Converter327.exe"
sh=3F7F25A0628A731849E70F5C6A37B48F3CF431D0 ft=1 fh=6ca57a02b1c441c3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\MSI5218.tmp"
sh=7B07BD72A8CF1DFE08E32BA4BE6AB46A8F75F800 ft=1 fh=4e7748480ae48c01 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\MSI8B30.tmp"
Code:
ATTFilter Results of screen317's Security Check version 0.99.89
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Sophos Anti-Virus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java 7 Update 67
Adobe Flash Player 15.0.0.152
Adobe Reader 10.1.11 Adobe Reader out of Date!
Mozilla Thunderbird (24.6.0)
Google Chrome 37.0.2062.124
Google Chrome 38.0.2125.104
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Sophos Sophos Anti-Virus SAVAdminService.exe
Sophos Sophos Anti-Virus Web Control swc_service.exe
Sophos Sophos Anti-Virus Web Intelligence swi_service.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by McFragga (administrator) on FRAGGA-TOP on 23-10-2014 19:17:32
Running from C:\Users\McFragga\Downloads
Loaded Profile: McFragga (Available profiles: McFragga & Präsentation)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(MessengerPlus®) C:\Program Files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ICQ) C:\Users\McFragga\AppData\Roaming\ICQM\icq.exe
(Google) C:\Users\McFragga\AppData\Roaming\Google\Google Talk\googletalk.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\McFragga\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [309248 2009-06-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-08-12] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [ICQ] => C:\Users\McFragga\AppData\Roaming\ICQM\icq.exe [35239432 2014-10-17] (ICQ)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-05] ()
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [googletalk] => C:\Users\McFragga\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [ManyCam] => "C:/Program Files (x86)/ManyCam/ManyCam.exe" --silent
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [Amazon Music] => C:\Users\McFragga\AppData\Local\Amazon Music\Amazon Music Helper.exe [3356480 2014-07-22] ()
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB4688] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD6875] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB8749] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4912] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB182] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9342] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB7454] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD3285] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB1874] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD8937] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB3705] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9179] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB6450] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4325] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB2813] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Policies\Explorer: [NoInstrumentation] 1
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-08-12] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-08-12] (Sophos Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_42_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0F0FyDtCzy0E0BtDtC0DtN0D0Tzu0StCtDtCyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0FtD0CyC0FtByDtGzztAzztAtGtCtAzytAtG0ByEtDtAtGyByD0B0FyDtCyE0B0CtBtCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0EyD0DyC0C0BtGyDyB0AzytGyE0AtCzytGzytAzzzytGyDzzyCtD0BzyyBzzyB0DtBtA2Q&cr=708917268&ir=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search
SearchScopes: HKCU - {B6D6AC4C-0CEE-4A2C-BAE1-E1E20BB33231} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://zone.msn.com/bingame/luxr/default/mjolauncher.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Winsock: Catalog5 10 C:\Windows\system32\d3dy61rko.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{458B23B6-5E12-4AD2-8CC2-7027F9D37F5A}: [NameServer] 139.6.1.2,139.6.1.66
Tcpip\..\Interfaces\{6743AA9F-FAEA-4219-8182-FEF7A00B184D}: [NameServer] 139.6.1.2,139.6.1.66
Tcpip\..\Interfaces\{DC957AEE-BF7B-41E4-BE48-72E484240555}: [NameServer] 139.6.1.2,139.6.1.66
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=0.9.8a -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @bittorrent.com/BitTorrentDNA -> C:\Users\McFragga\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\McFragga\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\McFragga\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\McFragga\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\McFragga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\McFragga\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\McFragga\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\McFragga\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Toolbar fuer eBay - C:\Program Files (x86)\Mozilla Firefox\extensions\ebay.xpi [2008-09-09]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKCU\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\McFragga\Program Files (x86)\DNA
FF Extension: DNA - C:\Users\McFragga\Program Files (x86)\DNA [2010-08-26]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-18]
CHR Extension: (Google Drive) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-28]
CHR Extension: (Google-Suche) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-18]
CHR Extension: (Monster Trucks 360) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahlnbcfknpidmnoildgnpkmcocdhap [2014-03-23]
CHR Extension: (Monster Trucks) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjjlpfkbombmfgjkagbdnjjhfpocpjpe [2014-03-20]
CHR Extension: (Google Wallet) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\McFragga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-18]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\McFragga\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-03]
CHR HKLM-x32\...\Chrome\Extension: [bgpdpaleocmcbkehebpiihkpddggpoif] - C:\Users\McFragga\AppData\Local\Temp\bgpdpaleocmcbkehebpiihkpddggpoif.crx [2013-05-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [50688 2009-11-15] () [File not signed]
S2 gupdate1ca7aae5ec8cafa; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-01] (SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [948224 2009-11-15] () [File not signed]
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [690688 2009-11-15] () [File not signed]
R2 MessengerPlus; C:\Program Files\Yuna Software\Messenger Plus!\Messenger Plus! Ptc\MsgGuard.exe [7275376 2014-04-01] (MessengerPlus®)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-08-12] (Sophos Limited)
S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-08-12] (Sophos Limited)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2012-09-24] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-08-12] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2012-09-24] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-08-12] (Sophos Limited)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\STacSV64.exe [240128 2009-07-15] (IDT, Inc.)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-08-12] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-08-12] (Sophos Limited)
S2 MsgPlusService_1; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
S3 KUSBusByTCP; C:\Windows\SysWOW64\Drivers\KUSBusByTCP.sys [121880 2007-07-20] (Windows (R) Codename Longhorn DDK provider)
S3 KUSBusByTCPMasterBus; C:\Windows\SysWOW64\Drivers\KUSBusByTCPMasterBus.sys [66584 2007-07-20] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [48800 2009-05-07] (O2Micro )
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [267296 2008-05-28] (Creative Technology Ltd.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-08-12] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-08-12] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-08-12] (Sophos Limited)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-23 18:09 - 2014-10-23 18:09 - 00854448 _____ () C:\Users\McFragga\Downloads\SecurityCheck.exe
2014-10-23 17:33 - 2014-10-23 17:33 - 00000304 _____ () C:\Windows\system32\TemporarFileConfiguration
2014-10-22 16:19 - 2014-10-22 16:19 - 00000000 ____D () C:\Users\Präsentation\Documents\Feuerwehr
2014-10-22 13:44 - 2014-10-22 13:44 - 00000000 ____D () C:\Users\Präsentation\AppData\Local\Adobe
2014-10-17 22:33 - 2014-10-17 22:34 - 35212808 _____ (ICQ) C:\Users\McFragga\Downloads\icq_rfrset.exe
2014-10-17 18:29 - 2014-10-17 18:30 - 00043385 _____ () C:\Users\McFragga\Downloads\Addition.txt
2014-10-17 18:27 - 2014-10-17 18:27 - 00000000 ____D () C:\Users\McFragga\Downloads\FRST-OlderVersion
2014-10-17 18:16 - 2014-10-17 18:16 - 00129918 _____ () C:\Users\McFragga\Desktop\JRT.txt
2014-10-17 18:10 - 2014-10-17 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-10-17 18:09 - 2014-10-17 18:09 - 01705698 _____ (Thisisu) C:\Users\McFragga\Downloads\JRT.exe
2014-10-17 17:54 - 2014-10-17 17:58 - 00000000 ____D () C:\AdwCleaner
2014-10-17 17:53 - 2014-10-17 17:53 - 01976320 _____ () C:\Users\McFragga\Downloads\AdwCleaner_4.000.exe
2014-10-15 17:05 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 17:05 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 17:05 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 17:05 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 17:05 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 17:05 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 17:05 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 17:05 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 17:05 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 17:05 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 17:05 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 17:05 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 17:05 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 17:05 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 17:05 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 17:05 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 17:05 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 17:05 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 17:05 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 17:05 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 17:05 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 17:05 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:05 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:05 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:05 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:05 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:05 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:04 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 17:04 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 17:04 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:04 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 17:04 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 17:04 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 17:04 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 17:04 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 17:04 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:04 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:04 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:04 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 17:04 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 17:04 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:04 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:04 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 17:04 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 17:04 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 17:04 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:04 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:04 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 17:04 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 17:04 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:04 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 17:04 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 17:04 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 17:04 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 17:04 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 17:04 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:04 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 17:04 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 17:04 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 17:04 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 17:04 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 17:04 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:04 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 17:04 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:04 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 17:04 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 17:04 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 17:04 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 17:04 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 17:04 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 17:04 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:04 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 17:04 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 17:04 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 17:04 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:04 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 17:04 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 17:04 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 17:04 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:04 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 17:04 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 17:04 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 17:04 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 17:04 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 17:04 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 17:04 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 17:04 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 17:04 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 17:04 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 17:04 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 17:04 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 17:04 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 17:04 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 17:04 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 17:04 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 17:04 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 17:04 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 17:04 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 17:04 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 17:04 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 17:04 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 17:04 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 17:04 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 17:04 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 17:04 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 17:04 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 17:04 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 17:04 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 17:04 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 17:04 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 17:04 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 17:04 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 17:04 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 17:03 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:03 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 17:03 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:03 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 17:03 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 17:03 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:03 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:03 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:03 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 17:03 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:03 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:03 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 17:03 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 17:03 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 17:03 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:03 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 17:03 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 17:03 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 17:03 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 17:03 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-15 17:03 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-15 17:03 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-15 17:03 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-15 17:02 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:02 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:02 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 17:02 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 17:02 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 13:45 - 2014-10-15 13:48 - 00000298 _____ () C:\Windows\Tasks\Tempo Runner zoomifyD32.job
2014-10-15 13:45 - 2014-10-15 13:45 - 00002444 _____ () C:\Windows\System32\Tasks\Tempo Runner zoomifyD32
2014-10-15 13:45 - 2014-10-15 13:45 - 00000298 _____ () C:\Windows\Tasks\Tempo Runner zoomifyL64.job
2014-10-15 13:45 - 2014-10-15 13:45 - 00000298 _____ () C:\Windows\Tasks\Tempo Runner zoomifyL32.job
2014-10-15 13:44 - 2014-10-15 13:44 - 00000049 _____ () C:\Users\McFragga\Downloads\mbam.txt
2014-10-15 13:13 - 2014-10-15 13:14 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 13:13 - 2014-10-15 13:13 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-15 13:13 - 2014-10-15 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-15 13:13 - 2014-10-15 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-15 13:13 - 2014-10-15 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-15 13:13 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 13:13 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 13:13 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 13:11 - 2014-10-15 13:12 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Präsentation\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-15 07:22 - 2014-10-15 07:22 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-10-14 14:21 - 2014-10-14 14:22 - 00054192 _____ () C:\Users\McFragga\Downloads\Addition(3).txt
2014-10-14 13:28 - 2014-10-14 13:28 - 00038301 _____ () C:\ComboFix.txt
2014-10-14 13:04 - 2014-10-14 13:28 - 00000000 ____D () C:\Qoobox
2014-10-14 13:04 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-14 13:04 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-14 13:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-14 13:04 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-14 13:03 - 2014-10-14 13:24 - 00000000 ____D () C:\Windows\erdnt
2014-10-14 12:55 - 2014-10-14 12:55 - 05582915 ____R (Swearware) C:\Users\McFragga\Downloads\ComboFix.exe
2014-10-14 12:35 - 2014-10-14 12:35 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\McFragga\Downloads\revosetup95 (1).exe
2014-10-14 11:26 - 2014-10-14 11:27 - 00054330 _____ () C:\Users\McFragga\Downloads\Addition(2).txt
2014-10-14 10:31 - 2014-10-14 12:32 - 00000096 _____ () C:\Users\McFragga\AppData\Roaming\WB.CFG
2014-10-14 10:14 - 2014-10-14 10:14 - 00055636 _____ () C:\Users\McFragga\Desktop\FRST.txt
2014-10-14 09:40 - 2014-10-14 09:46 - 00054856 _____ () C:\Users\McFragga\Downloads\Addition(1).txt
2014-10-14 09:38 - 2014-10-23 19:17 - 00027739 _____ () C:\Users\McFragga\Downloads\FRST.txt
2014-10-14 09:38 - 2014-10-23 19:17 - 00000000 ____D () C:\FRST
2014-10-14 09:33 - 2014-10-17 18:27 - 02112000 _____ (Farbar) C:\Users\McFragga\Downloads\FRST64.exe
2014-10-14 09:31 - 2014-10-14 09:32 - 00000280 _____ () C:\Users\McFragga\Desktop\Cut the Rope.url
2014-10-14 09:31 - 2014-10-14 09:31 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\1H1Q
2014-10-14 09:15 - 2014-10-14 12:36 - 00001288 _____ () C:\Users\McFragga\Desktop\Revo Uninstaller.lnk
2014-10-14 09:15 - 2014-10-14 12:36 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-14 09:10 - 2014-10-14 09:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\McFragga\Downloads\revosetup95.exe
2014-10-13 23:29 - 2014-10-13 23:29 - 00000196 _____ () C:\Windows\Tasks\Tempo Runner wzoomifyd.job
2014-10-13 23:21 - 2014-10-13 23:21 - 00001315 _____ () C:\Users\Präsentation\Desktop\ELT2 - Verknüpfung.lnk
2014-10-13 23:19 - 2014-10-22 13:44 - 00000000 ____D () C:\Users\Präsentation\AppData\Roaming\Adobe
2014-10-13 23:19 - 2014-10-15 17:52 - 00000000 ____D () C:\Users\Präsentation\AppData\Local\VirtualStore
2014-10-13 23:19 - 2014-10-13 23:19 - 00114224 _____ () C:\Users\Präsentation\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 23:19 - 2014-10-13 23:19 - 00001427 _____ () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 23:18 - 2014-10-22 17:05 - 00000000 ____D () C:\Users\Präsentation\AppData\Local\Google
2014-10-13 23:18 - 2014-10-15 17:44 - 00000000 ____D () C:\Users\Präsentation
2014-10-13 23:18 - 2014-10-13 23:18 - 00000020 ___SH () C:\Users\Präsentation\ntuser.ini
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Vorlagen
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Startmenü
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Netzwerkumgebung
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Lokale Einstellungen
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Eigene Dateien
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Druckumgebung
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Documents\Eigene Musik
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Documents\Eigene Bilder
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Local\Verlauf
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\AppData\Local\Anwendungsdaten
2014-10-13 23:18 - 2014-10-13 23:18 - 00000000 _SHDL () C:\Users\Präsentation\Anwendungsdaten
2014-10-13 23:18 - 2013-06-23 23:54 - 00000000 ____D () C:\Users\Präsentation\AppData\LocalGoogle
2014-10-13 23:18 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 23:18 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Präsentation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-10 17:10 - 2014-10-23 17:31 - 00060636 _____ () C:\Windows\PFRO.log
2014-10-10 17:10 - 2014-10-23 17:31 - 00001120 _____ () C:\Windows\setupact.log
2014-10-10 17:10 - 2014-10-10 17:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 09:59 - 2014-10-10 09:59 - 00134930 _____ () C:\Users\McFragga\Documents\cc_20141010_095852.reg
2014-10-08 17:46 - 2014-10-08 17:47 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-10-08 17:19 - 2014-10-08 17:19 - 56484761 _____ () C:\Users\McFragga\Downloads\texmakerwin32_43install.exe
2014-10-07 18:27 - 2014-10-07 18:27 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-07 15:59 - 2014-10-07 15:59 - 00164204 _____ () C:\Users\McFragga\Downloads\tam384.wav
2014-10-07 15:40 - 2014-10-07 15:40 - 00000000 ____D () C:\dgTemp
2014-10-01 17:51 - 2014-10-01 17:51 - 00278568 _____ () C:\Windows\system32\.crusader
2014-10-01 07:59 - 2014-10-01 07:59 - 00001911 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-01 07:59 - 2014-10-01 07:59 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-01 07:43 - 2014-10-03 10:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\Program Files (x86)\FRITZ!BoxPrint
2014-09-30 12:41 - 2014-09-30 12:41 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-09-30 12:41 - 2006-05-29 02:00 - 00016384 ____R (AVM Berlin GmbH) C:\Windows\SysWOW64\avmprmon.dll
2014-09-30 12:41 - 2006-01-20 13:43 - 00055808 ____R (AVM GmbH) C:\Windows\SysWOW64\avmadd32.dll
2014-09-30 11:49 - 2014-09-30 12:18 - 00371447 _____ () C:\Users\McFragga\Downloads\Sicherung Fritzbox - Kopie.export
2014-09-30 11:37 - 2014-09-30 11:37 - 00181508 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_30.09.14_1136.export
2014-09-30 11:25 - 2014-09-30 11:25 - 00180979 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_01.01.70_0134.export
2014-09-30 11:16 - 2014-09-30 11:56 - 00180979 _____ () C:\Users\McFragga\Downloads\FRITZ.Box 7490 113.06.05_01.01.70_0125.export
2014-09-27 00:47 - 2014-09-27 00:47 - 00002547 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-27 00:47 - 2014-09-27 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-26 16:56 - 2014-09-26 16:56 - 00371434 _____ () C:\Users\McFragga\Downloads\Sicherung Fritzbox.export
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-23 19:09 - 2009-12-12 00:07 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Skype
2014-10-23 19:08 - 2012-08-07 14:56 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
2014-10-23 18:56 - 2014-01-11 20:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-23 18:41 - 2009-12-12 00:14 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 17:49 - 2011-09-21 23:32 - 00001128 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
2014-10-23 17:42 - 2011-09-21 23:32 - 00001150 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000UA.job
2014-10-23 17:40 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 17:40 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 17:33 - 2013-05-03 17:49 - 00000000 ___RD () C:\Users\McFragga\Google Drive
2014-10-23 17:32 - 2009-12-12 00:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-23 17:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-22 17:15 - 2009-07-14 07:10 - 01768781 _____ () C:\Windows\WindowsUpdate.log
2014-10-22 15:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-22 14:47 - 2009-12-12 00:08 - 00002137 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-21 17:20 - 2011-10-25 23:27 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\MyPhoneExplorer
2014-10-19 21:36 - 2009-12-12 00:14 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 21:36 - 2009-12-12 00:14 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 00:21 - 2014-04-27 15:18 - 00000000 ____D () C:\Users\McFragga\Downloads\KFZ
2014-10-17 22:52 - 2013-03-13 20:11 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\ICQM
2014-10-17 22:35 - 2013-03-13 20:12 - 00001817 _____ () C:\Users\McFragga\Desktop\ICQ.lnk
2014-10-17 22:35 - 2013-03-13 20:12 - 00001675 _____ () C:\Users\McFragga\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-10-17 22:35 - 2013-03-13 20:12 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-10-17 17:58 - 2009-12-10 07:56 - 00000000 ____D () C:\ProgramData\ICQ
2014-10-17 17:44 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-17 09:57 - 2009-07-14 06:45 - 00423096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 09:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-17 09:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-17 09:46 - 2009-07-14 19:58 - 00657900 _____ () C:\Windows\system32\perfh007.dat
2014-10-17 09:46 - 2009-07-14 19:58 - 00131258 _____ () C:\Windows\system32\perfc007.dat
2014-10-17 09:46 - 2009-07-14 07:13 - 01507404 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-17 08:41 - 2013-08-15 03:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 08:12 - 2009-12-12 00:41 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 06:49 - 2010-04-23 09:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-10-14 13:24 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-14 13:17 - 2012-08-07 14:11 - 00000000 ____D () C:\ProgramData\Temp
2014-10-14 12:08 - 2012-08-07 14:56 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088157530-2470593686-3206213926-1000Core.job
2014-10-13 23:23 - 2010-01-08 13:12 - 00000400 _____ () C:\Windows\ODBC.INI
2014-10-11 14:39 - 2009-12-14 20:21 - 00000000 ____D () C:\Users\McFragga\Studium
2014-10-10 09:52 - 2011-02-17 09:38 - 00000000 ____D () C:\Users\McFragga\AppData\Roaming\Winamp
2014-10-10 09:52 - 2009-12-10 07:40 - 00000000 ____D () C:\Users\McFragga\Tracing
2014-10-10 09:51 - 2014-09-04 11:25 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-10-10 09:26 - 2011-03-21 08:49 - 00000000 ____D () C:\Windows\Minidump
2014-10-08 17:58 - 2011-10-25 21:39 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-10-08 17:50 - 2011-10-25 21:52 - 00000000 ____D () C:\Users\McFragga\AppData\Local\Motorola
2014-10-08 17:48 - 2011-10-25 21:51 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 15:57 - 2012-03-23 23:17 - 00000000 ____D () C:\Temp
2014-10-02 15:53 - 2009-12-09 16:12 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 09:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-01 07:39 - 2011-10-05 16:05 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-01 06:59 - 2011-10-05 17:12 - 00254080 _____ () C:\aaw7boot.log
2014-09-30 08:28 - 2014-09-08 08:38 - 00003626 _____ () C:\Windows\System32\Tasks\Ad-Aware Update (Weekly)
2014-09-29 22:09 - 2011-10-08 16:07 - 00000064 _____ () C:\Windows\SysWOW64\rp_stats.dat
2014-09-29 22:09 - 2011-10-08 16:07 - 00000044 _____ () C:\Windows\SysWOW64\rp_rules.dat
2014-09-27 00:47 - 2009-12-12 00:07 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-27 00:46 - 2009-12-12 00:07 - 00000000 ____D () C:\ProgramData\Skype
2014-09-24 08:56 - 2014-01-11 20:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 08:56 - 2013-06-18 23:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 08:56 - 2013-06-18 23:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\McFragga\AppData\Local\Temp\Quarantine.exe
C:\Users\McFragga\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 20:12
==================== End Of Log ============================
--- --- --- danke nochmal |
|
24.10.2014, 10:00
| #11 |
| /// the machine /// TB-Ausbilder | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB4688] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD6875] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB8749] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4912] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB182] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9342] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB7454] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD3285] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB1874] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD8937] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB3705] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9179] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB6450] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4325] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB2813] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Adobe updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.10.2014, 12:24
| #12 |
| | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung Fixlog.txt Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-10-2014
Ran by McFragga at 2014-10-26 12:22:54 Run:1
Running from C:\Users\McFragga\Downloads
Loaded Profile: McFragga (Available profiles: McFragga & Präsentation)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB4688] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD6875] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB8749] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4912] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB182] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9342] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB7454] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD3285] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB1874] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD8937] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB3705] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD9179] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB6450] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingD4325] => cmd.exe /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE"
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\...\RunOnce: [SpybotDeletingB2813] => command.com /c del "C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL"
*****************
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fsm => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB4688 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD6875 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB8749 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD4912 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB182 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD9342 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB7454 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD3285 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB1874 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD8937 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB3705 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD9179 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB6450 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingD4325 => value deleted successfully.
HKU\S-1-5-21-4088157530-2470593686-3206213926-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingB2813 => value deleted successfully.
==== End of Fixlog ====
|
|
26.10.2014, 18:36
| #13 |
| /// the machine /// TB-Ausbilder | Wenn ich irgendwo im Chrome auf der Seite klicke, öffnet sich eine neue Tab mit Werbung fertig
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
