Win7 64bit: Firefox neue Tabs mit Werbung, Umleitung von Seitenaurufen, Popup Fenster

Haus meister · 15.11.2014, 02:04

Hallo Forum,

habe hier ein Laptop von meinem Kumpel bei dem das Surfen eine Qual geworden ist.
Ständig werden Seitenaurufe umgelenkt, Popup Windows oder neue Tabs mit Werbung erscheinen.

Bisher habe ich die zuletzt insallierten Programme (ca. 10 Stück) über die Systemsteuerung deinstalliert. Ansonsten habe ich noch nichts weiteres unternommen, ausser die empfohlenen Logfiles erstellt.

defogger_disable:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:27 on 14/11/2014 (Lapp)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Lapp (administrator) on LAPP-PC on 14-11-2014 23:30:18
Running from C:\Users\Lapp\Downloads
Loaded Profiles: Lapp & Paul (Available profiles: Lapp & Paul)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
() C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
() C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Probit Software LTD) C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCSmartScan.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2741544 2011-04-08] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-07-23] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-07-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WN111v2\jswtrayutil.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [mbot_de_195] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mysearchpage.net
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4m&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4m&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKU\S-1-5-21-2147732465-1013433442-3662694159-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4h&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4h&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4m&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4m&q={searchTerms}
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4h&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Astromenda
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\user.js
FF SearchPlugin: C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\searchplugins\Astromenda.xml
FF SearchPlugin: C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: videosMediaPlayersversion2.1 - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com [2014-10-31]
FF Extension: Fast Start - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\faststartff@gmail.com [2014-10-26]
FF Extension: Astro New Tab - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [2014-10-31]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\extensions\faststartff@gmail.com

Chrome: 
=======
CHR Profile: C:\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [epojlgbehpaeekopencdagbdamnkppci] - C:\Program Files (x86)\LyriXeeker\128.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2231616 2010-07-19] ()
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [714208 2014-10-26] (Cherished Technololgy LIMITED)
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
R2 MaintainerSvc2.61.4907295; C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.exe [123640 2014-11-14] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
R1 {8431bbbd-4243-4758-beab-348411cd1e12}Gw64; C:\Windows\System32\drivers\{8431bbbd-4243-4758-beab-348411cd1e12}Gw64.sys [48792 2014-11-14] (StdLib)
R1 {9255f1e2-1754-4887-b5d8-8ea035831546}Gw64; C:\Windows\System32\drivers\{9255f1e2-1754-4887-b5d8-8ea035831546}Gw64.sys [48792 2014-10-31] (StdLib)
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 cpuz134; \??\C:\Users\Lapp\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S1 lfputvzi; \??\C:\windows\system32\drivers\lfputvzi.sys [X]
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 23:30 - 2014-11-14 23:30 - 00020220 _____ () C:\Users\Lapp\Downloads\FRST.txt
2014-11-14 23:30 - 2014-11-14 23:30 - 00000000 ____D () C:\FRST
2014-11-14 23:29 - 2014-11-14 23:29 - 02116608 _____ (Farbar) C:\Users\Lapp\Downloads\FRST64.exe
2014-11-14 23:27 - 2014-11-14 23:27 - 00000470 _____ () C:\Users\Lapp\Downloads\defogger_disable.log
2014-11-14 23:27 - 2014-11-14 23:27 - 00000000 _____ () C:\Users\Lapp\defogger_reenable
2014-11-14 23:26 - 2014-11-14 23:26 - 00050477 _____ () C:\Users\Lapp\Downloads\Defogger.exe
2014-11-14 23:15 - 2014-11-14 23:17 - 00000000 ____D () C:\Users\Lapp\Desktop\cleanen
2014-11-14 22:55 - 2014-11-14 22:55 - 00000000 ____D () C:\ProgramData\374311380
2014-11-14 22:54 - 2014-11-14 22:54 - 00003142 _____ () C:\windows\System32\Tasks\{DFEE10EA-24B7-49A2-A080-0C4F5AC8DE75}
2014-11-14 22:54 - 2014-11-14 22:54 - 00000000 ____D () C:\Program Files (x86)\predm
2014-11-14 22:10 - 2014-11-14 22:10 - 04918960 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-14 22:10 - 2014-11-14 22:10 - 00025701 _____ () C:\windows\system32\ScanResults.xml
2014-11-14 22:08 - 2014-11-14 22:08 - 00001408 _____ () C:\Users\Paul\Desktop\Registry kostenlos entrümpeln!.lnk
2014-11-14 22:07 - 2014-11-14 03:33 - 00048792 _____ (StdLib) C:\windows\system32\Drivers\{8431bbbd-4243-4758-beab-348411cd1e12}Gw64.sys
2014-11-14 22:01 - 2014-11-14 22:01 - 00000464 _____ () C:\windows\system32\ScannerSettings
2014-10-31 19:09 - 2014-11-14 22:01 - 00000000 ____D () C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2
2014-10-31 18:39 - 2014-10-31 02:45 - 00048792 _____ (StdLib) C:\windows\system32\Drivers\{9255f1e2-1754-4887-b5d8-8ea035831546}Gw64.sys
2014-10-31 18:35 - 2014-11-14 22:52 - 00000000 ____D () C:\Program Files\Reimage
2014-10-31 18:32 - 2014-10-31 18:32 - 00756712 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair(2).exe
2014-10-31 18:32 - 2014-10-31 18:32 - 00756712 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair(1).exe
2014-10-31 17:42 - 2014-10-31 17:42 - 00000000 ____D () C:\Users\Lapp\Documents\PC Speed Maximizer
2014-10-31 17:37 - 2014-11-14 22:49 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-10-31 17:37 - 2014-10-31 17:38 - 00000267 _____ () C:\Users\Lapp\Desktop\Cut the Rope.url
2014-10-31 17:37 - 2014-10-31 17:37 - 01055936 _____ (Adobe) C:\Users\Lapp\Downloads\flashplayer_setup.exe
2014-10-31 17:36 - 2014-10-31 17:36 - 00783096 _____ ( ) C:\Users\Paul\Downloads\adobe_flash_setup(3).exe
2014-10-31 17:23 - 2014-11-14 22:59 - 00002038 _____ () C:\Users\Lapp\Desktop\Search.lnk
2014-10-30 16:04 - 2014-10-30 16:04 - 01326976 _____ () C:\Users\Paul\Downloads\Player_Setup.exe
2014-10-29 16:28 - 2014-10-31 18:37 - 00000165 _____ () C:\windows\Reimage.ini
2014-10-29 16:28 - 2014-10-29 16:28 - 00752920 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair.exe
2014-10-29 16:22 - 2014-10-29 16:22 - 00783096 _____ ( ) C:\Users\Paul\Downloads\adobe_flash_setup(2).exe
2014-10-29 16:22 - 2014-10-29 16:22 - 00783096 _____ ( ) C:\Users\Paul\Downloads\adobe_flash_setup(1).exe
2014-10-29 16:20 - 2014-10-29 16:20 - 00785760 _____ ( ) C:\Users\Paul\Downloads\adobe_flash_setup.exe
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Systweak
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\Users\Paul\AppData\Local\SearchProtect
2014-10-29 16:11 - 2014-11-14 22:53 - 00000000 ____D () C:\Users\Lapp\AppData\Roaming\Systweak
2014-10-29 16:11 - 2014-10-29 16:11 - 00000000 ____D () C:\Users\Lapp\AppData\Local\SearchProtect
2014-10-29 16:11 - 2014-08-05 19:14 - 00020328 _____ () C:\windows\system32\roboot64.exe
2014-10-29 16:10 - 2014-11-14 22:01 - 00000000 ____D () C:\Program Files (x86)\ORBTR
2014-10-29 16:09 - 2014-10-29 16:09 - 00756712 _____ (Reimage®) C:\Users\Lapp\Downloads\ReimageRepair.exe
2014-10-29 16:09 - 2014-10-29 16:09 - 00756712 _____ (Reimage®) C:\Users\Lapp\Downloads\ReimageRepair(1).exe
2014-10-29 16:06 - 2014-11-14 23:00 - 00000000 ____D () C:\Users\Lapp\AppData\Roaming\Probit Software
2014-10-29 16:06 - 2014-10-29 16:06 - 00001087 _____ () C:\Users\Lapp\Desktop\Continue Live Installation.lnk
2014-10-27 19:18 - 2014-10-27 19:18 - 00000000 ____D () C:\Users\Paul\AppData\Local\fastplayer
2014-10-27 19:18 - 2014-10-27 19:18 - 00000000 ____D () C:\Users\Paul\AppData\Local\com
2014-10-27 19:17 - 2014-10-27 19:17 - 00365936 _____ () C:\Users\Paul\Downloads\Setup.exe
2014-10-26 17:42 - 2014-10-26 17:42 - 00000000 ____D () C:\Users\Paul\AppData\Local\mbot_de_195
2014-10-26 17:37 - 2014-10-26 17:37 - 00000000 ____D () C:\windows\SysWOW64\Flash
2014-10-26 17:36 - 2014-10-26 17:36 - 00612324 _____ (CMI Limited) C:\Users\Lapp\AppData\Local\nsw25CA.tmp
2014-10-26 17:36 - 2014-10-26 17:36 - 00000000 __SHD () C:\Users\Lapp\AppData\Roaming\AnyProtectEx
2014-10-26 17:34 - 2014-11-14 22:53 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-26 17:34 - 2014-11-14 22:45 - 00001332 _____ () C:\windows\Tasks\RBSWI.job
2014-10-26 17:34 - 2014-11-14 22:45 - 00001326 _____ () C:\windows\Tasks\OG.job
2014-10-26 17:34 - 2014-10-26 17:34 - 02006432 _____ (enter) C:\Users\Paul\AppData\Roaming\RBSWI.exe
2014-10-26 17:34 - 2014-10-26 17:34 - 01519520 _____ (enter) C:\Users\Paul\AppData\Roaming\OG.exe
2014-10-26 17:34 - 2014-10-26 17:34 - 00004354 _____ () C:\windows\System32\Tasks\RBSWI
2014-10-26 17:34 - 2014-10-26 17:34 - 00004348 _____ () C:\windows\System32\Tasks\OG
2014-10-26 17:34 - 2014-10-26 17:34 - 00000000 ____D () C:\Users\Lapp\AppData\Local\globalUpdate
2014-10-26 17:34 - 2014-10-26 17:34 - 00000000 ____D () C:\Users\Lapp\AppData\Local\com
2014-10-26 17:34 - 2014-10-26 17:34 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-10-26 17:33 - 2014-11-14 22:56 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-10-26 17:33 - 2014-11-14 22:55 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-10-26 17:33 - 2014-10-31 17:16 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-26 17:33 - 2014-10-26 17:33 - 00004022 _____ () C:\windows\System32\Tasks\LaunchSignup
2014-10-26 17:32 - 2014-10-26 17:32 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-10-26 17:31 - 2014-10-26 17:31 - 00365936 _____ () C:\Users\Paul\Downloads\Player.exe
2014-10-25 21:56 - 2014-10-25 21:56 - 00000000 ____D () C:\Users\Lapp\AppData\Local\{6817D6FD-5E64-42E2-9D75-E578B19EBC6B}
2014-10-24 23:38 - 2014-10-24 23:39 - 01054912 _____ (Adobe) C:\Users\Paul\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2014-10-17 15:12 - 2014-09-20 01:09 - 17867776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-17 15:12 - 2014-09-20 00:55 - 02339328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-17 15:12 - 2014-09-20 00:54 - 10920960 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-17 15:12 - 2014-09-20 00:50 - 01385472 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-17 15:12 - 2014-09-20 00:49 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-17 15:12 - 2014-09-20 00:48 - 01494016 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-17 15:12 - 2014-09-20 00:48 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-10-17 15:12 - 2014-09-20 00:48 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-17 15:12 - 2014-09-20 00:47 - 02157056 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-17 15:12 - 2014-09-20 00:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-17 15:12 - 2014-09-20 00:47 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-17 15:12 - 2014-09-20 00:47 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-17 15:12 - 2014-09-20 00:47 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-17 15:12 - 2014-09-20 00:46 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-17 15:12 - 2014-09-20 00:46 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-17 15:12 - 2014-09-20 00:46 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-17 15:12 - 2014-09-20 00:46 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-17 15:12 - 2014-09-20 00:46 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-10-17 15:12 - 2014-09-20 00:46 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-10-17 15:12 - 2014-09-20 00:45 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-17 15:12 - 2014-09-20 00:45 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-10-17 15:12 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-17 15:12 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-17 15:12 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-17 15:12 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-17 15:12 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-17 15:12 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-17 15:12 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-10-17 15:12 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-17 15:12 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-17 15:12 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-17 15:12 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-17 15:12 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-17 15:12 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-17 15:12 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-10-17 15:12 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-17 15:12 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-17 15:12 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-17 15:12 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-17 15:12 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-10-17 15:12 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-10-17 15:12 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-17 15:11 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-17 15:11 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-17 15:11 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-17 15:11 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-17 15:11 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-17 15:11 - 2014-07-08 23:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-17 15:11 - 2014-07-08 23:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-17 15:11 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-17 15:08 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-17 15:08 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-17 15:08 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-17 15:08 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-17 15:08 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-17 15:08 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-17 15:08 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-17 15:08 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-17 15:08 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-17 15:08 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-17 15:08 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-17 15:08 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-17 15:08 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-17 15:08 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-17 15:08 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-17 15:08 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-17 15:08 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-17 15:08 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-17 15:08 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 23:27 - 2011-08-09 19:03 - 00000000 ____D () C:\Users\Lapp
2014-11-14 23:10 - 2014-04-18 16:53 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-14 22:59 - 2014-04-18 15:35 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-14 22:59 - 2014-04-18 15:35 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-14 22:56 - 2011-07-23 02:44 - 01795385 _____ () C:\windows\WindowsUpdate.log
2014-11-14 22:45 - 2011-08-09 19:03 - 03440972 _____ () C:\FaceProv.log
2014-11-14 22:45 - 2011-07-23 03:32 - 00186665 _____ () C:\windows\system32\fastboot.set
2014-11-14 22:23 - 2014-09-24 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-14 22:23 - 2014-04-18 15:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-14 22:13 - 2009-07-14 05:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-14 22:13 - 2009-07-14 05:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-14 22:11 - 2014-04-18 16:53 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-14 22:11 - 2014-04-18 16:52 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-14 22:11 - 2014-04-18 16:52 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 22:08 - 2011-07-22 18:37 - 00713954 _____ () C:\windows\system32\perfh007.dat
2014-11-14 22:08 - 2011-07-22 18:37 - 00154006 _____ () C:\windows\system32\perfc007.dat
2014-11-14 22:08 - 2009-07-14 06:13 - 01647544 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-14 22:07 - 2009-07-14 03:34 - 00000580 _____ () C:\windows\win.ini
2014-11-14 22:00 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-14 21:59 - 2009-07-14 05:51 - 00115209 _____ () C:\windows\setupact.log
2014-10-31 18:38 - 2013-08-05 22:56 - 00000177 _____ () C:\Users\Lapp\AppData\Roaming\WB.CFG
2014-10-31 17:23 - 2014-07-31 22:29 - 00000000 ____D () C:\Users\Lapp\AppData\Local\Adobe
2014-10-31 17:23 - 2011-07-23 03:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-31 17:20 - 2011-08-31 12:33 - 00003922 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{22EC8DB8-E9FB-4135-AF4A-B2C108DD28BE}
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-29 16:14 - 2010-11-21 04:47 - 00111998 _____ () C:\windows\PFRO.log
2014-10-26 17:34 - 2011-07-23 03:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-26 17:33 - 2009-07-14 04:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-10-26 17:33 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-10-20 23:07 - 2014-04-30 21:08 - 00000000 ____D () C:\Users\Paul\AppData\Local\Windows Live
2014-10-18 22:01 - 2009-07-14 05:45 - 00412688 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-18 21:59 - 2014-04-25 21:56 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-17 16:20 - 2011-08-10 20:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 15:15 - 2013-08-14 17:13 - 00000000 ____D () C:\windows\system32\MRT
2014-10-17 15:01 - 2011-08-10 21:33 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Lapp\AppData\Local\Temp\BackupSetup.exe
C:\Users\Lapp\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Lapp\AppData\Local\Temp\install_reader11_de_gtba_chra_dy_aih.exe
C:\Users\Lapp\AppData\Local\Temp\KUIU.EXE
C:\Users\Lapp\AppData\Local\Temp\Notification.exe
C:\Users\Lapp\AppData\Local\Temp\pnLA7.dll
C:\Users\Lapp\AppData\Local\Temp\pnLA7.exe
C:\Users\Lapp\AppData\Local\Temp\QtraxNotification.exe
C:\Users\Lapp\AppData\Local\Temp\Quarantine.exe
C:\Users\Lapp\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Lapp\AppData\Local\Temp\RUEB5.exe
C:\Users\Lapp\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Lapp\AppData\Local\Temp\uninst1.exe
C:\Users\Lapp\AppData\Local\Temp\uninstall.exe
C:\Users\Lapp\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Lapp\AppData\Local\Temp\_isCFBD.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-18 14:40

==================== End Of Log ============================

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Lapp at 2014-11-14 23:31:46
Running from C:\Users\Lapp\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{1BC4B13F-E8DC-495B-EC8F-6701438612C2}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.981-120704a-156763C-Lenovo - Advanced Micro Devices, Inc.)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 1.0 - devolo AG)
dLAN Cockpit (x32 Version: 1.19.07 - devolo AG) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.10.1201.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qtrax Connection Manager (HKU\S-1-5-21-2147732465-1013433442-3662694159-1000\...\Qtrax Connection Manager) (Version: 20.13.07.02 - Qtrax Inc)
Qtrax Player (HKU\S-1-5-21-2147732465-1013433442-3662694159-1000\...\548901595.portal.qtrax.com) (Version:  - portal.qtrax.com)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM-x32\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.3 - NETGEAR)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.26.7 - Client Connect LTD) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.0.0 - Synaptics Incorporated)
Update for Zip Opener (HKU\S-1-5-21-2147732465-1013433442-3662694159-1000\...\DigitalSite) (Version:  - ) <==== ATTENTION
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WN111v2 (x32 Version: 3.0.0.3 - NETGEAR) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-09-2014 23:52:31 Windows Update
27-09-2014 22:14:17 Windows Update
01-10-2014 14:04:41 Windows-Sicherung
01-10-2014 15:01:53 Windows Update
05-10-2014 06:29:43 Windows Update
09-10-2014 22:19:34 Windows Update
14-10-2014 13:52:37 Windows Update
17-10-2014 14:00:34 Windows Update
17-10-2014 15:17:24 Windows Update
21-10-2014 22:23:14 Windows Update
24-10-2014 22:48:51 Windows Update
30-10-2014 15:09:29 Windows Update
31-10-2014 16:28:53 RCP Fr, Okt 31, 14  17:28
31-10-2014 18:00:32 Windows-Sicherung
14-11-2014 21:05:52 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {074F98AD-EBEA-445A-ACD8-A54B733DB5C3} - \LaunchApp No Task File <==== ATTENTION
Task: {16250943-5383-4E08-88B4-C1B694667428} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14] (Adobe Systems Incorporated)
Task: {3F4DA857-E313-4699-B714-841759A29382} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {4A462167-2CFA-4DCA-B827-0B371E94C4D0} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {625530AA-9E1A-4BDE-BB27-73BE1A687C80} - \DealPly No Task File <==== ATTENTION
Task: {6D92A19B-11B6-4072-8231-76D82B725BA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {C14CF2FA-5058-4342-AACC-3E2BBD342BEF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CB5A2F8F-5B89-499C-99E3-E1CCF095F174} - System32\Tasks\RBSWI => C:\Users\Paul\AppData\Roaming\RBSWI.exe [2014-10-26] (enter) <==== ATTENTION
Task: {CD795ADE-029A-4471-AC3B-22AEAAD3FA0C} - System32\Tasks\OG => C:\Users\Paul\AppData\Roaming\OG.exe [2014-10-26] (enter) <==== ATTENTION
Task: {D164BE0E-6487-4FD5-99D3-A2B152128314} - \BitGuard No Task File <==== ATTENTION
Task: {E2873648-F629-42A4-BE4D-91E9CA4F133B} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\OG.job => C:\Users\Paul\AppData\Roaming\OG.exe <==== ATTENTION
Task: C:\windows\Tasks\RBSWI.job => C:\Users\Paul\AppData\Roaming\RBSWI.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2010-07-19 18:57 - 2010-07-19 18:57 - 02231616 _____ () C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
2011-08-25 14:01 - 2005-04-22 05:36 - 00143360 ____R () C:\windows\system32\BrSNMP64.dll
2014-10-30 18:33 - 2014-10-30 18:33 - 05559648 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2014-10-30 23:49 - 2014-11-14 22:01 - 00123640 _____ () C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.exe
2014-10-20 17:26 - 2014-10-26 17:34 - 00104928 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-10-20 17:26 - 2014-10-26 17:34 - 00732128 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2008-12-20 04:20 - 2011-07-23 03:35 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2011-07-23 03:35 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-07-23 02:54 - 2011-03-25 10:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-04 20:33 - 2012-07-04 20:33 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-07-23 03:24 - 2011-07-23 03:24 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2011-07-23 03:24 - 2011-07-23 03:24 - 00628064 _____ () C:\windows\system32\SimpleExt.dll
2011-08-25 14:01 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-10-18 22:48 - 2014-10-18 22:48 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ce48f93e668f33a9aae851e512cfbf2a\IsdiInterop.ni.dll
2011-07-23 02:54 - 2011-02-18 09:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-10-20 17:26 - 2014-10-26 17:34 - 00022496 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-09-24 22:51 - 2014-11-14 22:23 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-14 22:11 - 2014-11-14 22:11 - 16840880 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BingDesktopUpdate => 2
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-2147732465-1013433442-3662694159-500 - Administrator - Disabled)
Gast (S-1-5-21-2147732465-1013433442-3662694159-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2147732465-1013433442-3662694159-1002 - Limited - Enabled)
Lapp (S-1-5-21-2147732465-1013433442-3662694159-1000 - Administrator - Enabled) => C:\Users\Lapp
Paul (S-1-5-21-2147732465-1013433442-3662694159-1003 - Limited - Enabled) => C:\Users\Paul
tvsu_tmp_zdesrSIJUT (S-1-5-21-2147732465-1013433442-3662694159-1006 - Administrator - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2014 10:49:12 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Lapp-PC)
Description: Die Anwendung oder der Dienst "linmsl" konnte nicht heruntergefahren werden.

Error: (11/14/2014 10:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.2.5413, Zeitstempel: 0x544ef530
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.2.5413, Zeitstempel: 0x544ed089
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/14/2014 10:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RegCleanPro.exe, Version: 6.21.65.62, Zeitstempel: 0x53e0df7a
Name des fehlerhaften Moduls: RegCleanPro.exe, Version: 6.21.65.62, Zeitstempel: 0x53e0df7a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00042f21
ID des fehlerhaften Prozesses: 0x130c
Startzeit der fehlerhaften Anwendung: 0xRegCleanPro.exe0
Pfad der fehlerhaften Anwendung: RegCleanPro.exe1
Pfad des fehlerhaften Moduls: RegCleanPro.exe2
Berichtskennung: RegCleanPro.exe3

Error: (11/14/2014 10:01:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 07:16:11 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"

Error: (10/31/2014 06:40:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1e94
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/31/2014 06:40:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x249c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/31/2014 05:37:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x10c0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/31/2014 05:23:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x2a88
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/31/2014 05:22:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x2fc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3


System errors:
=============
Error: (11/14/2014 10:51:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Update SunriseBrowse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/14/2014 10:51:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Util SunriseBrowse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/14/2014 10:45:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/14/2014 10:44:34 PM) (Source: DCOM) (EventID: 10016) (User: Lapp-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lapp-PCPaulS-1-5-21-2147732465-1013433442-3662694159-1003LocalHost (unter Verwendung von LRPC)

Error: (11/14/2014 10:44:26 PM) (Source: DCOM) (EventID: 10016) (User: Lapp-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lapp-PCPaulS-1-5-21-2147732465-1013433442-3662694159-1003LocalHost (unter Verwendung von LRPC)

Error: (11/14/2014 10:37:20 PM) (Source: DCOM) (EventID: 10016) (User: Lapp-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lapp-PCPaulS-1-5-21-2147732465-1013433442-3662694159-1003LocalHost (unter Verwendung von LRPC)

Error: (11/14/2014 10:34:47 PM) (Source: DCOM) (EventID: 10016) (User: Lapp-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lapp-PCPaulS-1-5-21-2147732465-1013433442-3662694159-1003LocalHost (unter Verwendung von LRPC)

Error: (11/14/2014 10:28:38 PM) (Source: DCOM) (EventID: 10016) (User: Lapp-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lapp-PCPaulS-1-5-21-2147732465-1013433442-3662694159-1003LocalHost (unter Verwendung von LRPC)

Error: (11/14/2014 10:28:30 PM) (Source: DCOM) (EventID: 10016) (User: Lapp-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lapp-PCPaulS-1-5-21-2147732465-1013433442-3662694159-1003LocalHost (unter Verwendung von LRPC)

Error: (11/14/2014 10:28:17 PM) (Source: DCOM) (EventID: 10016) (User: Lapp-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lapp-PCPaulS-1-5-21-2147732465-1013433442-3662694159-1003LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (11/14/2014 10:49:12 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Lapp-PC)
Description: 2C:\Program Files (x86)\LPT\linmsl.exelinmsl0521710560

Error: (11/14/2014 10:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.2.5413544ef530mozalloc.dll33.0.2.5413544ed0898000000300001425ad401d000515d6296aaC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll29c9f139-6c47-11e4-8aa1-b870f4234108

Error: (11/14/2014 10:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RegCleanPro.exe6.21.65.6253e0df7aRegCleanPro.exe6.21.65.6253e0df7ac000000500042f21130c01d0004e2a68b3f2C:\Program Files (x86)\RCP\RegCleanPro.exeC:\Program Files (x86)\RCP\RegCleanPro.exed47692cb-6c43-11e4-8aa1-b870f4234108

Error: (11/14/2014 10:01:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 07:16:11 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)

Error: (10/31/2014 06:40:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b1e9401cff53143e4faeeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll046d3e58-6125-11e4-85bb-b870f4234108

Error: (10/31/2014 06:40:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b249c01cff52a5a276667C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll046d6568-6125-11e4-85bb-b870f4234108

Error: (10/31/2014 05:37:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b10c001cff52825be7bbcC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll4519ca73-611c-11e4-85bb-b870f4234108

Error: (10/31/2014 05:23:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b2a8801cff526eab1375eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll34a1ccf1-611a-11e4-85bb-b870f4234108

Error: (10/31/2014 05:22:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b2fc01cff5263d1a39f2C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll178f82c8-611a-11e4-85bb-b870f4234108


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 41%
Total physical RAM: 6087.86 MB
Available physical RAM: 3565.38 MB
Total Pagefile: 12173.9 MB
Available Pagefile: 9404.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:654.69 GB) (Free:591.56 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:2.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 640F91AA)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End Of Log ============================

Gmer (hat nur im abgesicherten Modus funktioniert):

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-15 00:46:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.02.0 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\Lapp\AppData\Local\Temp\kxldapoc.sys


---- Registry - GMER 2.1 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fc1a13                      
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fc1a13 (not active ControlSet)  

---- EOF - GMER 2.1 ----

Ich hoffe alles ist korrekt und jemand kann mir helfen.

Viele Grüße
Hausmeister

schrauber · 15.11.2014, 09:57

hi,

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Search Protect

Update for Zip Opener
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Haus meister · 15.11.2014, 17:16

Hallo Schrauber,

vielen Dank an dieser Stelle schon mal für deine Hilfe.

Die Schritte habe ich ausgeführt, wenn auch der Revo Uninstaller mir bei beiden Programmen einen Fehler gemeldet hat, dass die Installation nicht ordnungsgemäß ausgeführt werden konnte. Ich konnte trotzdem die Reste nach deiner Anleitung löschen.

Hier das Logfile von ComboFix:

Code:

ATTFilter

ComboFix 14-11-15.01 - Lapp 15.11.2014  16:45:27.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6088.3523 [GMT 1:00]
ausgeführt von:: c:\users\Lapp\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Probit Software\Easy Speed PC
c:\program files (x86)\Probit Software\Easy Speed PC\ESPCSmartScan.exe
c:\programdata\374311380
c:\programdata\374311380\BITC055.tmp
c:\programdata\ntuser.pol
c:\users\Lapp\AppData\Local\nsw25CA.tmp
c:\users\Lapp\Desktop\Search.lnk
c:\windows\s.bat
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-15 bis 2014-11-15  ))))))))))))))))))))))))))))))
.
.
2014-11-15 15:54 . 2014-11-15 15:54	--------	d-----w-	c:\users\Paul\AppData\Local\temp
2014-11-15 15:54 . 2014-11-15 15:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-11-15 15:32 . 2014-11-15 15:32	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-11-15 15:12 . 2014-11-15 15:12	75888	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F129E5FB-0A69-41D4-B06C-EF82CEA7592E}\offreg.dll
2014-11-14 23:52 . 2014-10-14 19:59	11627712	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F129E5FB-0A69-41D4-B06C-EF82CEA7592E}\mpengine.dll
2014-11-14 22:30 . 2014-11-14 22:32	--------	d-----w-	C:\FRST
2014-11-14 21:54 . 2014-11-14 21:54	--------	d-----w-	c:\program files (x86)\predm
2014-11-14 21:23 . 2014-11-14 21:23	220784	----a-w-	c:\program files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-11-14 21:21 . 2014-10-03 02:12	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-11-14 21:16 . 2014-09-18 16:58	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D0F11F24-F4DD-46C0-973C-8285D4B575AB}\gapaengine.dll
2014-11-14 21:07 . 2014-11-14 02:33	48792	----a-w-	c:\windows\system32\drivers\{8431bbbd-4243-4758-beab-348411cd1e12}Gw64.sys
2014-10-31 18:09 . 2014-11-15 15:10	--------	d-----w-	c:\programdata\89c775be-12de-4e15-846c-6b3e6a8c39a2
2014-10-31 17:39 . 2014-10-31 01:45	48792	----a-w-	c:\windows\system32\drivers\{9255f1e2-1754-4887-b5d8-8ea035831546}Gw64.sys
2014-10-31 16:37 . 2014-11-14 21:49	--------	d-----w-	c:\program files (x86)\PC Speed Maximizer
2014-10-31 16:27 . 2014-10-14 19:59	11627712	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-29 15:16 . 2014-10-29 15:16	--------	d-----w-	c:\users\Paul\AppData\Local\SearchProtect
2014-10-29 15:16 . 2014-10-29 15:16	--------	d-----w-	c:\users\Paul\AppData\Roaming\Systweak
2014-10-29 15:11 . 2014-11-14 21:53	--------	d-----w-	c:\users\Lapp\AppData\Roaming\Systweak
2014-10-29 15:11 . 2014-08-05 18:14	20328	----a-w-	c:\windows\system32\roboot64.exe
2014-10-29 15:11 . 2014-11-15 15:39	--------	d-----w-	c:\users\Lapp\AppData\Local\SearchProtect
2014-10-29 15:06 . 2014-11-14 22:00	--------	d-----w-	c:\users\Lapp\AppData\Roaming\Probit Software
2014-10-27 18:18 . 2014-10-27 18:18	--------	d-----w-	c:\users\Paul\AppData\Local\com
2014-10-27 18:18 . 2014-10-27 18:18	--------	d-----w-	c:\users\Paul\AppData\Local\fastplayer
2014-10-26 16:42 . 2014-10-26 16:42	--------	d-----w-	c:\users\Paul\AppData\Local\mbot_de_195
2014-10-26 16:37 . 2014-10-26 16:37	--------	d-----w-	c:\windows\SysWow64\Flash
2014-10-26 16:36 . 2014-10-26 16:36	--------	d-sh--w-	c:\users\Lapp\AppData\Roaming\AnyProtectEx
2014-10-26 16:34 . 2014-10-26 16:34	1519520	----a-w-	c:\users\Paul\AppData\Roaming\OG.exe
2014-10-26 16:34 . 2014-10-26 16:34	2006432	----a-w-	c:\users\Paul\AppData\Roaming\RBSWI.exe
2014-10-26 16:34 . 2014-11-14 21:53	--------	d-----w-	c:\program files (x86)\globalUpdate
2014-10-26 16:34 . 2014-10-26 16:34	--------	d-----w-	c:\users\Lapp\AppData\Local\globalUpdate
2014-10-26 16:34 . 2014-10-26 16:34	--------	d-----w-	c:\users\Lapp\AppData\Local\com
2014-10-26 16:34 . 2014-10-26 16:34	--------	d-----w-	c:\programdata\IePluginServices
2014-10-26 16:33 . 2014-10-31 16:16	--------	d-----w-	c:\program files (x86)\SupTab
2014-10-26 16:33 . 2014-11-14 21:55	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-10-26 16:32 . 2014-11-15 15:51	--------	d-----w-	c:\program files (x86)\Probit Software
2014-10-17 14:08 . 2014-09-04 05:23	424448	----a-w-	c:\windows\system32\rastls.dll
2014-10-17 14:08 . 2014-09-04 05:04	372736	----a-w-	c:\windows\SysWow64\rastls.dll
2014-10-17 14:08 . 2014-07-17 02:07	235520	----a-w-	c:\windows\system32\winsta.dll
2014-10-17 14:08 . 2014-07-17 02:07	150528	----a-w-	c:\windows\system32\rdpcorekmts.dll
2014-10-17 14:08 . 2014-07-17 02:07	455168	----a-w-	c:\windows\system32\winlogon.exe
2014-10-17 14:08 . 2014-07-17 01:40	157696	----a-w-	c:\windows\SysWow64\winsta.dll
2014-10-17 14:08 . 2014-07-17 01:21	212480	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2014-10-17 14:08 . 2014-07-17 01:21	39936	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2014-10-17 14:08 . 2014-09-05 02:11	6584320	----a-w-	c:\windows\system32\mstscax.dll
2014-10-17 14:08 . 2014-09-05 01:52	5703168	----a-w-	c:\windows\SysWow64\mstscax.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-15 01:34 . 2011-08-10 20:33	103374192	----a-w-	c:\windows\system32\MRT.exe
2014-11-14 21:11 . 2014-04-18 15:52	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-14 21:11 . 2014-04-18 15:52	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-30 11:25 . 2010-11-21 03:27	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-02 06:23 . 2014-10-02 06:23	225752	----a-w-	c:\windows\apppatch\AppPatch64\SPVCLdr64.dll
2014-09-25 02:08 . 2014-10-01 14:03	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 14:03	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-18 16:58 . 2011-08-11 15:08	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-09 22:11 . 2014-09-23 22:38	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-23 22:38	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-08-23 02:07 . 2014-08-28 22:30	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 22:30	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-17 22:25 . 2010-06-24 11:33	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-10-26 16:33	514016	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2010-01-15 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 642728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WN111v2 Setup-Assistent.lnk - c:\program files (x86)\NETGEAR\WN111v2\WN111v2.exe [2009-10-1 1748992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 lfputvzi;lfputvzi;c:\windows\system32\drivers\lfputvzi.sys;c:\windows\SYSNATIVE\drivers\lfputvzi.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
R2 MaintainerSvc2.61.4907295;MaintainerSvc2.61.4907295;c:\programdata\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.exe;c:\programdata\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.exe [x]
R3 cpuz134;cpuz134;c:\users\Lapp\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Lapp\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\NETGEAR\WN111v2\jswpsapi.exe;c:\program files (x86)\NETGEAR\WN111v2\jswpsapi.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50a64.sys;c:\windows\SYSNATIVE\Drivers\PCAMp50a64.sys [x]
R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCASp50a64.sys;c:\windows\SYSNATIVE\Drivers\PCASp50a64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WFMC_VAD;WFMCVAD (WDM);c:\windows\system32\DRIVERS\wfmcvad.sys;c:\windows\SYSNATIVE\DRIVERS\wfmcvad.sys [x]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\DRIVERS\WN111v2w7x.sys;c:\windows\SYSNATIVE\DRIVERS\WN111v2w7x.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 {8431bbbd-4243-4758-beab-348411cd1e12}Gw64;{8431bbbd-4243-4758-beab-348411cd1e12}Gw64;c:\windows\system32\drivers\{8431bbbd-4243-4758-beab-348411cd1e12}Gw64.sys;c:\windows\SYSNATIVE\drivers\{8431bbbd-4243-4758-beab-348411cd1e12}Gw64.sys [x]
S1 {9255f1e2-1754-4887-b5d8-8ea035831546}Gw64;{9255f1e2-1754-4887-b5d8-8ea035831546}Gw64;c:\windows\system32\drivers\{9255f1e2-1754-4887-b5d8-8ea035831546}Gw64.sys;c:\windows\SYSNATIVE\drivers\{9255f1e2-1754-4887-b5d8-8ea035831546}Gw64.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 vmuvcflt;Vimicro USB Camera Filter;c:\windows\system32\Drivers\vmuvcflt.sys;c:\windows\SYSNATIVE\Drivers\vmuvcflt.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-18 21:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-07-23 02:24	1508192	----a-w-	c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-07-23 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-07-23 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-07-23 5908928]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-26 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-26 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-26 416024]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.mysearchpage.net
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
mDefault_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295
mStart Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414341193&from=tugs&uid=WDCXWD7500BPVT-24HXZT1_WD-WXE1A511029510295&q={searchTerms}
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6qMH8RGuKgGmZGWtbUMCItj6rO-_QaxL2WErrEjNI-6ScrhhpvLgkvgt_6iaB2Hd28jLJ_gANpVDW65bEXD6k0IU29bZofSzngGQvKJlgSCueKZ2piaqjvouootPDhzJrVlbodHcNJH4m&q={searchTerms}
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - user.js: extensions.astrmndasr.hmpg - true
FF - user.js: extensions.astrmndasr.hmpgUrl - hxxp://astromenda.com/?f=1&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StBzzyDzy0F0F0B0AtGtD0E0E0CtGzz0BtCyEtGtCtB0AzztGyCtAtB0AyBtA0Dzz0Fzy0F0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czz0C0CtCtA0CtDtGtBzzyCtCtGyE0E0DyDtGzz0CtDtBtGyCyC0B0ByCyD0ByE0Fzy0F0E2Q&cr=1762962598&ir=
FF - user.js: extensions.astrmndasr.dfltSrch - true
FF - user.js: extensions.astrmndasr.srchPrvdr - Astromenda
FF - user.js: extensions.astrmndasr.dnsErr - true
FF - user.js: extensions.astrmndasr_i.newTab - true
FF - user.js: extensions.astrmndasr.newTabUrl - hxxp://astromenda.com/?f=2&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StBzzyDzy0F0F0B0AtGtD0E0E0CtGzz0BtCyEtGtCtB0AzztGyCtAtB0AyBtA0Dzz0Fzy0F0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czz0C0CtCtA0CtDtGtBzzyCtCtGyE0E0DyDtGzz0CtDtBtGyCyC0B0ByCyD0ByE0Fzy0F0E2Q&cr=1762962598&ir=
FF - user.js: extensions.astrmndasr.tlbrSrchUrl - hxxp://astromenda.com/?f=3&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StBzzyDzy0F0F0B0AtGtD0E0E0CtGzz0BtCyEtGtCtB0AzztGyCtAtB0AyBtA0Dzz0Fzy0F0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czz0C0CtCtA0CtDtGtBzzyCtCtGyE0E0DyDtGzz0CtDtBtGyCyC0B0ByCyD0ByE0Fzy0F0E2Q&cr=1762962598&ir=&q=
FF - user.js: extensions.astrmndasr.id - F2DF9A874C38E880
FF - user.js: extensions.astrmndasr.instlDay - 16374
FF - user.js: extensions.astrmndasr.vrsn - 
FF - user.js: extensions.astrmndasr.vrsni - 
FF - user.js: extensions.astrmndasr_i.vrsnTs - 17:37
FF - user.js: extensions.astrmndasr.prtnrId - WSE_Astromenda
FF - user.js: extensions.astrmndasr.prdct - astrmndasr
FF - user.js: extensions.astrmndasr.aflt - ast_ir_14_44_ff
FF - user.js: extensions.astrmndasr_i.smplGrp - none
FF - user.js: extensions.astrmndasr.tlbrId - 
FF - user.js: extensions.astrmndasr.instlRef - 142905_d
FF - user.js: extensions.astrmndasr.dfltLng - 
FF - user.js: extensions.astrmndasr.appId - {9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
FF - user.js: extensions.astrmndasr.excTlbr - false
FF - user.js: extensions.astrmndasr.cr - 1762962598
FF - user.js: extensions.astrmndasr.cd - 2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StBzzyDzy0F0F0B0AtGtD0E0E0CtGzz0BtCyEtGtCtB0AzztGyCtAtB0AyBtA0Dzz0Fzy0F0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czz0C0CtCtA0CtDtGtBzzyCtCtGyE0E0DyDtGzz0CtDtBtGyCyC0B0ByCyD0ByE0Fzy0F0E2Q
FF - user.js: extensions.astrmndasr.AL - 4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-jswtrayutil - c:\program files (x86)\NETGEAR\WN111v2\jswtrayutil.exe
Wow6432Node-HKLM-Run-mbot_de_195 - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2898855v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-Qtrax Connection Manager - c:\users\Lapp\Qtrax\Player\uninstallnotification.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-11-15  17:02:31
ComboFix-quarantined-files.txt  2014-11-15 16:02
.
Vor Suchlauf: 14 Verzeichnis(se), 634.795.233.280 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 637.031.333.888 Bytes frei
.
- - End Of File - - B22B048E378E61C1CF5163A9C9210F40

Schönen Gruß
Hausmeister

schrauber · 16.11.2014, 08:01

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Haus meister · 16.11.2014, 13:56

Hallo Schrauber,

hier die angeforderten Logfiles:

Malwarebytes:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 16.11.2014 12:35:03, SYSTEM, LAPP-PC, Manual, Rootkit Database, 2014.9.18.1, 2014.11.12.1, 
Update, 16.11.2014 12:35:08, SYSTEM, LAPP-PC, Manual, Malware Database, 2014.9.19.5, 2014.11.16.2, 

(end)

AdwCleaner:

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 16/11/2014 um 13:20:56
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-13.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Lapp - LAPP-PC
# Gestartet von : C:\Users\Lapp\Desktop\cleanen\AdwCleaner_4.101.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\Probit Software
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files\Uninstaller
Ordner Gelöscht : C:\Users\Lapp\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Lapp\AppData\Roaming\AnyProtectEx
Ordner Gelöscht : C:\Users\Lapp\AppData\Roaming\Probit Software
Ordner Gelöscht : C:\Users\Lapp\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Lapp\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Paul\AppData\Local\FastPlayer
Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eck7d15l.default\Extensions\{8dc5c42e-9204-2a64-8b97-fa94ff8a241f}
Ordner Gelöscht : C:\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg
Datei Gelöscht : C:\windows\Reimage.ini
Datei Gelöscht : C:\Users\Lapp\daemonprocess.txt
Datei Gelöscht : C:\Users\Lapp\Desktop\Continue Live Installation.lnk
Datei Gelöscht : C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\user.js
Datei Gelöscht : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eck7d15l.default\user.js

***** [ Tasks ] *****

Task Gelöscht : BitGuard
Task Gelöscht : Dealply
Task Gelöscht : LaunchApp
Task Gelöscht : LaunchSignup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Reimage
Schlüssel Gelöscht : HKCU\Software\Easy Speed Check
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16592


-\\ Mozilla Firefox v33.0.2 (x86 de)

[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Astromenda");
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%[...]
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD[...]
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytD[...]
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzy[...]
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[gwpsj8lv.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Astromenda");
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Astromenda");
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%[...]
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a975af9566d8c4897837a25c267d2cec1gmailcom64969.64969.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD[...]
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytD[...]
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
[eck7d15l.default\prefs.js] - Zeile gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_ir_14_44_ff&cd=2XzuyEtN2Y1L1Qzu0FtB0D0Fzy0AzzyByE0CtAzz0EzzzztDtN0D0Tzu0StCtDtAyDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzy[...]

-\\ Google Chrome v

[C:\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : epojlgbehpaeekopencdagbdamnkppci
[C:\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : fmfnfnpmhcllokmkepffndflpnadjmma

*************************

AdwCleaner[R0].txt - [8100 octets] - [17/04/2014 20:01:18]
AdwCleaner[R1].txt - [9153 octets] - [16/11/2014 13:03:10]
AdwCleaner[S0].txt - [7387 octets] - [17/04/2014 20:02:39]
AdwCleaner[S1].txt - [8587 octets] - [16/11/2014 13:20:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8647 octets] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Lapp on 16.11.2014 at 13:25:31,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Lapp\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Lapp\AppData\Roaming\zip opener packages"
Successfully deleted: [Folder] "C:\Users\Lapp\music\qtrax media library"
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{00134632-5AC5-4385-AA1B-028701B39180}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{004DCA48-0BB3-47A7-BD2D-675C1158730B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{005DCD0F-47F5-4193-B816-032C1F0855A4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0074653D-B6B3-4898-B66D-0A80DD631144}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{00869FEB-F658-49C8-8CF4-6A534CEB06E2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{00BBAE6C-24E0-4057-8853-4ECCC6BDD6FA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{00E227D3-9964-4B12-A513-7A1D6C494C95}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{011B1F4A-792D-4AF6-BA6A-B7B988389C53}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{01E40C0A-571E-4A22-8179-77934218797D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{026F9F75-BDBB-4F4A-9B94-429A399B15FC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{028A4D00-4784-4520-AA9F-19389CB03626}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{02998284-AFEC-4E31-A04F-7A26DB20FDA4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{02E995DB-27B1-409B-90AC-E5208F553F79}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{02F02731-57F1-4771-9F51-C2EECE92B797}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0354500E-B9E4-41FD-8C92-3F63DF1E9E1C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{039F4606-592F-49C1-90A1-130AE649A269}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{03DEC943-0C9C-49ED-9F23-655EE3AABF6B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{03E487D5-C14B-4EA9-8686-A4B49365FDE4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{042261B6-93B0-4400-986C-22E301ABC5A2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{04874756-AFFF-4B93-9188-2C3BCB4CED36}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{04E3590E-9E5C-4E86-A2C2-5BD39417E796}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{04EEB20F-7D20-429A-B7F4-6FB0BD2CDBA5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{053FADA2-F8FD-4D1F-A23C-824252D2CF92}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{05803B04-30D8-4799-A091-05BCF6E17EBF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{05C7A962-9D07-4865-B8F6-FC582285E16B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{06096CB1-CC82-4327-9AE4-6AB7BB95FB52}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{06C84EBA-B7A6-4057-8754-12A95B4768BE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0709AB67-E5BC-4441-A639-313A52D840F6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{075DBBEB-3376-4FCC-901E-A783D9540D8F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{075E7CD7-00F4-4F48-A1D8-AD9AFDDAC717}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{07EDAFFC-6374-48AE-8969-6B4220585CF0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{081ED734-4B4D-4C40-A7FA-A01EB644992F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0876BFD7-F847-4FDD-9585-D198BB278E81}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{08F4077B-66DD-49A2-84F6-81159CD0E0F6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{093B4349-0510-42B6-888B-B2A9C44C4565}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{093C9A70-1E2D-472C-AAC0-51B1F4BEFF96}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0941E8F0-5F88-49BF-AC78-D11D8E4D6B8B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{095A0D39-65FC-495B-8550-799FC763041B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0A25297E-4DC6-42C6-8C64-F3A7BDF52BAB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0A693856-C6C4-46DE-9948-556FE8966088}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0AED3C50-6F84-40A8-A0B8-3BA9FB5913BE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0AF2E314-345F-4895-8E13-A60E3B1425EB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0B8AED04-62B3-4AD7-B1A9-F54727DCE19F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0C5785C6-6B4B-41BF-850D-E608ECD6A020}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0CAE2AF9-8C49-4123-B20F-AE2B6FA7D2DA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0CB9AA37-D5CC-4E01-88D8-2FB4C4682751}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0CD7A2F4-EBD4-4733-8698-524E931868F5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0CDD8ADD-A157-4CB9-9B96-F3349B4E9CE9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0D1C635C-20D0-4D2E-9C3A-83CC2AEAB884}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0D1DC754-FB06-4569-9D88-96F7CC7C4ABD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0DDE4979-D958-4F26-B2D6-3B2289CE0372}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0DF2FB63-505B-4A47-A116-2D6E7BCDABC9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0E30246B-803D-466C-99CC-18249BA30FB0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0E71873D-DD86-420B-9E61-657736534ECA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0EE73826-E577-4BBA-A7F2-23676F50A960}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0F1692DE-B0A7-4121-A83C-D17E3E5B5D97}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0F401EB5-2396-4C01-AABB-B69B3CD55E15}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{0F9CE71F-4ABA-48C5-B856-E8B3F0D6BDBC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{10406E8D-B809-4627-B678-94003E899BAA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{105BDED0-4D2D-4291-8BA1-402B58E43F9A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{10850757-E527-4C5D-BCAE-10492EDCAC18}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{10C92878-F1F7-41D1-A8BF-D7CC7E6E2D7B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{11696B4D-7E52-44B9-9DE6-D80AA77AAF70}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{11825063-7FA1-4573-8B50-1222E92496B3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{11F7B5FB-4C11-46F7-9127-B0F05BA2F7CB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{128DA3F6-EF32-42F8-ABEA-01922233F96A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{12B54A23-379D-411E-A38B-80AF295C944D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{12B65BB6-064E-43A8-96E0-A3C4F167C421}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1344A9C6-8C25-47E9-A8D6-D32A83864B37}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{134B36EA-9898-49CA-BF94-0E32D377F428}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{13DFF35B-B8E6-443A-9409-717B1A1CDA7D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{13FDAC67-64AB-4FA1-A01F-1C7DF901C9EC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{14082E34-B362-47FD-A4DE-FF2E0C17D7E1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{142AFEEB-D305-4815-9D45-12A02B37C33D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{145D5103-DAFD-4366-86EC-D61089D4A3D4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{145F509C-82D1-4B4F-A100-F1A2F045545F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{14AC3BD1-B52B-4E50-AFCD-326AF8CF7877}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{15D41D23-C36B-44FB-B83E-E753572AE6B5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{15DDDCD4-7B97-4EBA-9C4B-8DD1CFA5A2F3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1662A311-1127-444A-B589-FF90D9ABA3E6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{175F261D-FD6B-4F9C-AF43-1AD6AC9230C2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{17D20907-E1DE-435A-B82D-BD36A29783B8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1801ED82-0901-4120-B13C-AC788332FAAB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{182583BD-4C75-46A7-BACA-D9A2E44B9475}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{184D2F45-BDDD-4B00-A5E7-C9060737B843}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{18759057-39A9-465A-B198-9787A51811FA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{18865F03-6D3C-487B-BEC8-96E67C9C7D4A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{19004F96-A0C6-4943-916D-6AE8B078A1B8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{190640E2-BE67-4BF8-9EDD-AFA5452EB253}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{197C016C-9536-4874-A3F2-EB75B69A4DCA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{199A7CB9-89E6-4D06-828A-1E132A2683A7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{19A53C51-46FC-446F-8366-2CC4835BED1D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{19F49441-73CC-4AA0-A86C-276F274836F7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1A1BFB61-606D-4B17-8B22-41E9438604DD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1A298C3E-C3C4-4112-95D1-F8B823697F22}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1A7566A8-739B-4492-A8E8-92FCD082E429}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1A8192E0-3358-4460-B082-1D0D0C0A3592}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1AA7F2C8-B8BF-4350-97BF-575DCB84A176}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1ACDCFFB-1A60-4EE6-B054-FE6C05E5939B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1AD04B97-A3C9-4FD1-BC75-1D13ADDC75B2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1AD30085-B7AB-4ED8-9E9B-9DB16445C2B5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1B4D98CB-16EA-4226-9A9C-D353EBCF6790}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1B60D698-E8C7-4A9B-A782-9E088EAA6B37}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1C393C90-958F-4CD8-82B5-E9656610FF9A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1C5A0D72-5A4D-4A35-8F35-9A6CCCEBBC91}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1C671458-C7B4-4415-B588-2F0F391B965E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1C8BBEB2-3792-4616-8600-1C71EE5ABB2B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1D6DDBD7-9079-4009-8E02-09736202BAD6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1D945071-9CD9-4D41-B54F-A3E3F2C8FD40}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1DB63640-1C0A-4160-9C85-D7B8F166ECE4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1DE4E269-494B-4BCE-B398-DEB40B32FE81}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1E03CEF8-5847-4AA7-A9F5-1F89E443C853}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1E161B6F-BDE4-4094-B9B6-486097986233}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1E32C2C7-A95A-4AF2-85E1-20140EA9914A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1F388A1E-DFF6-42E2-8679-7A75EBA52562}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1FC26C1F-2D82-43D5-A8C6-A890159A910D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{1FC88E09-5103-404B-8E11-3B2175905CC1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{20072E4F-17EA-4457-98C9-7D123BA0BAF9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{205FBDBC-CE41-4B54-BF5A-0B86CCFE28F0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{206CBA02-2F52-4086-B666-44F1B117CD0B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2071727C-C69B-4D42-9E5A-69D14598BB97}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{207C53EA-8348-4E97-9940-C019D6252779}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{20C834B2-13BA-4A26-93C2-08F6FC360741}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{21312073-8C75-4D3A-ADE4-F8DD68A04143}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{216FB0EE-9BD4-4F6E-BEC3-752C5D217FB3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{21913877-CEFD-4FBE-9DFC-F4887478C5A5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{21949B1D-AAEA-4CB0-9CAA-D83AA8B21439}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{22132D15-572B-4767-BA2B-DD9AF261BBA4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{22447CCA-1A5D-4C64-A16C-1DBCEBF593BA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{229D29C1-1C18-4632-99F0-0FB9A0180F2A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{22BBD5AD-2F31-4B1E-9CFE-6F107BF68B1D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{22EE3D2E-6197-4E0F-8472-BD0F78B43BEA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2311BA15-A7D9-41B4-ABC5-8B8485CF5C4D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{23233B84-C4A6-4FDF-9EE4-66BA8DF903C5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{235B99C3-FCBE-40F9-B17F-D6437C3C5C43}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{23AC76F4-0A2A-4937-9C51-B80D7C2E5ABB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{23DB0B5A-B7BE-48B4-890E-E7252FE926C6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{241C5C97-2DA9-4558-A6E2-DB3FCC0A3FD4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{24E13DE3-BF74-4FD3-ABD8-B65CD4D7A1C2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{25105376-9F2F-41A7-A6C5-1EBC9D1AF670}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2576EDC0-5566-4FD2-8281-6AD889165A15}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{259CF9E0-3724-4150-A65B-98E7909C2A21}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{25D6009B-5758-45C3-8C91-ADB1434DAEF9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{25EB7E12-6D5C-4A41-AA64-43B01FB38D65}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{260B028B-1832-4918-A39A-4187383FF03C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{262B5956-5130-44B9-A7B7-5F26666C922D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{265CB67D-F75C-4A84-B9AA-C06D62E2856F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{267429D6-29CC-4C92-AB73-A62635E5073C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2680665B-C590-44F8-8746-ADBEBC0B52CC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{26B28887-3142-402F-BDF9-91FB84A129E0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{26BC8980-B412-408A-825F-2BA89EED71AF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{276C7B07-BE78-4E5C-81BE-95DF15A15C6B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{27DBAFD7-A806-4B84-BAE2-C8ABCD5A5157}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{28074B55-51B2-4DB0-B9C6-11508575FC3B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{280E2773-D5DE-4676-B88B-8BEFDDE80DD9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{28D88BAE-72D3-4A33-924A-4FEA6DC3435C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{28E9BE10-5EE3-4BDD-9180-4AA37BEC9D2A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{29172581-9A56-4618-ABEA-33BA97482991}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{291BEA01-4594-4ADF-98E1-4294274F987B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2A092D58-5ADB-4C5F-A33C-2381587BBE65}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2A0A7136-475E-4E97-9B22-2648A9B4C0FD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2A216C4A-E67E-45BB-8646-4647E179B44C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2A27F119-E734-4D09-A4E5-141221565C7F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2A2A0855-FBF3-4BA9-A36D-5514E690342E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2A3A2D98-61E2-441E-890F-DA17023CC22C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2AB27400-F25B-4A96-A5CD-D08251506E0D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2B283C85-A3A5-4580-93D2-D80B59603E4D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2B4DB576-1F76-4E2B-876E-9459AB3812BD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2B86A533-4236-45AF-852E-DE3AB7A489AD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2BC3473A-A899-42CC-B435-8D81BEF51CF6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2BCE6B6B-831E-41CC-9F86-27C0BACD3BA0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2C23E560-7A3F-43FB-A300-012E9FD52946}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2C604798-E44D-4D20-8715-DC087714D720}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2CA7B00E-3085-42C2-9D3F-80FC2D8B800A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2CCF6F9C-6F8A-4035-BE47-36EDDF6A541C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2D19D476-494D-459E-8B9E-C1CF64C6FDD0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2D427785-B434-4210-A23F-52FB343824EC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2E773403-9174-4DE2-B687-8C0F4ABD55A1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2E9C8C41-E0D5-43C4-A924-41D30F68FBCB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2EF6E2F1-1D90-4D77-9EF7-35C109D013A1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2FBEABFF-DFEC-4FAD-A939-2D862F6FB1C0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{2FC5FA2E-45D3-4209-A057-C673E713EB0A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{30060D58-ADFC-4DA7-B677-DBA537C561DB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3012302A-3E35-4FAB-B067-B0B9207F2CDF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3065B01A-5C87-4BFB-ABBE-FDF27E16018E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{306A2FE9-FF44-499C-B13D-51F46A8D6B53}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{306F1A8C-5EA9-4BEC-879A-08A29BD81D3C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3076A24D-47FE-4808-B215-ABD1AAF1CA63}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{308990DB-5545-4687-B267-3B00FA5B4D9D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{30D29FC1-A9BF-4B9D-A845-ED781A1B6DFC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{312E9898-3412-42CF-AB0D-C5D7FEC41B0C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{322351BC-A816-4918-9028-85A0A5A13AB4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{326FB29A-2BBD-4A06-A56D-B8D86A6A4B66}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{32B69140-B479-401B-8725-A96D290E2B99}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{32B91B17-ED8A-4EB0-9C7A-397934AADEB7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{32D1EA92-E730-4570-AA1D-B29EE5D97AF0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{33210B22-5372-4214-BC41-35FE1606AF25}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{334CEE48-B934-4941-B4C4-99777FB06F79}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{337E33F8-53FF-432F-B87A-3B3B988E5BC7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{33848624-41F3-48CA-8075-8FDF218408F7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{33C5617E-040F-4B56-A9F1-6F8479F5C55F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{34975064-9882-4756-B847-DBA6C8041D22}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{34AAB74C-42DA-435E-B950-FEF619B58CF6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{34F46087-19A6-4DBD-96DA-FEF51E72825E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{357EBB5E-4BDC-403D-83A1-D015D3183515}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{35A300D4-21E6-4DDC-8550-9A9976B47C81}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{35B35B53-66AC-4648-81EF-BB3DE97708E2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3609C046-C123-4C65-99E8-E81B9F52BC46}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{361429D3-CE0E-409E-9BFD-E381B6EB2942}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{364720B2-2DB1-4207-AA8A-9375002E425E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{36729964-BABC-44A1-B003-323583413565}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{36828B7E-D0EF-46C0-9D0B-EC78D1EC1D3B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{369D8FE6-F343-48B2-8DD3-E4D968C521E0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{36A1A3B4-262B-497D-8E68-B4A411F68CA3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{36FD42BA-668E-4CC9-BCE9-F32F161B8889}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3728AD58-74F2-46BC-9FCF-C18237581BA7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{372C6543-5700-41BD-BFCF-8B92438C963B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{37476854-E86D-445D-8022-04B091A8AAD4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{37E321AF-13B6-4244-BB6B-3B05C413A775}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{38104C00-60BE-4437-87CF-110B04448781}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{38254F44-4A82-4A2B-B87F-DE815DEDC3C0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{383BB18A-E749-44DB-85E0-F4F180D4C5A3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{388B0DA3-2B4E-4429-BF48-CF326E0EC99C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{39771C64-CC69-486F-8B60-8033A048D870}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3992A2F0-ADD3-4EE7-B1A1-383D37BC7912}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{39F90CC6-AFEF-4550-A079-EF0F25F3A816}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3A53B137-8F77-49DC-B48B-A5AF5154647B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3AACFF97-B2D2-49F5-B83E-390AD3E93CE9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3ADD4096-001D-4D6B-A5A0-71517B3A3151}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3ADD5A41-FF45-4AE6-8F0B-8738CE23BDD6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3AE50778-198A-4FCF-9BFD-E714C26E3487}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3B37AEA9-CFDA-426A-ACFC-57F6E7CD164F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3BB7309D-2BA2-4F40-8A31-7FD31C5C5940}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3BFB8C0F-EC78-4A60-82D0-A3F6A6A8EDEB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3C0782B4-229A-4001-A036-40CE5C12ECAB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3C2FB59D-EFAE-4602-9ED5-03737EA0807F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3CFE277F-69D4-4207-A935-9B775D87B66D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3D223AC3-2474-488C-A333-FA60B42F7721}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3DE1B05B-B162-45F9-8A0D-8CD3427925D0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3DF4897F-E95E-4E2F-B1ED-5CF969A2493A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3DF7707B-50AA-4892-8474-C80A5C9459BD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3F4065C7-E36E-4494-8FB1-2B72745817D6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3FACF515-52E3-4C4A-8679-38C149781B8A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{3FBD0D1E-D3FA-4A21-B155-FD9770057096}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{404690A6-F4FE-4D09-A926-25F9A79378AF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4079E66D-900A-4AB5-8A9C-43F64C3E0B91}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{40E9DC8B-1B54-482E-BE93-33C8434F206E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{41313DBA-8D5B-4059-A6A2-2D3057ECDF75}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{415A6704-92B2-426A-983F-04A3DE94B69C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{41868FB2-79C1-4846-A5B2-983E30817E68}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{419BBC08-9C16-4E1B-B43E-169161409BD7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{41E672F4-663D-4103-A5AF-0B8E9B0EC33D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4205AC2B-AD5B-4654-9EDD-EFA4CA1EDDD2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{42237EE7-6797-4DB1-B8F0-787A46845CD1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{42583C6F-0D8B-4E1B-A7EA-317397822BD9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{427E365A-A139-4B6C-94FB-A5668EA1773D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{428F369C-2FBD-46A6-BFF8-56BBBD5D74BB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4291BB80-4E0B-4BC5-A8F4-C94652DDB235}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{42FAAA60-9F1B-4B0C-85FE-D9282203A294}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4321CF60-3511-40EE-A19C-19C6A21A71A6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{438B0F60-22D7-4FB6-9B66-24D9B4A329B0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{43D32144-81DB-4B12-83DF-0D0B7A292829}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{44847AEB-5131-4354-A05A-EC0B7EB3C7F2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{44C40703-B944-4A06-ACEC-ECDC92FA92E5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{450E6393-C59C-46CF-83E0-8B0AE445A28D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4579F6EF-DAF2-43F6-A493-1528984F10A0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{45AE9315-514B-4C7A-93F3-4573F7368C2A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{45CA8924-C6EF-43BA-9B13-4A11BE9FBACA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{461279C3-A2BD-48C0-8144-70EA5B2570B4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{462A50F1-FAFD-4633-82D8-194AC8B62B5A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{46EDCBD5-6A28-4649-9F72-4808EDD416BF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{47059B1A-B301-4901-9531-88D63A48D215}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{472A549D-C206-4F5E-8D9C-1F9B67C463A6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{47B0FD10-F8C7-4C3F-A1CC-6D9644D05A1E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4821970F-B2AE-4409-BCF2-462351B6EB59}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4890FCB7-103C-409E-B099-9E1B636B2A8B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{489E4136-FBE2-4B91-AF98-40A42EF1BEA5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{49061001-C62F-44E5-9C03-524831102C39}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{495EBB96-D195-43D0-AE21-568C05409584}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{496D87A4-0E0C-4F34-8FF4-5FBA1EE96566}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{49D54921-94F8-40FE-80ED-84ADCD435EFE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{49D8C973-0C7F-476E-AA25-44006D4266F5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{49E4A4CB-735B-4C7C-B82A-BFAB3C29BD6E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4A1DA4A9-7BBB-4798-B70D-E1B2B4464F79}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4A435DB2-910B-4B2B-B641-B4D6457B5625}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4A5451E5-F7BE-4E2D-81D5-16111ACED98C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4AAD4106-6C99-4518-ACB3-1376249F637F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4AB4456A-C1E4-4E6D-9F3E-28F98A980581}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4AB9AF5C-4D05-426A-901D-1787B583368A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4AE685F0-D3A0-43A5-A135-9B9AD4CB7554}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4B7F2E53-2017-4E59-926C-138924FA17A9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4BD89A63-8F4F-4B11-8F62-9BCE75AE1F02}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4BF2EE1E-22BF-41F7-B569-5245229D6F3F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4C0BD3C5-B667-401B-A868-ED1832B03D45}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4C4316E3-26F5-4CFE-A7F2-0FB6829000F3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4C6A27BE-E440-4A79-86CB-1C187B107D51}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4CA4F4A8-D1E7-4517-8E2E-7808B492492E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4CAC8A20-44D8-411F-ABCC-AC418D7B48D2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4CD78659-7A2B-4664-A993-F846B4E81759}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4D46C712-4D56-4130-A704-693F20C52D2F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4D808A49-95BF-4652-B8F7-6884DEB064B8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4DCEC83F-A543-404F-93BE-751CB9918B03}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4E5CD642-C80D-4387-9D5B-251EDDE29116}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4E64272A-20E5-4931-BDDD-819AF353C2FF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4ECFDF9B-C56A-4759-AA4C-5A3443CEA336}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{4F22905A-45E8-4F4E-AB28-A2A69D2D6B18}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{50594F1E-DFCD-4F5D-8B09-6813D2783A89}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{50A3A1D1-F6D0-4730-8F78-8EE260AEB9B3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{50BA7220-AE77-412C-B96D-5E0541B93ECD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5104F8AE-E5EF-4101-9E21-7E9AFDF3B022}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5148D7DB-5E55-400B-A5CF-C8C72CFB0FCF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{515FF12C-018C-4FBA-9275-F1F2A806F697}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{51AA1925-A42E-489F-B55E-E42217CFB594}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{521E58F0-233E-42E9-98F0-4FFB626F8515}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{52365F0D-A9B8-4EDC-A7D6-5741E3919F9F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{524CE2B0-D627-4B9B-A435-046F58B15E12}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{52CCC43C-38D4-462E-8151-D0575F76FFC9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{535082A5-9FD1-4142-B68A-99CA1A813F7C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{53701DD6-F14E-4F9B-9EBF-7ABBDE874EEF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{53E4B5FE-8845-4ECF-955B-034D072D1B71}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{54025FDA-50B0-4756-B6CB-ACCFEF884569}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{542593E9-26B5-416F-B575-0F3063391AB0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{542F4960-131A-43F1-B3C5-03F83E59DC66}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{547D8EDD-7BF7-448B-8296-D72A2788CEBE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5495BBAE-88C1-4B72-B6B3-CC6DF4176742}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{54A3390F-B1A8-4AC5-B533-90D0EDAD05E7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{54AA8C27-82A7-4ECE-8F9B-542917AD3CB3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{552F6337-AAC7-476A-B0ED-ADDC3E12D8C8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{554BA1BC-7344-4A10-A8F3-B975AEB16ACC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{56167F6C-D934-44CF-B062-5A79E6957BA2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{56743168-1D67-416A-A70E-3F761369C621}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{568872DF-F573-463B-8CC9-8838D79B6544}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{56AA2282-E1D8-4E86-B734-9C8D9ECE5277}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{56C27350-1291-4818-A5F5-9F7A09692FDE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{56F872DD-214C-460C-A01A-A8EC5AD07BEC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{570BD823-1D26-4FE8-AC9A-221E5E98154D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{579BC9D6-4422-4DB9-B7EE-51F2C29D07A5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{57B27337-6871-4DE3-A32A-AB1D515F6751}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{57BC3FBF-F32E-464F-BBFA-3D051AD917E5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{582C2E73-B275-4E93-AFA7-B4A09EFE16CC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{58DD578D-C5CD-4B44-A212-B977B9D36009}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{59CCD3F9-DEEB-4708-B516-B7B5EA5A815C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{59EEE361-192B-4B0F-8ABB-18B31E9104A2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5A49B948-9131-4694-8C79-4179A2DD4BC7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5A86D893-F3D6-4BB3-9F2A-F88C58DC02AB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5A91C022-F628-41B8-95E4-D64AF7C9A464}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5AD11BDF-6864-4B19-AE1C-D0596CACBF95}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5AF24A8B-504D-4569-985B-E7C67072BB3F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5B0937D8-4D5B-48BE-96E5-AF6F74C4A79C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5B37C6A0-C27A-4648-8720-EED2129C582E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5BD0B7CE-424F-4E2C-8DC4-BB9ADC5B8371}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5C0CA90B-DE18-4537-B67A-A8D07A6A1F76}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5C1916C1-F506-438B-9D5A-1C955267CB39}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5C4648DF-7DCC-40EF-9FA3-3AD3F0676DB9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5C46C94B-A4C7-4179-BA72-E01FFB1D9CB5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5CA8D7C1-8B67-4022-898C-A8FD19E79E41}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5CBED328-AC98-4CD6-8717-AB2475E786ED}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5CE2B2C5-2155-4307-87BC-3EF6DA539927}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5D0CDAD3-2830-4451-BA35-E9632E072AE8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5D4AF02D-95EB-4D17-995E-A1406DCBA7D3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5D9ED35A-A7AE-45B0-ABB5-E4AE597055DB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5DEB1842-5D62-4C22-8C2C-4C9575C67C86}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5E01B19A-C9E8-460E-A37E-E31531E0B4DE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5E85EC1B-4CB5-471D-86F3-316EF6E369B7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5E88C0D2-DC92-4015-8CFC-413F05606254}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5E9E02CB-E89A-45A3-8450-60E73BE596B9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5EC8A214-803B-4F4C-B935-E8A8DDBE2B37}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5EE48FB3-A929-4C4D-AF40-8F8D86145DE6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5F436FBC-64A3-4062-8C1B-B4851C0FF414}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5F44BF26-B1C1-4F5C-A2A1-D5906D2BBF50}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5F4AED2B-5697-4077-A7D5-98A28D4D1F07}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5F5C9AF6-BD12-4615-8BC5-FD94DC8058BB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5FC7E455-589D-43E4-8379-D39E005CDD98}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5FC89484-2D26-4F18-B7F8-9127AFF7F743}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{5FF24CCC-DB45-43C1-B4D8-AB7A8671F756}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{60750D4D-BECC-4360-8D70-E39B7001D871}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{60B5B20E-9E83-48D4-9DFE-AF63356D5C56}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6123845C-A2BB-4CD1-BF2E-1E2F86236190}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{616A449D-61B8-4B9A-A783-8191340E6AB3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{61A3CF64-56E6-4DAE-BD6F-F72B1230F984}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6219AE5D-E4E0-4D48-9E80-F8ED6E01051E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6243144D-F6D1-4B3C-A9D7-0122B4716E86}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6285E839-C726-433B-9A48-7CDAF1C0868E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{62B25C36-6755-4870-82AB-B14B2BA3A97E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{62B86296-A658-424F-B156-0B494BBE9D74}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6366E24E-5612-4817-B0C9-A8E86FE32126}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{63A357D9-E865-4071-AAF9-F06730622463}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{63FF3D8D-6699-4DC7-8644-81436E11CD6F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{645D4527-7899-4504-9402-899D10A3209A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6492D6E9-0203-42F2-8CAE-46EDEC74BD17}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{64F9C17C-B10B-4336-B774-1CA524AE2FE1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{654FEC47-D239-41DF-BB2B-FF54F22FA673}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6553D0C6-B2F6-4A82-AEE2-F361A908EADC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{657DF8F7-30AE-498B-9694-02B383303EE2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{668E2198-A2F7-4ADC-AD51-A660ABE1D742}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{66CD8130-CBBB-49FB-858F-F560CE13E136}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{673AA715-BD0C-4686-AE15-FBB5AF39B4FC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{677362D4-CBF1-4DB5-9BD1-52F5F78973EF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{67934786-4920-4B3C-8B21-5DBB2A1698E8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{679FF67B-74DD-4714-BBDA-39EB3ED0AB48}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{67C5126B-719A-4C89-95F5-5EB2EF255860}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{67EC3435-84BB-4A59-934D-F427C5C2B5C1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{68139B3D-4F01-40F0-BA60-70F63C973A02}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6817D6FD-5E64-42E2-9D75-E578B19EBC6B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{684D94C1-D2D3-48EB-9D6A-E6DCD497C0A2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{687CB32B-D745-418E-8814-FC0152635892}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{68AF4324-9373-4893-8C86-1FC0C8AFF6F6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{68CA4CFD-1A8B-4A4E-BDCB-DBD6D4F36B7F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{68DF0D15-B3E0-4993-8D55-7CB9DD51CC00}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{69168544-00BE-40C2-BA44-89142D6A0DB7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{693347D3-7CE6-4019-8967-42B575937A48}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{69AEF6FB-923B-4378-8182-E140F87933D6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{69B54845-CB73-42B3-A1F7-8065B13FE411}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{69E53A84-2F76-4814-9398-6650604E9E6D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6A76545B-E2F7-4568-8108-C5BD1E75B81E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6ACD72F4-A3C5-4C9F-9A3F-E40BE67AF84D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6AF343DE-BA31-4202-81AA-DF8857F2592F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6B0D523B-3C13-454B-80E2-AA5AD0D90CA6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6B232E31-D428-4473-BD6B-8AC887AFC175}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6B6BD1D5-9DF2-4DFF-9C33-12180DE53BD2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6BC75750-F9F6-4E42-B396-C64B247D177F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6C4E97FD-9C92-41AA-B230-6B188D5F955E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6D561C5B-CD94-4CDE-8563-F0C90BB2C26B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6DDEE9CE-A10D-4591-B9D7-7A1BD0242D37}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6E5F0E68-AE62-4D58-94A0-5F92254CF0B2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6E63F5F5-6680-4E93-9AB6-FDCF361F4F2F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6EA919D8-9D45-47EF-AD12-56B58DD4A4EF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6F5F993B-42C1-4F18-80F5-16EEF11C73E9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6F6755C0-7631-48C1-83CF-4BBD13BAD27C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6F819527-5F59-4D65-BA01-A79814F5402A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6FC97B82-9190-4FD6-9833-C1B74959510E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6FDFC662-43A3-43D6-BE9B-DB84FD31C0EA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{6FEAC8F7-0016-4A4A-9971-CF150B63E4F7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7000F539-5638-4E68-A076-1482548176FF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7017F94C-D781-4407-A216-C158EDEF0224}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7062DA81-9E59-46D2-9D3B-94A92285EAB1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7070A19B-AB85-4319-BE17-97C7FD26D1C2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{707B8CC3-B5DD-45A4-9CE4-A234E5D79043}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{71DF77F0-F5CE-4A3A-A2FE-C5F77A9ADEAE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{71F988CC-9A42-4912-B160-EA065070CEA1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{72922233-5961-42AF-8361-65C2123A4E11}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{72B4E4FD-EF05-4FE6-8BFF-0BC3E01B5D78}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{731689F6-BA97-4269-B583-2BFEFC7FCDA3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{732F33BB-DFB1-4AF0-95BD-740E818B92EA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{735DB600-7870-461D-A57E-C7D15C363224}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{740BCA26-3717-4C41-B99E-315A95553CD9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{741DD15C-6211-42B8-BB80-A4F6B48D7F99}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{74782D56-88BA-4947-98D5-F6B56FF908E0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{749DB7F8-C3C4-4619-BCEA-A5BCDF1AFE5A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{74DB498B-0F33-4358-ACE2-340C9C4BBBAC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7549D074-F371-43AA-80BA-445907F40392}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{754CA9C2-04B0-4F60-8B7A-673DD4B1EA9A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7561D9C5-8DB6-4ED4-9532-BA837C4BFD5D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7565D714-443C-436B-A4BB-71E6F6B18E23}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{758CD55D-56A0-423B-B78E-DCF8537FE935}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{75A4756B-AA71-4419-B760-D0B5B2E7C7F3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{75B3DE74-0E88-4AEB-9615-DBA2FD2ADEF9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{75DD9C65-3705-4923-9345-012AD82CB8B7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{75DF2264-CAA7-4892-8EE2-16963D4C3150}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{75E7750F-4E9D-413B-B4AB-EB926FE0DA3D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{76068B2B-B6F9-47C6-BD94-DE36698CDFE0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{762D24DC-739B-4642-96EB-B7F17882141C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{76EB3E92-73D0-4BB5-9E7C-90A14D4C399D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{76EE5D23-2589-4D92-A425-D201DD895577}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{77CC4D0E-F61C-4320-BCA2-597F29AB03E3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{77D9ACCE-2280-443D-AEC2-3403D71517E5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{781FB305-EF89-4468-A744-1F6C1E874FD1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7841E9BD-C843-4259-8053-05097452B890}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7859BC89-69D8-44AA-BC94-25A3F689C822}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{78F58DF5-59E5-47CE-9E91-7A78C42FCFFA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7916156D-FB88-4A28-93B3-55893614F324}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{797388E9-986E-43E8-ADA8-2201101328CE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{798A4A74-E1B3-4413-9ED5-01549B0A862C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{79E55FF6-FE96-410C-AA6E-5875975CD462}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7A50A310-FB2B-4B52-960A-9E71A14A778B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7ADF9288-1340-43E9-A198-BDD9205C8E1F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7AE4AD3F-D6B5-4724-B61C-C6224BE4384E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7B5EFE06-68F7-4819-B472-8A72B5827FB2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7BD095E1-C075-4408-B742-276C63528A59}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7BF5D9C6-CD96-41F2-BEFB-F426CB04F228}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7C8A61F9-347B-4451-B84A-15D9843E781F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7CE4207D-582E-469D-AEA4-42B8AA67F6C1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7D1A79D9-A813-4A50-9104-511786437360}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7D6F7D8C-6B09-4E9E-9E73-DEF9E9F815B1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7DBBDD6F-4B8E-40DA-AB81-F41D5CA45A36}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7DE8EF42-8EF3-4415-9937-6C41864DB6FA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7E31CFD5-7DA1-4E3A-B7D8-19DBB6684374}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7E38378D-0283-4166-B810-17A0AFA84F84}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7E461FAA-3353-47FC-B20C-A038FC4EC6F9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7E8D0E86-0C72-41B3-9F17-74F19D7543C4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7EAD57F8-3BD2-475E-B279-345D0C4850BD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7EB5C490-06A5-460A-A6D7-878D06F13B64}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7F808284-F799-4534-9303-D2361E8D71EB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7F89260F-BB67-460B-96A4-E9FEF82B191C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7FADDD49-7FA2-41DC-82AC-CFEB76E3A350}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7FC11BE4-1A5B-4A72-93B5-563D3F7D4DCF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{7FC2C893-C73E-4385-AC0D-4FFA3977C202}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8022C70E-6ABD-4AF8-918D-A0126AD939E1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{803A2F60-AAEF-4DE5-A562-261152514621}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8042069B-8351-4CE8-996D-CE99692D48AA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{806DC030-25D0-4D2D-916D-E1761D831218}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{807C1469-97B1-4468-B824-F9676FFD4219}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{80D51B10-8AA1-48D2-880C-C6BC41DF41FE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{81157055-2D6F-4EC5-B7B4-4B05D8BF8155}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{81E157C8-CC62-4905-A012-849F38D7698C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8234FAF8-030C-43AC-BE02-D70A0EDC66E2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{823C5571-0550-47F5-8F5C-1318049EE8D3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{839E1761-D85F-4259-8CD2-7BBD91E99A4E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{83CCEAE5-858C-419F-93CC-2523F5DAE666}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{841069FD-F0DE-4194-A030-293A52977188}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{84353AF1-8174-4F15-A7FC-9306B21E92E5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{84454E09-6FB3-4FB2-9F5A-FB98756A26EE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{84B41266-8639-4086-8246-2FAE26EF1D14}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{851D803B-6411-4CF4-AFB5-A6539D704C9D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{852E6393-D468-4876-8DA4-987205663AB8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{857CD0B5-3383-449D-9330-F96B08D50B99}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{85B63258-B430-454F-8CF7-AF948491FC0E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{85D81D14-4BBF-44D0-95F5-ED572D452666}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{860C8433-59EA-40A2-B805-9DF1B4F238FB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{860FD14A-68D5-4488-9C62-831AF3E2932B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{86603821-9C73-4D4E-9388-81996DB58BCD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{86F3494A-5952-4E75-B785-C002DBE80E9F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{874CBB58-2890-46EE-84C9-D77CEF9B8595}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8751BC8E-B78C-4595-8615-C9D790D714DC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{876436AA-3D9E-4EBC-BB0B-46AE0655722C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{876A5655-C1ED-4826-BC8C-F61E0FFF5861}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{87EE8045-4E6B-449E-BBB9-BF4B90EB8951}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{88517DCA-B1B7-43C1-9988-FB0978E8C360}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8880BD8B-FDA6-4A17-802B-EB4D356A6904}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{88F56CB9-F9F6-4942-A147-769844B15950}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8923EB7D-60B9-4DCF-8CF8-5F0E885CE622}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{89BE86BB-BC3C-431E-85A6-62CF76F6BD5E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8A1C295B-7E1B-4D9F-8112-41B5A82BDD36}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8A4D2443-D094-4BE7-8A62-6E6F9429EAFF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8AA65038-A8D7-4500-8D74-7D5B06943BD7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8AB2A2D2-839D-4D33-88BA-3EA4CBF1D851}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8B344BEA-60C6-4A24-956C-DE8787ED1CF6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8B57E2BE-D959-4E77-8F4F-8AC8C51DB5D0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8B5DA712-5669-430C-A0D3-B8394474096B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8BB9549F-8BCE-4EAA-9B08-F6986EB25B28}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8BC8E5C3-3476-4985-B721-2BB8BF327C75}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8BD85C9A-0973-4A7A-B666-B5A8C1B77C00}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8BE86D3C-83FF-4336-BD08-47035E23771F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8BFB5979-932D-4D65-9B98-B5A66AFA10AA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8C335AF1-6469-4FAD-837E-F53A29F5528C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8C88428B-E6C3-41D5-98C7-1B1069F47567}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8C8A7015-BD3F-43AA-8468-639D6EE6481C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8C9806BF-5D58-4032-8E2A-2BCDF7262C8D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8CBC3184-0813-4341-AAEC-3420FEC7E885}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8D0509DC-85C9-41A1-95A6-1B5851EFD6F0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8D573581-6B39-4834-8C2C-D7A0411C882D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8D659C42-878C-4ADB-B53B-09E5576C3E5C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8D697EC2-4645-4854-9DBF-39DB21E34226}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8D84106A-4741-4D21-A5C1-D2AA0C33E031}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8E07A1A0-FC02-4028-88AF-37FCAA886917}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8E3BC26C-E95F-4287-8A0E-B4F834E7A72F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8E586270-F601-4467-AE42-166570E2D029}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8E5B9149-3543-4BE3-BD0B-E2FAF74B9306}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8E62DFD1-7144-4FCD-94B5-71E19EEB4B37}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8F1689D7-FB5D-47FF-9C33-5ACD8202BEA8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8FAA7D99-DE7B-4AC1-86A1-A9AAE7765F88}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8FC6A096-7887-4F51-A7AC-FE1D36B3F94D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{8FF876B6-C4FD-4492-879D-AF2455C21BF1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{902C5812-86E0-41AD-99A1-6AF921A08EA7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9049B8A4-4446-4523-8F85-6421601780BA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{906D4B67-3795-4A18-8832-A61D54059BAC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{911E4B5B-7A14-4ADB-8236-1E139655384F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9158B086-7C26-49CA-A85D-7E22610C3B95}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9170C1DF-1DAE-41AA-B357-732B99735E9E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{917247DF-ECC5-4A82-8A68-7AA7AD64B92A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{92BECE4F-B500-498C-9BAC-94966A508B7C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{92F6B31D-F5C5-4CD9-9498-E4AB6ADD29A8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{92FBBB8C-FBE2-4CB2-BE25-F5C4D4597C97}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{934B6570-3CA1-43D0-84E6-2F1D29BE2087}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{93D7E7CA-A3D9-4D1D-9D36-9EA35F31A129}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{93EBD866-282C-4593-BD0A-2C6AAF9B44F5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{943EF6C3-D581-4D73-9684-9DEB33A86BCD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{944A3D08-94D8-4502-9E1B-AA63A84EC92B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{94632475-80FC-4F85-A4BF-6103AAAD9534}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{95845D60-8062-4174-9070-93396579BDCD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{95D87D55-33F1-456B-A660-6626D594F886}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{96098C8F-4CAB-4848-AF7E-6E2106F2A6AC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{960D5268-218C-4837-8B2D-F419D1952868}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{963134E9-483C-4550-961F-E9DCE17E9CFA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{965FB784-04DA-4F44-9D55-BD72962C5695}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9678B911-221F-464F-9DEF-80684570C723}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{96D80D4B-4CA9-4217-942A-969377AD57EE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{972AA3F7-31DC-49FA-9D1B-AD004A215A77}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{973A4275-0555-4133-A300-98080A0A3514}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{97700D05-BC34-48E5-9ECE-31AF058E4319}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9770C0ED-7E47-4F22-BF4C-D913050D480F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{97BF8EAF-595E-4F39-A613-104B654605C6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{97EBE750-E5F9-4B86-9249-1609467BBC26}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{994F647B-2224-4DC5-8416-CBF273E33906}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9A367519-05DE-4087-8564-D9752B1F499F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9A3CD940-7628-47F7-804F-03359BA4F5CE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9AFD2DE2-C7C1-424D-A4B2-22A995130304}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9B06BD38-B303-485E-9FB0-5470AFC3EE84}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9B1348DB-B878-410C-A5EA-575AE58412A3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9B6E4084-AE0F-4EFA-A0C0-CF2D1C85E374}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9B7F47F9-DAAB-4CB2-86E3-5ED9A3A34A00}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9BB27E34-E81C-459A-AB0E-6129424A7B6A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9C00A696-0662-4ED5-BEEF-12160E736737}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9C0437FF-BA4A-42A6-83D3-65D26D5E0CFC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9C0D7771-A07F-4B78-913B-362A8CA129C9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9C2E3753-7287-4E3D-BEDC-7D039C5932C2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9C3C564F-9C4F-4B35-A7A2-F5A4EF68D695}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9C7ADCCD-E6ED-41E7-A161-E2142DA9620A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9C9DDAD5-63BA-474A-9CE3-0FDE9C84ED76}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9CBBEA2A-786E-424D-8BC4-7D1936B8CA04}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9CBD7F21-A358-48EC-A9A1-432BD748F699}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9CFD407F-E5BE-4A5E-BAB4-466C898B3EB0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9D484850-57B1-4334-B20E-13F641FDEC1D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9D747361-863B-4C6C-AA32-5EB9BDF48981}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9DCA7DBB-6FAD-43FB-8BFF-2D946C2CB8A0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9E494C29-FB91-4817-BD8E-18B23724BF8F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9EF26F7E-8D87-4FE9-A8D9-18940AD817A5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9F69D02B-7E12-47DE-96A4-33D2C991F1EA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9F9C4CFD-3488-448E-BA6B-19EAE554DE82}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9FB0A061-84FB-4317-ADE9-73F19517B737}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9FD5866D-0633-43EE-BF8D-C55413A2474F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9FE9260A-2409-45DD-8001-DB0D00728F92}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9FEF7BED-DC34-45CC-B77B-6699BD1F7414}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{9FFC29E3-9035-4CFF-9838-422455775BF0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A038417A-7E98-40F3-AC81-AE850286CF97}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A09EECF7-E4B4-4B0B-AE9B-518E77757059}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A0AB8172-87B0-4D2E-99C1-7462F453C966}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A0B037E6-82B6-4C7D-B58C-C5D09CD3FA34}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A0FAAA20-7E69-4E83-838F-5E49F1747CA4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A0FFA76B-4648-4BC3-92B6-140B20B16C09}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A115DAE1-0FBC-424D-A3A9-A317021167E2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A1960496-8770-4CAD-AD13-44A0DCB7A1CC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A1A07BC1-CA06-4996-9853-1194FFA62A2C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A1A91F93-1E94-4978-A19C-9A2CD58E0B26}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A27738D8-CD49-4A6F-A1F8-E690B3EDC67C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A28C2DDA-76D8-42A5-A125-FA074AA80E2C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A2CB1F06-FF3A-4D84-8D82-2086B45FB6DD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A333B1A2-E724-4CDB-84D2-119169DE5786}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A348BBBB-D3CC-44DE-9415-2AFDF9D86E01}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A4260511-E846-40AA-8619-179543611841}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A44EA9AF-CC2C-49E8-A584-0C6C32AD440F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A4B87839-598F-4CC8-87EA-11F8CDFB221D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A4CCE3AC-4CE1-4265-8C92-2FF43596A862}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A547903A-7A6C-43B9-8632-092F1A69E6BD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A5D8C44F-8B18-426F-91B6-364B5B8D0CB3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A5EF230B-D4E3-4D8F-AC95-3F8B823EA228}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A600C085-70AF-4E16-A4BB-FCA52E8A5754}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A656493C-B242-4D37-BF57-CA2E2A3CC194}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A68E59A6-B644-4203-954E-1CF77E5179D2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A6A13DF9-A90E-4CF9-9475-1570DB2E2735}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A6B5E8F9-EC34-47FE-99D3-66FA0657C639}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A7150745-6DD6-41EC-940A-777735A3BE90}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A7823495-19D6-4D36-9D6E-3E87231FAE3B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A7D969A8-2A94-4871-8493-13E61720DB77}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A8059BD3-37BD-483D-89BA-20C3FBFAD0E7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A845A3D0-4B44-46A7-A7F9-F9FCAFC1AAEB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A8BFBE03-F0BE-4E70-94D3-8E21B8DF8AFF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A99DB1DD-BA1F-40F9-A0C0-9235DBF0CDA5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A9E18DEF-5F40-41B1-AD2D-4A8E057620ED}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{A9FB8979-DB68-43E3-81E1-07CC4F092786}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AA68AE27-64FF-4199-9C07-CD068071371C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AA73BD8F-64FD-471D-8EBB-4B8282795742}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AA999569-08A1-4CC0-98B9-2662468E56B1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AACF5CD4-BBA6-4E20-977C-0A5DDD8565E8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AAE42CC5-C9F3-4D9B-A76B-06B68C2FDBB0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AAF2F0C7-3499-4385-9FEA-E877B1E17DEB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AB08D0A8-7DFD-4356-8EBA-F5AF04B3D587}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AB14CEBC-1715-4345-AD3F-862206D4E1F9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AB3207C6-32BC-4ECD-9402-6D15EB145D8B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AB581F2C-56CC-48C7-A65A-BCFB8E31C1AC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ABA63F70-5AFE-43B1-B7E5-69D4AC8822E6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ABB9C1AC-BCA2-4E76-87E7-C6058EC3582A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AC10B51B-744A-40EE-964C-A75E7D09C6D9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AC119FF6-650D-4F8F-9532-53952B7FAB0E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AC145046-91D8-4D6A-B746-786A4A069144}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AC3C9BED-7B50-4D91-8CB3-B04A4A902441}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AC437D5F-8CE7-46C4-A0BB-85959427D04B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AC8AA2A0-F2B9-4A6F-8307-AFEB81585E49}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ACB92327-FE5A-41E5-A097-2D1418634BDA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AD23E7C5-855D-4982-8524-3DE7FACE77EB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AD35A46B-84CF-4850-81BE-52CC7145BF34}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AD4BD476-8F0B-418A-8081-E3A6ADED1499}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ADC5479D-E602-42C5-9F79-92845E4987EB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AED4513B-6403-47AA-A73F-A9F6E6C0CE11}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AEEE6F80-6CD1-4751-B5EE-1A486D53A823}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AF4CB448-10C2-4D9C-A511-EDC2DDD96B17}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AF636EA6-867F-42F1-8659-2395FC454685}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AF6499A8-2277-40A5-B8D0-4E1A37C59B8F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AF885F26-28F3-44FA-989D-734FE1476426}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AFA7FD57-E97F-450C-9663-D04438E8B987}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{AFADD8C5-1CD2-4852-9461-5A17FEC4AFA8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B02E769E-502F-46CA-BB37-F33E1D4CBCFC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B02E942D-8999-4C9C-BE92-0F0108437FA9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B030E57E-199D-4CD3-993A-0E3BE5BBC09F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B03ADABB-AEB4-481C-AC93-1ECDBD6F581B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B068EDC8-90C8-452D-9788-1AF55D4B2388}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B07623FB-78A9-4AC9-B78B-A1904738C774}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B097BCD6-686C-4DE5-8833-41F8D9DA6ECD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B0CFA851-9597-4DBF-8514-6C925526D539}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B0D6D209-8FC8-4E46-ACC1-B848FAF5E6E7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B125929D-5F05-4AC7-BF39-FDFC82C21DC5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B1283597-7DDC-46C3-A5FD-471498B28A15}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B12FA905-ABFD-4551-B18A-E5BE2010BB63}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B13EEBDD-DA3D-4CC7-8CC9-35EF4FB5C262}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B15329CF-0495-4E6D-9875-2F919CD99087}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B18086A5-AD9B-452C-927B-6B520B72198D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B1B48BF6-F459-4C25-A4F0-49F5DF80DB58}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B216F059-312C-4BEA-BB60-2DEB133D42C7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B22FC5C7-EA9E-4AE8-86E1-636C73A4124D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B2882186-2D5B-4614-9156-0F21BAA96E3D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B2E2D716-9040-40E1-9C30-4784C4609C6A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B2E9B681-DDD8-4FDE-8293-B9770813399D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B31B39F1-F6B0-46E8-B004-E0F1F1D81612}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B350604F-5AA5-46C9-88A5-1BBA98EE5903}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B41D2DC1-0905-4470-B74A-76060D02BD8F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B47F9D7B-8371-426D-86E7-3843771084D4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B4802533-C637-453F-8639-76FEDAE2530A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B4E0B281-5149-442A-AE0F-08D0F58108DC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B532725F-7CC3-430E-B523-94F9EC5EE309}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B5444185-9C0E-49FE-8FD5-FC932ECB3FE4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B54A6AD3-310D-40CB-8468-83C701403595}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B55B0BFD-0364-42AB-920D-F0BD389E3FBC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B55EEB45-7CEF-4D35-8136-22C976F1AF8B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B5A6BB5D-B6A5-4B4A-893A-8AE48F299C60}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B5C15B52-8CC6-467B-BC53-1666C2FE6507}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B689B10B-7E35-4CC9-B7DC-C4A4B072DC71}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B6C22AF8-CB2B-4B26-AF93-C9616E853D90}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B6DC50F6-0B43-4237-8540-A63FD81FD809}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B6EEEE82-D51A-4E7B-A1A7-D6FE4633B101}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B75F1AFA-4492-4589-9BAC-8CBE457FF39C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B76CD7D7-8A21-4F67-9396-F2B9CE071B9C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B7A7A10E-70FA-46CE-AED2-42CADCE73633}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B816EE65-C0AE-4F89-A2F0-81037C1A5AA2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B826319C-AFDF-4918-A18B-E157A618D32A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B865F669-A5B6-4347-91E5-938E4173CF53}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B8D61739-5BD8-439E-871B-C9990BF0CDEF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B8D7F37B-00CC-4D53-B3BC-A34F0064B347}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B8DA86A5-85F7-4170-B0F1-14E92A25EA05}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B9100208-9EAA-41BA-9F4D-0EF5C64331DC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B9A085C1-9938-47CB-8AE1-255B1D05B3C6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{B9C45DBF-9660-4790-A288-88786F3C6715}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BA10E749-D9C9-45A3-B1B1-1321B2959728}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BA459BAE-D7B9-4E7B-A234-7448122D1962}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BAECA174-9032-44A0-AB08-A1644B2B9F7F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BB10B817-6672-4711-8418-EE226DF4453E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BBCAAC2A-C5E4-4189-9779-BB2912E85089}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BBFA57BD-D691-46FA-A2D4-52C10A88509D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BC2A91C2-AAD7-49AF-B0AA-5A3B8461657D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BC7C3826-DF0B-409A-917F-86BF2E06AB56}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BCC3B17E-0BE8-4F6D-A536-5D623B7A06BB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BD7E3E84-CF3D-413F-8192-D3DFE8A9C09D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BDA91896-6F52-499F-9FE4-6DE36AF90ADF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BE10F07C-403D-48D9-A591-B0A5F71B1ED1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BE1808F9-3D5E-4B4A-B60D-11B1FE8CD0E8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BE25100C-FE5B-49C1-A25E-D2042C4CB6C8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BE3F2716-D644-43C7-8291-C98891B6736C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BF704665-384E-466F-ABD7-BAD153647FB0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{BF719719-9988-4C00-8906-A731D2B2A077}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C009E3DD-165A-4659-9131-B998C748580F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C01C519B-1B7E-4E60-A003-BA88D30A7997}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C0613226-879B-494B-B69E-45E8EFDAC7DE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C08D2974-1071-4A87-A026-E42ECC133192}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C08DEB67-BF24-42D0-AE9C-4B99897E3950}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C0B7CFC9-4810-4814-9C6D-736F91709146}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C0CF8707-6D44-4506-B46D-0CF35F1978E6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C11C1F9F-16C3-421E-82BD-E6F1127DD6AA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C124B4B5-45AF-4E45-9E13-EA119577469F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C16C5980-9326-4CFA-9B76-E334174A0EBF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C1A757A5-6296-4D75-A058-24CEE50E6EBE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C1B8A15D-135D-4FC4-A015-EC2B4C90463F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C1FCC69B-ECA8-4041-A8D4-9C2827B732E7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C20ECABC-7FFC-4D8B-BB21-40F601A96C15}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C2721100-93D9-4151-B13A-5D3ADAC52966}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C29AAFC0-CBCA-4143-BE2C-95BBE64D75B0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C2A04804-3AD6-407E-8D4C-B2E0CE9B0B20}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C2AF5587-7E9F-4AB9-8531-F6A6773790E7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C2C31663-74C7-4E17-8A61-131CBDD1C0E7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C3395544-348C-4DD7-9BFE-57D6BD34D468}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C3AEB040-D483-4C7E-813E-184ACD272549}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C3B95F77-8F3C-4298-AE7E-77480B6ADA0D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C3FABB62-09C9-4A36-B7E2-6B1A812D28DC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C45E885F-6ACA-4C14-A4AE-869F998738EF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C477AC8E-454A-4ED5-9CD1-78708809B44F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C492B068-51C7-44B8-AE31-4CF96AABA024}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C4B19E5F-5F5B-4495-B049-13ABBC679A9F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C500F167-CCF8-49DE-B501-8FFB55593FB4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C51BFDCA-C422-4AFD-B22E-B0F6BCB9E333}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C566A560-0588-43D5-837B-8905FD86EB43}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C57B820F-6386-4C60-AFD1-0AB09A5978C8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C616FD45-7C59-460F-8214-580DE2D26A9A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C61D8A10-50E4-4F2D-80CE-13D2A25D1ACB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C6D48E32-44F4-45A5-956E-69EDC5E487B0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C6DAD7D5-980A-4654-9C16-B8D62FEFC096}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C74E6D49-2996-458F-AE1A-8BDA4BD67286}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C7AE4130-BCB1-47E9-85C5-731DDEC3F305}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C7F5044D-2647-4EF6-8690-AF3F2FED773A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C802D9D8-8983-4D4B-9D90-FED4DB8232EE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C8094F7F-EDB5-4896-A27C-A7912566A5D7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C852A934-D6D1-4F26-8458-084E8D7505C3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C86864BF-DE72-41D6-B05C-810B7B5E00EE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C8F7ACDF-5DE0-4ED8-AD01-22CDB611A5CF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C914C61F-3C7A-4365-A0F4-DA39BCA24033}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C95643E0-3CEC-4714-B21D-469DE4EF1D4C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C95E5145-169F-43D0-AD08-FCF20DADBA65}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C996342F-1EFA-4D6C-8F14-F94F732394E2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C9BF0630-0BE6-4677-A7CD-69EAED47432A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{C9C13618-F13D-4BD5-9936-1906D80A7A64}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CA48E517-8B29-43CF-A073-7FB86BECBC91}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CA635AE5-E933-476C-99A3-4AF1DCA411FA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CB45935B-9502-453B-9975-33A045096E56}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CB72E3CA-F4DC-4109-828F-C76ED2CD754D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CB85CD8C-20C9-4A2D-8A76-D99AEC5BC9AF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CB8B34B3-3A1C-42F6-96B1-D6208C432C1F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CBE88067-9DFC-46A6-B16B-7FCD52AB302C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CC0F3E27-B74F-4CC4-9200-24F715EC66D8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CC3D35BA-0B0C-4CDF-9D7A-EA834E3F0FCB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CCB45718-9674-416A-B029-1224094ED6AF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CD102219-C788-4B4A-B042-D14BA77E716E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CD4D455C-69F3-474C-BC6A-ECA3F732854D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CD6B6AF7-AA05-4CA5-85F7-7D6B2FE3FFF8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CD804A22-4BB4-4D8C-97FD-29EE1FE016D9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CDAA227D-4F54-4F08-9DD1-1B489CB6ECC2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CDAE5B11-BE59-4CCA-B94F-62E335C287FF}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CDCF9041-8EB1-46B3-A7B5-1DD8415E6DD6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CE73BA1B-CBFD-4570-B08A-64467B56B120}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CE78B575-CFE9-4259-BAB5-6963C616CB73}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CE7D8EA6-7723-4CD9-9A6B-C7C077C75E62}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CE7E987C-E0D8-49D2-9386-58BE50CC63B8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CE9933D4-519B-43E0-A275-A16637EE29E4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CEC04321-6ED9-480C-8EAD-FC8183BCEAF2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CF6CD4EB-A4FC-4AE8-9826-D4E782CB10A4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{CF880718-E768-45D2-9740-9D523333FED5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D06B7622-1442-4F46-A763-DBC19A56E36C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D07A7573-60B8-4373-B234-61C85E474F8B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D0B6A703-E34D-48D9-9356-77FE0C984FAD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D14F1C57-7132-45C3-A8AD-14295FF63968}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D164BE5A-8439-4495-B671-96E4348F3AA7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D1DBDC97-6C75-4B16-AC1F-71E18D09ABCE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D20804E8-D45C-47FF-B872-F924818CA7ED}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D21662AB-CAA3-410C-A513-1DCEDE6DCE34}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D2880448-41F5-4786-BE10-D884615BFF05}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D2AF602D-4155-409D-AEBF-689A7CEE18B8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D2D76982-5B67-473E-A79E-1F1BD3B5D3D0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D3527213-C381-43E8-A4A1-214120ECCE80}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D3CFB758-BD59-4555-8EF0-51AD721F9603}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D3D71EB8-4571-4BBA-BCF4-02F4214C59AA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D3E03902-CD9C-48F5-B4F8-5CC13B13B14E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D47E5C0C-283D-4B22-A681-270AC9992455}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D488E76C-9973-48AA-91EF-A5A2ECDE55AC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D4B76ECD-F524-43E8-85F3-8D3ADF7F6AC3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D4E14076-E4D5-410F-A45F-C1AC012F87E7}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D553A1F1-DC3B-436B-85D4-69D6F6788CC8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D5E0F0A6-8343-419E-838D-6C1E80A1AD5A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D691144F-537D-4699-A6D1-29281902DA7F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D6D11547-3464-4AC2-935D-0A851516191C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D72877EB-839B-43C8-8811-A5C72BD2E24A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D74C0A7F-3B71-4A85-AE83-914270E9070D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D78F7C42-BFD6-40D3-8FAB-CFC2928E56A5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D837CBEB-015B-4893-BB5A-9BFD705D3AA4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D84C29A6-C16D-4D06-8770-75E2E30888AC}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D873665E-0AEA-4B7E-9754-BEF18F3A7AC5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D93800BA-831D-4815-B840-EEF178F396BB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D9589560-29DC-4B3D-B50E-B0FC0821706D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D95A76A4-43D3-46A0-A0D4-92F718AB5EE3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{D95D40A3-5817-40EC-A06D-3C9C81056157}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DA5C6FED-57B6-4764-8957-B4C16356DDC3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DA5CEA38-612C-4364-AAD8-280A444AAE93}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DA710C78-4027-41F6-9349-2284FBD04BCA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DB6BB284-8AFB-4C98-8438-EFE1C27C6B59}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DBA89AB3-D0AD-415F-93C6-454D8C681090}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DBC497D1-D09F-4A64-8D9B-7C095C6E0F30}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DBFA48E9-48E0-4251-A41D-506E52FDA61A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DC405401-BC0D-4C67-A27F-80E3587A8E02}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DCA5AB36-86CF-4AA7-B332-369C395D2582}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DCC7240D-D449-4325-9E42-2BD70BAADDD4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DCD23BA7-872C-4EF3-8932-75912DA6DF8E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DCDC7667-CCA6-4EBA-9E38-725BADE0D92E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DCE45D89-C8EE-4FEF-95A0-0ABC7A646AB3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DD6213D4-F5BD-4789-8AF7-A6DB09EEF95B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DDD411E2-EE77-405A-B84A-68C3DA094083}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DE1360CF-6E33-484A-88FF-58621F9A2636}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DE2EEBA0-CD73-4D70-825E-4B6D5ADB7F8B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DE6E0028-1B8F-40AF-894F-5D9D2FFA6092}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DE7713DA-5315-4FFD-9F7A-45F94EBE7EA5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DE905EEF-95F2-4EC8-93BD-2CB6E360D23A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DEE36CC5-DCF6-4714-9479-5D23F0849E92}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DEFEE56F-AA3F-4824-A330-B2A31DA49955}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DF289BD5-5B85-4F11-931F-42FFADF387D2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DF6C1408-5D74-476C-87A2-A56ECAB5C2E8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{DF949F1F-12BE-4127-9A15-481288837210}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E01C8E22-ED3E-42C6-BBDB-80D4FC5BE1FD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E02D7B80-381D-4E40-8FF5-F7677D06717E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E0980C5B-1BCB-42DD-9939-B13F9B67C284}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E0CFB754-AE7D-4303-91B3-D03EC6458744}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E1343E47-68F5-47CD-87AC-964E98AB5474}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E1409DE2-6692-4919-9F58-779F9BAB232E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E14EEC35-6AB7-4B4A-A2D9-69B324983618}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E1586AF4-F251-41A7-AB99-0C899238B959}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E18AC832-34F9-4C62-A66E-D67D72936391}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E192F068-D056-4120-BF47-4604051788D2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E2A63E2C-0A02-4E32-824A-D9A3017F8F45}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E2D35BE5-7B92-465E-AF00-7DDE0CBED091}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E2F191DD-B1E3-4589-9E89-C148F468950C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E307BBCD-FEA6-461C-9F82-18F12170AF9C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E3910502-ADB3-4BDB-92C9-F393B1257085}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E3A586B5-B519-4D35-A158-EA25837F2E68}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E3AC633A-05A9-43F9-A144-534CD99490C4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E3C4841E-45B4-40D9-A7E5-1353BBF11454}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E40E7397-2DA4-4F87-88EA-E5CBA49082B8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E4689C7D-2A70-4465-B768-E9973D7DA4A2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E48D9429-3DC3-4788-B5DE-4E6196D4A274}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E4E1DEA3-1A29-49F7-A88E-4058BD7E996A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E540920B-81D2-4510-AEE3-F1BA03718B7D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E5FD7B1F-1FE0-4486-8C61-137047F9860A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E6706EAA-526F-408D-9D21-D30A47B38784}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E6B79D5D-658B-4B44-8782-7766DA41893D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E6FF9670-AC00-4E05-B6AD-CA4CA657C641}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E7517054-0530-4AD4-8972-EC28699A7140}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E78FB216-ABCB-479E-ADEB-A75AE5ABF0BA}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E845A011-9A8C-4295-BB52-05C69494368D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E861D9EE-7720-4F6B-896F-F12EED1EF765}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E889D204-A944-4016-A7AD-7DE77374C621}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E89625BE-BA9F-4F62-BCD4-F7BB54F4BA42}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E9238BD1-30ED-486F-9118-C02CAA47D63A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E92E9F57-76D5-4400-9ABB-2241F4E30A86}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E955F252-75DB-4106-950F-04C1E657D8A4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E9715FDA-0DDF-4349-AE1B-8C0E4AD86EFB}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E9A84F47-8BB0-4CBD-83FA-910DC2D17542}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{E9F59FA7-CECF-41F2-AC75-DEC249FBE3E3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EA337E37-4ACA-491C-B857-F93B8D00956D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EA6C7A30-F9E4-40CD-B267-8A3C60916AEE}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EA7DA82A-DEEB-4E76-9424-4DDDFD17D29F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EAC0C3FD-168B-4C73-8360-709C15F9E1B2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EBC5F61C-651D-40A9-A741-95C8C0FF0F70}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EBE6B4A1-4B15-4219-A752-D250E04F02E1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EC246E90-E806-4246-81F0-768EC478DF17}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EC26E56A-7D3C-43B2-BCC2-4CF882FD2680}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EC5616ED-DE21-4199-B2EA-3D5F9EADE764}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EC64D6EF-824E-4F44-A856-D988BA40CF0A}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EC71A68A-BF1E-4EE4-AD61-81B20548C940}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ECA0E960-A63D-4818-879C-4F97C895E891}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ECEB6EE6-026F-455A-9290-224E3C08E1CD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ED216BC1-DBBA-4BC8-92E9-3079E93C1D7F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{ED9A75A8-338D-43A3-8D21-AB57D95CE7D0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EE42DDE3-ED8D-4CBB-9B3A-645DF0D3AD39}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EE49E5BD-1CF9-4520-873A-85142AAE7193}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EE82DE90-18DA-4F12-A316-706E0F430822}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EEBB08A2-B51E-41AE-B04D-B9D1E5264D18}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EF2A1407-DCE9-4FC1-B09A-716D94B84C6C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EF308740-26F4-4FB6-84E9-496E30441331}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EF5B121F-975C-46AA-B2CA-5EA3E0FD619F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EF6904AC-7B09-4427-825D-7C254BFFDD57}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{EFD69519-A593-4926-A743-E19C3DEF990B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F02D59B9-06D0-421D-A1D0-57D12CBBADB2}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F03F105B-16ED-4798-8ABE-852DD1C05571}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F08F989C-E9B9-478E-83BD-865444293844}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F0F5DE72-5B40-4F47-81FF-A1469DA3C75F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F0F7BBD1-73D4-4212-B895-4D1E89465A80}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F13A9AE2-1FF2-4CF6-8F85-9E8E93773918}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F183CABE-FDD9-49C1-B111-8D5E2302F3AD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F1A401B4-0AF1-4313-9967-42C99EC83D2F}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F1E7846D-5B62-42F6-B54A-820DA064172C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F20BEA7B-EC09-461A-B5E6-AFC39E5EF799}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F30FF3C0-2270-4892-8EE1-69BEA06CE9CD}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F3741E8B-8C86-4B99-9F66-3BDA08D909C9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F376CF6A-3FF8-4E49-A6D1-122BD3F6CC7D}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F452528E-3A9A-4EC8-8C3B-A325B4EA97A4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F497EC1A-C1B6-4ED4-A0CA-1B2287B23455}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F4FFA9D6-BC51-4825-9F4C-8933C63B338C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F52CA2DE-167C-479A-919C-6286F410B328}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F5710F8E-A857-4FBD-9564-BABFABB8710E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F581D51D-47B1-49AB-AF66-815CD7A38FF3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F5F642A4-B54A-407F-B820-3C4B797DA5E5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F61AD0E7-3DF1-4129-9EAB-EB5533082798}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F652DF8D-F938-41D7-9CC3-85E3461F0C05}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F6849379-F43D-4F0D-AF73-2D8506261418}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F6B72C48-E9F3-4E8C-9862-7540E61526B3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F6C476F7-9656-4B27-B2A0-90B6CE8DBF14}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F70050E9-B5E0-4752-A25C-38477C5384F9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F704BC44-D876-446B-89E0-A9A054CD4B07}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F73480DE-ED99-4C39-9D4A-61B494A10677}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F7A20024-9191-4787-9ED8-B520E323D081}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F7D8D661-9AB9-431F-985E-B48061C61F29}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F8568737-7D80-4745-912D-7F8EA6A5D3E8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F8601BEB-37EF-43D0-8902-06B6FFA75B0B}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F866403B-8EDF-4725-A97D-629C5B9F16E3}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F86CA312-0BB7-42A9-A511-6F45DD9742B4}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F8A9E525-CD96-4B7F-8C93-8496BE822A43}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F8E268C6-6144-43CD-91C9-C4DDCD590E49}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F91BD916-08BF-4BED-9CE5-42CECACD5489}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F92DA3D4-2058-4FDF-8150-03858E7CAE78}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F99513D6-FF96-4F36-AB94-90C1105837F6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F99A07B5-CA38-4C49-AE95-688E76963E04}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F9A3BC7B-9B07-4DB9-9A54-27DEF9C924E9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F9F0C9AB-F1CC-4D07-9A0C-777E410DCB91}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{F9FE290E-65B2-45DC-87B4-B5EA47CD1C7E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FA28CF6F-B4FB-40F5-97DD-82168235D640}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FB57592D-2B55-4D56-95CD-BD6561185BB8}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FBAE221C-8C09-4EC2-B4B5-B02367147F18}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FBF5F527-4C7C-43CB-93F5-DB719A945AA5}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FC4A01FC-897C-4088-83EA-73FAA70A1AD9}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FC80AAED-8777-44BA-A886-21EB12F3A572}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FCE0B1D3-0F15-49BC-BA8B-CF1F8FEBC18E}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FD59B07B-6C31-462E-9E19-8AAE9FD22848}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FD5E53DE-0B83-4AEC-BBE0-FFD0AED19878}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FD61CD5E-2816-4EA0-981A-ED75FF0A2D57}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FDFF439D-4638-42E7-B51A-D4DDBE7860D1}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FE26A950-8368-4B30-8787-8FB2D566CDF0}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FF3B30B3-094E-40E2-9F0B-C93C7B18E319}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FF44F929-29EE-4D5B-A0C0-A8FA13B509B6}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FF7B60F2-43CC-4A1D-A0CC-6D94A6E4C087}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FFAEE082-D3B6-4620-BCEE-CD51FA4F6C3C}
Successfully deleted: [Empty Folder] C:\Users\Lapp\appdata\local\{FFD14AE3-8F6F-4996-8F68-5F2FDB3E176B}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Lapp\AppData\Roaming\mozilla\firefox\profiles\gwpsj8lv.default\astrmndant
Emptied folder: C:\Users\Lapp\AppData\Roaming\mozilla\firefox\profiles\gwpsj8lv.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.11.2014 at 13:29:12,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST kommt wegen Zeichenanzahl im nächsten Post.

Gruß Hausmeister

Haus meister · 16.11.2014, 14:01

Hier FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Lapp (administrator) on LAPP-PC on 16-11-2014 13:31:58
Running from C:\Users\Lapp\Desktop\cleanen
Loaded Profile: Lapp (Available profiles: Lapp & Paul)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2741544 2011-04-08] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-07-23] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-07-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WN111v2 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKU\S-1-5-21-2147732465-1013433442-3662694159-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: copylinkurlbluelightdevcom - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\copylinkurl@bluelightdev.com [2014-11-15]
FF Extension: No Name - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com [Not Found]
FF Extension: No Name - faststartff@gmail.com [Not Found]
FF Extension: No Name - 975af956-6d8c-4897-837a-25c267d2cec1@gmail.com [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2231616 2010-07-19] ()
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
U3 BcmSqlStartupSvc; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 cpuz134; \??\C:\Users\Lapp\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S1 lfputvzi; \??\C:\windows\system32\drivers\lfputvzi.sys [X]
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 13:29 - 2014-11-16 13:29 - 00107517 _____ () C:\Users\Lapp\Desktop\JRT.txt
2014-11-16 13:25 - 2014-11-16 13:25 - 00000000 ____D () C:\windows\ERUNT
2014-11-16 12:35 - 2014-11-16 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-16 12:34 - 2014-11-16 12:34 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-16 12:34 - 2014-11-16 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-16 12:34 - 2014-11-16 12:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-16 12:34 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-16 12:34 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-16 12:34 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-15 17:02 - 2014-11-15 17:10 - 00023985 _____ () C:\ComboFix.txt
2014-11-15 16:43 - 2014-11-15 17:03 - 00000000 ____D () C:\Qoobox
2014-11-15 16:43 - 2014-11-15 17:00 - 00000000 ____D () C:\windows\erdnt
2014-11-15 16:43 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2014-11-15 16:43 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2014-11-15 16:43 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2014-11-15 16:40 - 2014-11-15 16:41 - 05598504 ____R (Swearware) C:\Users\Lapp\Desktop\ComboFix.exe
2014-11-15 16:32 - 2014-11-15 16:32 - 00001268 _____ () C:\Users\Lapp\Desktop\Revo Uninstaller.lnk
2014-11-15 16:32 - 2014-11-15 16:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-15 00:51 - 2014-11-15 00:51 - 00000000 ____D () C:\Users\Lapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-11-14 23:30 - 2014-11-16 13:32 - 00000000 ____D () C:\FRST
2014-11-14 23:27 - 2014-11-14 23:27 - 00000000 _____ () C:\Users\Lapp\defogger_reenable
2014-11-14 23:15 - 2014-11-16 13:31 - 00000000 ____D () C:\Users\Lapp\Desktop\cleanen
2014-11-14 22:54 - 2014-11-14 22:54 - 00003142 _____ () C:\windows\System32\Tasks\{DFEE10EA-24B7-49A2-A080-0C4F5AC8DE75}
2014-11-14 22:22 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-14 22:22 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-14 22:22 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-14 22:22 - 2014-10-27 21:32 - 17870336 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-14 22:22 - 2014-10-27 21:13 - 02339840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-14 22:22 - 2014-10-27 21:12 - 10921472 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-14 22:22 - 2014-10-27 21:07 - 01388032 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-14 22:22 - 2014-10-27 21:06 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-14 22:22 - 2014-10-27 21:05 - 01494016 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-14 22:22 - 2014-10-27 21:05 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-11-14 22:22 - 2014-10-27 21:05 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 02157056 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-14 22:22 - 2014-10-27 21:03 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-14 22:22 - 2014-10-27 21:03 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-11-14 22:22 - 2014-10-27 21:03 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-11-14 22:22 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-14 22:22 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-14 22:22 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-14 22:22 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-14 22:22 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-14 22:22 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-14 22:22 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-11-14 22:22 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-14 22:22 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-14 22:22 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-11-14 22:22 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-11-14 22:22 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-14 22:22 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-14 22:22 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-14 22:22 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-14 22:22 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-14 22:22 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-14 22:22 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-14 22:22 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-14 22:22 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-14 22:22 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-14 22:22 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-14 22:22 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-14 22:22 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-14 22:22 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-14 22:22 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-14 22:22 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-14 22:21 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-14 22:21 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-14 22:21 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-14 22:21 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-14 22:21 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-14 22:21 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-14 22:21 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-14 22:21 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-14 22:21 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-14 22:21 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-14 22:21 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-14 22:10 - 2014-11-14 22:10 - 04918960 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-14 22:10 - 2014-11-14 22:10 - 00025701 _____ () C:\windows\system32\ScanResults.xml
2014-11-14 22:08 - 2014-11-14 22:08 - 00001408 _____ () C:\Users\Paul\Desktop\Registry kostenlos entrümpeln!.lnk
2014-11-14 22:01 - 2014-11-14 22:01 - 00000464 _____ () C:\windows\system32\ScannerSettings
2014-10-31 19:09 - 2014-11-16 12:12 - 00000000 ____D () C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2
2014-10-31 18:32 - 2014-10-31 18:32 - 00756712 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair(2).exe
2014-10-31 18:32 - 2014-10-31 18:32 - 00756712 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair(1).exe
2014-10-31 17:37 - 2014-10-31 17:38 - 00000267 _____ () C:\Users\Lapp\Desktop\Cut the Rope.url
2014-10-31 17:37 - 2014-10-31 17:37 - 01055936 _____ (Adobe) C:\Users\Lapp\Downloads\flashplayer_setup.exe
2014-10-29 16:28 - 2014-10-29 16:28 - 00752920 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair.exe
2014-10-29 16:09 - 2014-10-29 16:09 - 00756712 _____ (Reimage®) C:\Users\Lapp\Downloads\ReimageRepair.exe
2014-10-29 16:09 - 2014-10-29 16:09 - 00756712 _____ (Reimage®) C:\Users\Lapp\Downloads\ReimageRepair(1).exe
2014-10-27 19:18 - 2014-10-27 19:18 - 00000000 ____D () C:\Users\Paul\AppData\Local\com
2014-10-26 17:37 - 2014-10-26 17:37 - 00000000 ____D () C:\windows\SysWOW64\Flash
2014-10-26 17:34 - 2014-10-26 17:34 - 00000000 ____D () C:\Users\Lapp\AppData\Local\com
2014-10-24 23:38 - 2014-10-24 23:39 - 01054912 _____ (Adobe) C:\Users\Paul\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2014-10-17 15:11 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-17 15:11 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-17 15:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-17 15:11 - 2014-07-08 23:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-10-17 15:11 - 2014-07-08 23:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-10-17 15:11 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-17 15:11 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-17 15:08 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-17 15:08 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-17 15:08 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-17 15:08 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-17 15:08 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-17 15:08 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-17 15:08 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-17 15:08 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-17 15:08 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-17 15:08 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 13:30 - 2009-07-14 05:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 13:30 - 2009-07-14 05:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 13:29 - 2011-07-22 18:37 - 00713954 _____ () C:\windows\system32\perfh007.dat
2014-11-16 13:29 - 2011-07-22 18:37 - 00154006 _____ () C:\windows\system32\perfc007.dat
2014-11-16 13:29 - 2009-07-14 06:13 - 01647544 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-16 13:27 - 2011-07-23 02:44 - 01349009 _____ () C:\windows\WindowsUpdate.log
2014-11-16 13:23 - 2011-08-09 19:03 - 03461857 _____ () C:\FaceProv.log
2014-11-16 13:23 - 2011-07-23 03:32 - 00556735 _____ () C:\windows\system32\fastboot.set
2014-11-16 13:22 - 2010-11-21 04:47 - 00123960 _____ () C:\windows\PFRO.log
2014-11-16 13:22 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-16 13:22 - 2009-07-14 05:51 - 00115601 _____ () C:\windows\setupact.log
2014-11-16 13:20 - 2014-04-17 20:01 - 00000000 ____D () C:\AdwCleaner
2014-11-16 13:20 - 2011-08-09 19:03 - 00000000 ____D () C:\Users\Lapp
2014-11-16 13:10 - 2014-04-18 16:53 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-16 12:34 - 2013-11-22 23:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-16 12:18 - 2011-08-31 12:33 - 00003922 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{22EC8DB8-E9FB-4135-AF4A-B2C108DD28BE}
2014-11-15 16:54 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2014-11-15 16:10 - 2011-08-09 19:04 - 00112104 _____ () C:\Users\Lapp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-15 16:08 - 2009-07-14 05:45 - 00412736 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-15 16:06 - 2014-04-25 21:56 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-15 02:42 - 2011-08-10 20:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-15 02:37 - 2013-08-14 17:13 - 00000000 ____D () C:\windows\system32\MRT
2014-11-15 02:34 - 2011-08-10 21:33 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-15 00:30 - 2014-09-24 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-14 22:59 - 2014-04-18 15:35 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-14 22:59 - 2014-04-18 15:35 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-14 22:23 - 2014-04-18 15:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-14 22:11 - 2014-04-18 16:53 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-14 22:11 - 2014-04-18 16:52 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-14 22:11 - 2014-04-18 16:52 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 22:07 - 2009-07-14 03:34 - 00000580 _____ () C:\windows\win.ini
2014-10-31 18:38 - 2013-08-05 22:56 - 00000177 _____ () C:\Users\Lapp\AppData\Roaming\WB.CFG
2014-10-31 17:23 - 2014-07-31 22:29 - 00000000 ____D () C:\Users\Lapp\AppData\Local\Adobe
2014-10-31 17:23 - 2011-07-23 03:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-26 17:34 - 2011-07-23 03:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-26 17:33 - 2009-07-14 04:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-10-26 17:33 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-10-20 23:07 - 2014-04-30 21:08 - 00000000 ____D () C:\Users\Paul\AppData\Local\Windows Live

Some content of TEMP:
====================
C:\Users\Lapp\AppData\Local\Temp\Quarantine.exe
C:\Users\Lapp\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-14 23:59

==================== End Of Log ============================

--- --- ---

Und hier die Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Lapp at 2014-11-16 13:33:21
Running from C:\Users\Lapp\Desktop\cleanen
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{1BC4B13F-E8DC-495B-EC8F-6701438612C2}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.981-120704a-156763C-Lenovo - Advanced Micro Devices, Inc.)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 1.0 - devolo AG)
dLAN Cockpit (x32 Version: 1.19.07 - devolo AG) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.10.1201.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qtrax Player (HKU\S-1-5-21-2147732465-1013433442-3662694159-1000\...\548901595.portal.qtrax.com) (Version:  - portal.qtrax.com)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM-x32\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.3 - NETGEAR)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.0.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WN111v2 (x32 Version: 3.0.0.3 - NETGEAR) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

01-10-2014 15:01:53 Windows Update
05-10-2014 06:29:43 Windows Update
09-10-2014 22:19:34 Windows Update
14-10-2014 13:52:37 Windows Update
17-10-2014 14:00:34 Windows Update
17-10-2014 15:17:24 Windows Update
21-10-2014 22:23:14 Windows Update
24-10-2014 22:48:51 Windows Update
30-10-2014 15:09:29 Windows Update
31-10-2014 16:28:53 RCP Fr, Okt 31, 14  17:28
31-10-2014 18:00:32 Windows-Sicherung
14-11-2014 21:05:52 Windows Update
15-11-2014 01:33:08 Windows Update
15-11-2014 15:34:52 Revo Uninstaller's restore point - Search Protect
15-11-2014 15:39:37 Revo Uninstaller's restore point - Update for Zip Opener

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-15 16:54 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16250943-5383-4E08-88B4-C1B694667428} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14] (Adobe Systems Incorporated)
Task: {3F4DA857-E313-4699-B714-841759A29382} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {4A462167-2CFA-4DCA-B827-0B371E94C4D0} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {6D92A19B-11B6-4072-8231-76D82B725BA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {C14CF2FA-5058-4342-AACC-3E2BBD342BEF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2008-12-20 04:20 - 2011-07-23 03:35 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2011-07-23 02:54 - 2011-03-25 10:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-19 18:57 - 2010-07-19 18:57 - 02231616 _____ () C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
2011-08-25 14:01 - 2005-04-22 05:36 - 00143360 ____R () C:\windows\system32\BrSNMP64.dll
2011-07-23 03:24 - 2011-07-23 03:24 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2012-07-04 20:33 - 2012-07-04 20:33 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-08-25 14:01 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-10-18 22:48 - 2014-10-18 22:48 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ce48f93e668f33a9aae851e512cfbf2a\IsdiInterop.ni.dll
2011-07-23 02:54 - 2011-02-18 09:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BingDesktopUpdate => 2
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-2147732465-1013433442-3662694159-500 - Administrator - Disabled)
Gast (S-1-5-21-2147732465-1013433442-3662694159-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2147732465-1013433442-3662694159-1002 - Limited - Enabled)
Lapp (S-1-5-21-2147732465-1013433442-3662694159-1000 - Administrator - Enabled) => C:\Users\Lapp
Paul (S-1-5-21-2147732465-1013433442-3662694159-1003 - Limited - Enabled) => C:\Users\Paul
tvsu_tmp_zdesrSIJUT (S-1-5-21-2147732465-1013433442-3662694159-1006 - Administrator - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-15 16:51:39.452
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-15 16:51:39.343
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 25%
Total physical RAM: 6087.86 MB
Available physical RAM: 4563.02 MB
Total Pagefile: 12173.9 MB
Available Pagefile: 10425.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:654.69 GB) (Free:593.31 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:2.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 640F91AA)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End Of Log ============================

Gruß Hausmeister

schrauber · 17.11.2014, 09:07

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Haus meister · 19.11.2014, 23:47

Hallo Schrauber,

habe noch keinerlei Besserung festgestellt. Immer noch öffnen sich wild Tabs und erscheinen Popups unten rechts und links.

Hier die Logs:

ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=30bb4e74b01a534bbb065203af498dd4
# engine=21167
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-19 08:05:38
# local_time=2014-11-19 09:05:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 5949102 110608748 0 0
# scanned=210326
# found=87
# cleaned=0
# scan_time=5161
sh=C52C30CF64DEE98F964B9FF3502D389115E4DCAE ft=1 fh=aefa735fcc2a5aa9 vn="Variante von MSIL/AdvancedSystemProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=D6E64E17033E6D5B3A39274A908500EF10133805 ft=1 fh=66a249e1dfddf75c vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir"
sh=B7A60ACF9D832D3FADBE490145009BFF66B8EEF3 ft=1 fh=d92a79d448a51ccc vn="Win32/Systweak.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Communication.dll.vir"
sh=65300E119D5CD84D8619E0739FCCD11AD91746F0 ft=1 fh=0d4f51f4dd946221 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir"
sh=1C6EAEBDF66762FF9FF29EB6B282B18753F16F98 ft=1 fh=fb1fd2e408fbda99 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir"
sh=05BBF923EFFC0CEAC46F97D7A4338AE75A00C02D ft=1 fh=bf0cf04aa4aad68d vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.com.vir"
sh=05BBF923EFFC0CEAC46F97D7A4338AE75A00C02D ft=1 fh=bf0cf04aa4aad68d vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.exe.vir"
sh=05BBF923EFFC0CEAC46F97D7A4338AE75A00C02D ft=1 fh=bf0cf04aa4aad68d vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.pif.vir"
sh=05BBF923EFFC0CEAC46F97D7A4338AE75A00C02D ft=1 fh=bf0cf04aa4aad68d vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.scr.vir"
sh=05BBF923EFFC0CEAC46F97D7A4338AE75A00C02D ft=1 fh=bf0cf04aa4aad68d vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\firefox.com.vir"
sh=05BBF923EFFC0CEAC46F97D7A4338AE75A00C02D ft=1 fh=bf0cf04aa4aad68d vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.exe.vir"
sh=99DF98DFEF4B483889FA88162D20EE46340A5DBE ft=1 fh=e6e2c196b2ffcb6f vn="Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hauxstb.dll.vir"
sh=8751D16071C4E65C93D9F9631BD788BFD9C36644 ft=1 fh=c70610e421d5bbdf vn="Variante von Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll.vir"
sh=0FF3588ECB69D2B18C6FAEC012672CA2F60314F6 ft=1 fh=731190b7425307d6 vn="Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbprtct.dll.vir"
sh=0F78FE90AF015B0A511EDE007BD1791A341E891E ft=1 fh=d4fd6df3b7cf992d vn="Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe.vir"
sh=12FF3195BDACA5482034AAC3C3E132D5ADA421A9 ft=1 fh=982f80d197512813 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrstub.dll.vir"
sh=BAEFCB03679575349E01668C4F0938643BAAA022 ft=1 fh=45ba6b521529362d vn="Variante von Win32/Toolbar.MyWebSearch.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdatact.dll.vir"
sh=0C88EFCFA1C77D597111125A6C031CEB47B18BA7 ft=1 fh=b856def4c7346ea3 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdlghk.dll.vir"
sh=2CA2EA6CF1AD1FE87C25D4AB6B1C7729E48C6390 ft=1 fh=a34a8b9082c46c86 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hfeedmg.dll.vir"
sh=9D54BAF23397E5F1444BC6471052AD234B76FBD3 ft=1 fh=2ab58862c927227b vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhkstub.dll.vir"
sh=978867B422339E68971E56C49C66F14F2ACD745D ft=1 fh=dd289cd2c7a55037 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhttpct.dll.vir"
sh=DC971C75FFCE77CC952FB6660A2603E09D62D4D9 ft=1 fh=ac2f97e786bfc982 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hidle.dll.vir"
sh=92AC05FFF3AD68271062A3DCB87E12EE6B816DDB ft=1 fh=acec1e59f99ab2fd vn="Variante von Win32/Toolbar.MyWebSearch.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hieovr.dll.vir"
sh=AFCAAC5845D81A407C63733E4A7D007167F96BE8 ft=1 fh=02b0c8de8c8e9f1e vn="Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8himpipe.exe.vir"
sh=556C4FCA5D890F17B7B5040A601B42452A205E29 ft=1 fh=0f2a31b21601aeb5 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmedint.exe.vir"
sh=3EB4A6A25199E6339EC04F36189C71738DE63CE7 ft=1 fh=eafb3b5bfaf84345 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmlbtn.dll.vir"
sh=DFD07B722E317D1CDDAAB7D5B31BFAB57CC5E739 ft=1 fh=507b4871517a4ad4 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmsg.dll.vir"
sh=CBF93E0F6FF8AE054C18BDBE477CBFAF9F467CF9 ft=1 fh=f7d96c65ea0021a5 vn="Variante von Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hPlugin.dll.vir"
sh=77C8DC985373B1E5D9035ECB3A831C7DD1ABFD55 ft=1 fh=e1f880731de07609 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hradio.dll.vir"
sh=C5F26031D5E0C487BFF0D60AA44603135BF60395 ft=1 fh=a846ae5344ec78c3 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hregfft.dll.vir"
sh=A2F202F68FEF2A31E9FE3AE124A46B908349778C ft=1 fh=bf17c6b7704b10fd vn="Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hreghk.dll.vir"
sh=72E48F7F37E208A52AD975EAECAB29FC50223C27 ft=1 fh=958a563919bf5cc2 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hscript.dll.vir"
sh=857980A7B7AB77FF8E34A090CCD76B8BA628E7E4 ft=1 fh=6c9ac10ea3ee1cdd vn="Variante von Win32/Toolbar.MyWebSearch.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hskin.dll.vir"
sh=496310EE0816B49176E03226DB102FAE9AA452B4 ft=1 fh=ceffc168909c0690 vn="Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hsknlcr.dll.vir"
sh=F5946D49A70A64072739370E7BAD592FE4799EA1 ft=1 fh=5bc3efb780caf8fa vn="Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hskplay.exe.vir"
sh=8ACE75F6C2417666AD9D60837B72D78B394C3944 ft=1 fh=ae6d89138faf571c vn="Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrchMn.exe.vir"
sh=374E378A91209732B48C8416D1E9805E98FDCFA9 ft=1 fh=6da58ad1308c1c96 vn="Win64/Toolbar.MyWebSearch.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegratorStub64.dll.vir"
sh=6902D246F8FC2457C9AE369B094292DE6EB454BC ft=1 fh=b1be847bff3fcf8f vn="Variante von Win32/Toolbar.MyWebSearch.Z evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\CREXT.DLL.vir"
sh=FF9F058B12B6C4D9B6256304FA9078E391C7F32C ft=1 fh=6022d103b074fe9f vn="Variante von Win32/Toolbar.MyWebSearch.Z evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\CrExtP8h.exe.vir"
sh=244414D9D39E114E7989C3B35A5FF038508ECFC1 ft=1 fh=0cbd734d892ac7d4 vn="Variante von Win32/Toolbar.MyWebSearch.AI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\DPNMNGR.DLL.vir"
sh=6FF50369661027A1CD5F5E465F78C78913FF84CC ft=1 fh=c941e5f2ec9d2835 vn="Variante von Win32/Toolbar.MyWebSearch.AI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\EXEMANAGER.DLL.vir"
sh=2F938D8C9A5D3C9C239793346D43193BA1CBFCD6 ft=1 fh=929bde520a5aa0d2 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8EXTEX.DLL.vir"
sh=2E85C71E79C5B2A65D8CCDD5B21AFE559102062F ft=1 fh=68336e5d9907ad1c vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8TICKER.DLL.vir"
sh=E9636E72B4CDDA097B4045E3F89E5DB626E7A95F ft=0 fh=0000000000000000 vn="Win32/DealPly.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=7C92094B229FF4987F3B8D4370F383859BE445F6 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=A20741A3A8DD650875410A9F4C507232B53692B6 ft=1 fh=319a2a0a29d653d7 vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir"
sh=5C1C4011CE2CB47F45BACC2E6C7FECF73E5F09DE ft=1 fh=d861a4c832f6c374 vn="Win32/DealPly.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir"
sh=D511C85A94649134C7BA8ECFD7876125A4C2F832 ft=1 fh=bdced5e2a18ee905 vn="Variante von Win32/DealPly.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir"
sh=143416AAC4F6000C3A3235EB4EC955B4D0B6955E ft=1 fh=b68409d87b15670c vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateVer.exe.vir"
sh=774A5FE9B0CCB453431BA154CDC8D0672F25FE8E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\38532.crx.vir"
sh=DBD6FBE08CE9C6D9174CD59F4480FC22635A140E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\38532.xpi.vir"
sh=DCDAFDA3D713E40441BEB285780962150C143DB0 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\MUServer.apk.vir"
sh=CE87EDC0C5583B0B982AD7C423695AB0A58EFD85 ft=0 fh=0000000000000000 vn="Win32/DealPly.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0_0\background.html.vir"
sh=FD59597F5D90E9FDECAF0B4FDFD301EC432AE47E ft=1 fh=69d651faaecc84b3 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lapp\AppData\Local\Temp\OCS\ocs_v7d.exe.vir"
sh=BE3A5951F9D566E9C0B10B41781E42A3A8562B12 ft=1 fh=bfe637157b287a9d vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lapp\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir"
sh=143416AAC4F6000C3A3235EB4EC955B4D0B6955E ft=1 fh=b68409d87b15670c vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lapp\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir"
sh=87432076EAA485873318350893016ABE2CBC9AA2 ft=1 fh=a0530847025cd9ae vn="Variante von Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lapp\AppData\Roaming\digitalsite\UpdateProc\UpdateTask.exe.vir"
sh=5AF5234514E6EE5014C2E553E6514ABBEFCFC67E ft=1 fh=c71c0011fee7b097 vn="Variante von Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lapp\AppData\Roaming\file scout\filescout.exe.vir"
sh=61897FE467FE567D4E93C0E87AF1899DB5416CA2 ft=1 fh=2b4e98822df8a714 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir"
sh=D3E8A76A7AEFCDC93DE96C4E57F11A8C779285A8 ft=1 fh=e2ba24da88a42b8a vn="Win32/BrowseFox.V evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.bak"
sh=B018ADBCA951AC0EB0757AFFD7EAB8FC0228CA91 ft=1 fh=fda9a5748d3eb594 vn="Variante von Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Probit Software\Easy Speed PC\ESPCSmartScan.exe.vir"
sh=D3E8A76A7AEFCDC93DE96C4E57F11A8C779285A8 ft=1 fh=e2ba24da88a42b8a vn="Win32/BrowseFox.V evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\89c775be-12de-4e15-846c-6b3e6a8c39a2\maintainer.bak"
sh=6305D6EEBE59E18BF56C603ABA34EA83B49E5877 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen Virus" ac=I fn="C:\Users\Lapp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5RL6DXXF\show_ads[1].htm"
sh=FD6C1B5191EBA9B06CE4EDB27C39ECAB5488C0DF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Lapp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B59YWS3E\panqb90nk6[1].htm"
sh=3D22045D2D63E0E5E1D65FD2FE64F16C9248047E ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NFF Trojaner" ac=I fn="C:\Users\Lapp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C80OCQ1U\3tgbn7b53q[1].htm"
sh=09FF6BFEFDDF1EA0B61573DB8979A74B995465A3 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen Virus" ac=I fn="C:\Users\Lapp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F9OBPH0Z\adsCA3L6CTA.htm"
sh=F548D7AC14342E5A8127E6AEA7EC436918BF0D2F ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NFF Trojaner" ac=I fn="C:\Users\Lapp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YWNUL2WL\vxtxesn5u4[1].htm"
sh=9094F877DD0637355681A283C371520C95F8E4B9 ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NFF Trojaner" ac=I fn="C:\Users\Lapp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YWNUL2WL\z6p4p1oeht[1].htm"
sh=E6A142419E3B50B77FDF0950F7494AA1F7AE12FD ft=1 fh=c3434f11c1952453 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lapp\Downloads\ReimageRepair(1).exe"
sh=E6A142419E3B50B77FDF0950F7494AA1F7AE12FD ft=1 fh=c3434f11c1952453 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lapp\Downloads\ReimageRepair.exe"
sh=E6A142419E3B50B77FDF0950F7494AA1F7AE12FD ft=1 fh=c3434f11c1952453 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\Downloads\ReimageRepair(1).exe"
sh=E6A142419E3B50B77FDF0950F7494AA1F7AE12FD ft=1 fh=c3434f11c1952453 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\Downloads\ReimageRepair(2).exe"
sh=A812426EBF69A795E4A35AAC11934575F677F86D ft=1 fh=f93e0d9c8250019b vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\Downloads\ReimageRepair.exe"
sh=C0432B4C993A20388EDEE793E0FEC369AF1FD87F ft=1 fh=966ece101a06911f vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1]"
sh=C0432B4C993A20388EDEE793E0FEC369AF1FD87F ft=1 fh=966ece101a06911f vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1]"
sh=F27543608108499C5B2837FEE6E9AEDBAB92A3FF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\91[1].js"
sh=C0432B4C993A20388EDEE793E0FEC369AF1FD87F ft=1 fh=966ece101a06911f vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1]"
sh=C0432B4C993A20388EDEE793E0FEC369AF1FD87F ft=1 fh=966ece101a06911f vn="Win32/Wajam.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\wajam_update[1]"
sh=F27543608108499C5B2837FEE6E9AEDBAB92A3FF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\91[1].js"
sh=6F796D756C996EE39D8839933A2349B87B1E0D3C ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\LAPP-PC\Backup Set 2013-12-19 002450\Backup Files 2013-12-19 002450\Backup files 1.zip"
sh=FD68E722725FFCEA0FB0F42D5FC838CFED894A09 ft=0 fh=0000000000000000 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="D:\LAPP-PC\Backup Set 2014-04-30 220902\Backup Files 2014-04-30 220902\Backup files 1.zip"
sh=403D0DD674A41B1B0ADAEAAAAF657DE3F7DF4388 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallBrain.BH evtl. unerwünschte Anwendung" ac=I fn="D:\LAPP-PC\Backup Set 2014-04-30 220902\Backup Files 2014-04-30 220902\Backup files 2.zip"
sh=E36EB5FFEC6736B0409B9B784018033AE5A97400 ft=0 fh=0000000000000000 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="D:\LAPP-PC\Backup Set 2014-09-01 173535\Backup Files 2014-09-01 173535\Backup files 1.zip"
sh=A9E924872E8DC6CFAEE0B272E08F08F34B01F04E ft=0 fh=0000000000000000 vn="Variante von Win32/InstallBrain.BH evtl. unerwünschte Anwendung" ac=I fn="D:\LAPP-PC\Backup Set 2014-09-01 173535\Backup Files 2014-09-01 173535\Backup files 2.zip"
sh=F584C803B6A2B0E19880547BCB6DE732C268D588 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\LAPP-PC\Backup Set 2014-09-01 173535\Backup Files 2014-10-31 190001\Backup files 1.zip"
sh=50438635A2001E31FBD3157D57EAC5EA60A91EBE ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="D:\LAPP-PC\Backup Set 2014-09-01 173535\Backup Files 2014-10-31 190001\Backup files 3.zip"
sh=0056A6207F670C500458DDFB96A2DF4218BE9D71 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.PL evtl. unerwünschte Anwendung" ac=I fn="D:\LAPP-PC\Backup Set 2014-09-01 173535\Backup Files 2014-10-31 190001\Backup files 5.zip"

Security Check:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 15.0.0.223  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox (33.0.2) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Lapp (administrator) on LAPP-PC on 19-11-2014 21:23:03
Running from C:\Users\Lapp\Desktop\cleanen
Loaded Profile: Lapp (Available profiles: Lapp & Paul)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2741544 2011-04-08] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-07-23] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-07-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WN111v2 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKU\S-1-5-21-2147732465-1013433442-3662694159-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: copylinkurlbluelightdevcom - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\copylinkurl@bluelightdev.com [2014-11-15]

Chrome: 
=======
CHR Profile: C:\Users\Lapp\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2231616 2010-07-19] ()
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
U3 BcmSqlStartupSvc; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 cpuz134; \??\C:\Users\Lapp\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S1 lfputvzi; \??\C:\windows\system32\drivers\lfputvzi.sys [X]
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-19 21:09 - 2014-11-19 19:28 - 00854448 _____ () C:\Users\Lapp\Desktop\SecurityCheck.exe
2014-11-16 13:29 - 2014-11-16 13:29 - 00107517 _____ () C:\Users\Lapp\Desktop\JRT.txt
2014-11-16 13:25 - 2014-11-16 13:25 - 00000000 ____D () C:\windows\ERUNT
2014-11-16 12:35 - 2014-11-16 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-16 12:34 - 2014-11-16 12:34 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-16 12:34 - 2014-11-16 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-16 12:34 - 2014-11-16 12:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-16 12:34 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-16 12:34 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-16 12:34 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-15 17:02 - 2014-11-15 17:10 - 00023985 _____ () C:\ComboFix.txt
2014-11-15 16:43 - 2014-11-15 17:03 - 00000000 ____D () C:\Qoobox
2014-11-15 16:43 - 2014-11-15 17:00 - 00000000 ____D () C:\windows\erdnt
2014-11-15 16:43 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2014-11-15 16:43 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2014-11-15 16:43 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2014-11-15 16:43 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2014-11-15 16:40 - 2014-11-15 16:41 - 05598504 ____R (Swearware) C:\Users\Lapp\Desktop\ComboFix.exe
2014-11-15 16:32 - 2014-11-15 16:32 - 00001268 _____ () C:\Users\Lapp\Desktop\Revo Uninstaller.lnk
2014-11-15 16:32 - 2014-11-15 16:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-15 00:51 - 2014-11-15 00:51 - 00000000 ____D () C:\Users\Lapp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-11-14 23:30 - 2014-11-19 21:23 - 00000000 ____D () C:\FRST
2014-11-14 23:27 - 2014-11-14 23:27 - 00000000 _____ () C:\Users\Lapp\defogger_reenable
2014-11-14 23:15 - 2014-11-19 21:23 - 00000000 ____D () C:\Users\Lapp\Desktop\cleanen
2014-11-14 22:54 - 2014-11-14 22:54 - 00003142 _____ () C:\windows\System32\Tasks\{DFEE10EA-24B7-49A2-A080-0C4F5AC8DE75}
2014-11-14 22:22 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-14 22:22 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-14 22:22 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-14 22:22 - 2014-10-27 21:32 - 17870336 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-14 22:22 - 2014-10-27 21:13 - 02339840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-14 22:22 - 2014-10-27 21:12 - 10921472 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-14 22:22 - 2014-10-27 21:07 - 01388032 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-14 22:22 - 2014-10-27 21:06 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-14 22:22 - 2014-10-27 21:05 - 01494016 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-14 22:22 - 2014-10-27 21:05 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-11-14 22:22 - 2014-10-27 21:05 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 02157056 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-14 22:22 - 2014-10-27 21:04 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-14 22:22 - 2014-10-27 21:03 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-14 22:22 - 2014-10-27 21:03 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-11-14 22:22 - 2014-10-27 21:03 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-11-14 22:22 - 2014-10-27 21:03 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-11-14 22:22 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-14 22:22 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-14 22:22 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-14 22:22 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-14 22:22 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-14 22:22 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-14 22:22 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-11-14 22:22 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-14 22:22 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-14 22:22 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-14 22:22 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-11-14 22:22 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-11-14 22:22 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-11-14 22:22 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-14 22:22 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-14 22:22 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-14 22:22 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-14 22:22 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-14 22:22 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-14 22:22 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-14 22:22 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-14 22:22 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-14 22:22 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-14 22:22 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-14 22:22 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-14 22:22 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-14 22:22 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-14 22:22 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-14 22:22 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-14 22:21 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-14 22:21 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-14 22:21 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-14 22:21 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-14 22:21 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-14 22:21 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-14 22:21 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-14 22:21 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-14 22:21 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-14 22:21 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-14 22:21 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-14 22:21 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-14 22:21 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-14 22:21 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-14 22:10 - 2014-11-14 22:10 - 04918960 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-14 22:10 - 2014-11-14 22:10 - 00025701 _____ () C:\windows\system32\ScanResults.xml
2014-11-14 22:08 - 2014-11-14 22:08 - 00001408 _____ () C:\Users\Paul\Desktop\Registry kostenlos entrümpeln!.lnk
2014-11-14 22:01 - 2014-11-14 22:01 - 00000464 _____ () C:\windows\system32\ScannerSettings
2014-10-31 19:09 - 2014-11-16 12:12 - 00000000 ____D () C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2
2014-10-31 18:32 - 2014-10-31 18:32 - 00756712 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair(2).exe
2014-10-31 18:32 - 2014-10-31 18:32 - 00756712 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair(1).exe
2014-10-31 17:37 - 2014-10-31 17:38 - 00000267 _____ () C:\Users\Lapp\Desktop\Cut the Rope.url
2014-10-31 17:37 - 2014-10-31 17:37 - 01055936 _____ (Adobe) C:\Users\Lapp\Downloads\flashplayer_setup.exe
2014-10-29 16:28 - 2014-10-29 16:28 - 00752920 _____ (Reimage®) C:\Users\Paul\Downloads\ReimageRepair.exe
2014-10-29 16:09 - 2014-10-29 16:09 - 00756712 _____ (Reimage®) C:\Users\Lapp\Downloads\ReimageRepair.exe
2014-10-29 16:09 - 2014-10-29 16:09 - 00756712 _____ (Reimage®) C:\Users\Lapp\Downloads\ReimageRepair(1).exe
2014-10-27 19:18 - 2014-10-27 19:18 - 00000000 ____D () C:\Users\Paul\AppData\Local\com
2014-10-26 17:37 - 2014-10-26 17:37 - 00000000 ____D () C:\windows\SysWOW64\Flash
2014-10-26 17:34 - 2014-10-26 17:34 - 00000000 ____D () C:\Users\Lapp\AppData\Local\com
2014-10-24 23:38 - 2014-10-24 23:39 - 01054912 _____ (Adobe) C:\Users\Paul\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-19 21:10 - 2014-04-18 16:53 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-19 21:08 - 2011-07-23 02:44 - 01410712 _____ () C:\windows\WindowsUpdate.log
2014-11-19 19:36 - 2009-07-14 05:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-19 19:36 - 2009-07-14 05:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-19 19:27 - 2011-08-31 12:33 - 00003922 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{22EC8DB8-E9FB-4135-AF4A-B2C108DD28BE}
2014-11-19 19:22 - 2011-07-22 18:37 - 00713954 _____ () C:\windows\system32\perfh007.dat
2014-11-19 19:22 - 2011-07-22 18:37 - 00154006 _____ () C:\windows\system32\perfc007.dat
2014-11-19 19:22 - 2009-07-14 06:13 - 01647544 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-19 19:16 - 2011-08-09 19:03 - 03464794 _____ () C:\FaceProv.log
2014-11-19 19:16 - 2011-07-23 03:32 - 00537141 _____ () C:\windows\system32\fastboot.set
2014-11-19 19:15 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-19 19:15 - 2009-07-14 05:51 - 00115657 _____ () C:\windows\setupact.log
2014-11-16 13:22 - 2010-11-21 04:47 - 00123960 _____ () C:\windows\PFRO.log
2014-11-16 13:20 - 2014-04-17 20:01 - 00000000 ____D () C:\AdwCleaner
2014-11-16 13:20 - 2011-08-09 19:03 - 00000000 ____D () C:\Users\Lapp
2014-11-16 12:34 - 2013-11-22 23:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-15 16:54 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2014-11-15 16:10 - 2011-08-09 19:04 - 00112104 _____ () C:\Users\Lapp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-15 16:08 - 2009-07-14 05:45 - 00412736 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-15 16:06 - 2014-04-25 21:56 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-15 02:42 - 2011-08-10 20:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-15 02:37 - 2013-08-14 17:13 - 00000000 ____D () C:\windows\system32\MRT
2014-11-15 02:34 - 2011-08-10 21:33 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-15 00:30 - 2014-09-24 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-14 22:59 - 2014-04-18 15:35 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-14 22:59 - 2014-04-18 15:35 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-14 22:23 - 2014-04-18 15:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-14 22:11 - 2014-04-18 16:53 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-14 22:11 - 2014-04-18 16:52 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-14 22:11 - 2014-04-18 16:52 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 22:07 - 2009-07-14 03:34 - 00000580 _____ () C:\windows\win.ini
2014-10-31 18:38 - 2013-08-05 22:56 - 00000177 _____ () C:\Users\Lapp\AppData\Roaming\WB.CFG
2014-10-31 17:23 - 2014-07-31 22:29 - 00000000 ____D () C:\Users\Lapp\AppData\Local\Adobe
2014-10-31 17:23 - 2011-07-23 03:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-26 17:34 - 2011-07-23 03:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-26 17:33 - 2009-07-14 04:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-10-26 17:33 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-10-20 23:07 - 2014-04-30 21:08 - 00000000 ____D () C:\Users\Paul\AppData\Local\Windows Live

Some content of TEMP:
====================
C:\Users\Lapp\AppData\Local\Temp\Quarantine.exe
C:\Users\Lapp\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-14 23:59

==================== End Of Log ============================

--- --- ---

Gruß Hausmeister

schrauber · 20.11.2014, 18:56

Adobe updaten, Download Ordner leeren, Backup auf D löschen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Extension: copylinkurlbluelightdevcom - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\copylinkurl@bluelightdev.com [2014-11-15]
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Haus meister · 20.11.2014, 21:13

Hallo Schrauber,

alles durchgeführt.
Allerdings konnte ich Adobe nicht aktualisieren, da Reader und Flash Player auf dem aktuellsten Stand sind.

Nach der Neuinstallation von Firefox scheint nun auch Ruhe zu sein YEAH....

Hier nun der Inhalt der Fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014
Ran by Lapp at 2014-11-20 20:19:43 Run:1
Running from C:\Users\Lapp\Desktop\cleanen
Loaded Profile: Lapp (Available profiles: Lapp & Paul)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Extension: copylinkurlbluelightdevcom - C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\copylinkurl@bluelightdev.com [2014-11-15]
Emptytemp:
*****************

C:\ProgramData\89c775be-12de-4e15-846c-6b3e6a8c39a2 => Moved successfully.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\Lapp\AppData\Roaming\Mozilla\Firefox\Profiles\gwpsj8lv.default\Extensions\copylinkurl@bluelightdev.com => Moved successfully.
EmptyTemp: => Removed 3.5 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Gruß Hausmeister

schrauber · 21.11.2014, 17:25

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Win7 64bit: Firefox neue Tabs mit Werbung, Umleitung von Seitenaurufen, Popup Fenster

Log-Analyse und Auswertung: Win7 64bit: Firefox neue Tabs mit Werbung, Umleitung von Seitenaurufen, Popup Fenster